Jump to content

Need Advice, PC Infected With Trojan Vundo


Recommended Posts

Hello all, I need some advice. My PC is infected with what appears to be a Trojan called Vundo and I have not been able to remove it. Here's what I've tried so far:

McAfee Security Center Scan - Found nothing

Adware Professional - Found 3 instances of Trojan Vundo in the registry. Ran removal but they reappear when I rescan.

VundoFix - Found nothing

Microsoft Malware Removal Tool - Crashes and dissapears most of the time. When it does run all the way through it finds Vundo but states that it is unable to remove.

Malwarebytes Anti-Malware - Finds 7 infected objects but locks up and displays this error message: "Runtime Error '5', Invalid Procedure Call or Argument." This seems to ocurr at the same location during the scan (C:\Windows\System32\zipfldr.dll). The program quits after the error message so I am not able to provide a log file. My PC runs slow and is a little unstable but I was able to get a hijackThis log file. Any advice you can give me would be greatly appreciated. Thanks in advance for your help!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 6:13:01 PM, on 8/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\Explorer.EXE

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe

C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

C:\WINDOWS\stsystra.exe

C:\PROGRA~1\Yahoo!\browser\ycommon.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Adware Professional\Adware Professional.exe

C:\Program Files\Yahoo!\browser\ybrowser.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.net

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll

O2 - BHO: (no name) - {5bf894e9-285f-4b64-ae49-08d3b5b39c75} - C:\WINDOWS\system32\vefufise.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll (file missing)

O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide

O4 - HKLM\..\Run: [CPMc30faf3c] Rundll32.exe "c:\windows\system32\vorosuka.dll",a

O4 - HKLM\..\Run: [rameyarure] Rundll32.exe "C:\WINDOWS\system32\mozehete.dll",s

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet

O4 - HKCU\..\Run: [shell] "C:\WINDOWS\system32\Rundll32.exe" "C:\WINDOWS\system32\shell32.dll",Control_RunDLL "C:\DOCUME~1\Kevin\LOCALS~1\Temp\dat6D.tmp"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm078LUUS

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://att.net

O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase1140.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1249747962453

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab

O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://cvs.pnimedia.com/upload/activex/v2_...upv2.0.0.11.cab?

O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vorosuka.dll

O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vorosuka.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--

End of file - 13172 bytes

Link to post
Share on other sites

  • Staff

Hi,

Are you using latest version of MalwareBytes?

Please try the scan from Windows safe mode since your McAfee may interfere with Malwarebytes here.

Let it remove what it found and then reboot.

Post the log in your next reply together with a new HijackThislog.

Extra note.. I see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.


  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

Link to post
Share on other sites

HI,

I took your advice and removed the Viewpoint software. I also tried to run Malwarebytes in safe mode and got the same result, 7 infected files and a runtime error '5'. The version of malwarebytes I am using is 1.40. I just downloaded it a couple of days ago so I assume it's the latest version. Is there anything else I can try?

Thanks for your help!

Link to post
Share on other sites

  • Staff

Hi,

Well, one thing is for sure - This computer is already infected for ages (since I see a LOT of older malware present here) and I wonder if your McAfee is actually up to date, because I can't believe it didn't detect and delete any of this.

Anyway, * Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.

Extra note: The combofix tutorial recommends to disable your Antivirus, in your case McAfee. For McAfee, I rather recommend to temporary uninstall it, because Mcafee causes a lot of problems with Combofix after reboot, this because McAfee enables again after reboot. So please temporary uninstall McAfee first, then reboot and then scan with Combofix.

Link to post
Share on other sites

Mieke,

Here is the comboFix log. I removed Mcaffe Security Center before running it. This is the second time that I've run comboFix since my first post so there may be some things that don't make sense if you look at my first hijckthis log. I had to run ComboFix in safe mode since the spyware is still very active.

Also, I am still not able to run Malwarebytes. I tried it after running ComboFix. I am getting the same runtime '5" error after 7 infected files are found. Thanks for the help!

ComboFix 09-08-10.06 - Kevin 08/16/2009 14:54.2.2 - NTFSx86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.372 [GMT -4:00]

Running from: c:\temp\Combo-Fix1.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Application Data\11546564

c:\documents and settings\All Users\Application Data\11546564\11546564

c:\documents and settings\All Users\Application Data\11546564\11546564.exe

c:\documents and settings\All Users\Application Data\11546564\pc11546564ins

c:\windows\system32\bodizeya.dll

c:\windows\system32\fawuruvo.dll

c:\windows\system32\hidumule.dll

c:\windows\system32\jalezada.dll

c:\windows\system32\mivohilu.dll

c:\windows\system32\ropofotu.exe

.

((((((((((((((((((((((((( Files Created from 2009-07-16 to 2009-08-16 )))))))))))))))))))))))))))))))

.

2009-08-16 18:44 . 2009-08-16 18:44 -------- d-----w- c:\windows\LastGood

2009-08-13 00:06 . 2009-08-13 00:04 3124187 ----a-r- c:\temp\Combo-Fix1.exe

2009-08-13 00:05 . 2009-08-13 00:04 3124187 ----a-r- c:\temp\Combo-Fix.exe

2009-08-12 23:48 . 2009-08-12 23:52 -------- d-s---w- C:\Combo-Fix

2009-08-11 22:11 . 2009-08-11 22:11 -------- d-----w- c:\program files\Trend Micro

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\documents and settings\Kevin\Application Data\Malwarebytes

2009-08-10 21:23 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-10 21:23 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-09 20:16 . 2009-08-09 20:22 -------- d-----w- c:\program files\Windows Live Safety Center

2009-08-09 13:48 . 2009-08-09 13:48 174048 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\windows\system32\XPSViewer

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\program files\MSBuild

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\program files\Reference Assemblies

2009-08-09 13:44 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-08-09 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-08-09 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-08-09 13:44 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-08-09 13:44 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-08-09 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-08-09 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll

2009-08-09 13:44 . 2009-08-09 13:46 -------- d-----w- C:\ebae09d0825d365a1a945158

2009-08-09 03:18 . 2009-08-09 03:18 -------- d-sh--w- c:\documents and settings\Kevin\IECompatCache

2009-08-08 22:03 . 2009-08-08 22:13 -------- d-----w- c:\program files\Common Files\PC Tools

2009-08-08 15:23 . 2009-08-08 15:23 16 ----a-w- c:\windows\system32\drivers\runnin.sys

2009-08-08 15:22 . 2009-08-08 15:23 16 ----a-w- c:\windows\system32\drivers\log.ini.sys

2009-08-08 15:21 . 2009-08-08 15:21 16 ----a-w- c:\windows\system32\drivers\DA39A3EE5E6B4B0D3255BFEF956018.sys

2009-08-08 15:17 . 2009-08-08 15:17 16 ----a-w- c:\windows\system32\drivers\Microsoft.sys

2009-08-08 15:17 . 2009-08-08 15:17 16 ----a-w- c:\windows\system32\drivers\AssetCache.sys

2009-08-08 15:17 . 2009-08-08 15:17 16 ----a-w- c:\windows\system32\drivers\MYWEBS.sys

2009-08-08 15:12 . 2009-08-08 15:17 16 ----a-w- c:\windows\system32\drivers\.sys

2009-08-08 15:06 . 2009-08-08 15:28 78336 --sha-w- c:\windows\system32\swupdate.dll

2009-07-29 05:05 . 2009-07-03 17:09 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll

2009-07-29 05:05 . 2009-07-03 17:09 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-16 17:45 . 2005-07-21 23:14 -------- d-----w- c:\program files\Dl_cats

2009-08-16 17:37 . 2009-05-16 17:37 84992 --sha-w- c:\windows\system32\muhodogu.dll

2009-08-14 19:56 . 2009-05-14 19:56 83968 --sha-w- c:\windows\system32\butugagu.dll

2009-08-13 23:21 . 2005-07-19 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint

2009-08-13 23:01 . 2009-05-13 23:01 83968 --sha-w- c:\windows\system32\lagoguze.dll

2009-08-12 17:40 . 2009-05-12 17:39 50176 --sha-w- c:\windows\system32\rotawugo.dll

2009-08-12 17:40 . 2009-05-12 17:39 83968 --sha-w- c:\windows\system32\yepogofa.dll

2009-08-09 13:30 . 2005-07-22 00:53 79984 ----a-w- c:\documents and settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-08-08 22:20 . 2008-02-08 01:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-07-10 14:57 . 2008-02-07 01:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2009-07-10 14:05 . 2009-03-13 21:48 -------- d-----w- c:\program files\McAfee

2009-07-03 17:09 . 2004-08-10 10:00 915456 ----a-w- c:\windows\system32\wininet.dll

2009-06-24 01:47 . 2006-09-10 14:36 -------- d-----w- c:\documents and settings\Erin\Application Data\Yahoo!

2009-06-22 23:57 . 2006-08-22 02:40 -------- d-----w- c:\documents and settings\Sherry\Application Data\Apple Computer

2009-06-16 14:36 . 2004-08-10 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:36 . 2004-08-10 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-03 19:09 . 2004-08-10 10:00 1291264 ----a-w- c:\windows\system32\quartz.dll

2009-05-27 19:41 . 2005-07-22 15:10 79984 ----a-w- c:\documents and settings\Sherry\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-22 20:04 . 2006-11-02 23:28 1328 ----a-w- c:\documents and settings\Erin\Application Data\wklnhst.dat

2009-05-22 19:30 . 2006-11-02 23:24 79984 ----a-w- c:\documents and settings\Erin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2002-07-31 23:55 . 2007-03-26 01:57 321 --sh--w- c:\windows\WSYS049.SYS

2009-05-12 17:40 . 2009-05-12 17:40 50176 --sha-w- c:\windows\SYSTEM32\difebebu.dll

2009-05-12 17:40 . 2009-05-12 17:40 50176 --sha-w- c:\windows\SYSTEM32\sivotumo.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-08-13_00.35.49 )))))))))))))))))))))))))))))))))))))))))

.

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat

+ 2009-08-16 19:04 . 2009-08-16 19:04 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat

- 2009-08-13 00:29 . 2009-08-13 00:29 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat

+ 2009-08-16 19:04 . 2009-08-16 19:04 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat

- 2009-08-13 00:29 . 2009-08-13 00:29 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat

+ 2009-08-16 19:04 . 2009-08-16 19:04 241664 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT

- 2009-08-13 00:29 . 2009-08-13 00:29 241664 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT

+ 2009-08-16 19:04 . 2009-08-16 19:04 3993600 c:\windows\ERDNT\subs\Users\00000003\ntuser.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5bf894e9-285f-4b64-ae49-08d3b5b39c75}]

2009-05-12 17:40 50176 --sha-w- c:\windows\SYSTEM32\difebebu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\ypager.exe" [2005-08-15 3092480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-10 69632]

"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]

"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]

"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]

"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-11-11 290816]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-30 339968]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]

"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]

"rameyarure"="c:\windows\system32\sivotumo.dll" [2009-05-12 50176]

"CPMc30faf3c"="c:\windows\system32\muhodogu.dll" [2009-08-16 84992]

"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\STSYSTRA.EXE [2005-03-22 339968]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

$McRebootA5E6DEAA56$.lnk - c:\windows\SYSTEM32\cmd.exe [2004-8-10 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"=

S1 0106edc3.sys;0106edc3.sys;\??\c:\windows\System32\drivers\0106edc3.sys --> c:\windows\System32\drivers\0106edc3.sys [?]

S1 01a7b628.sys;01a7b628.sys;\??\c:\windows\System32\drivers\01a7b628.sys --> c:\windows\System32\drivers\01a7b628.sys [?]

S1 01ddf6a2.sys;01ddf6a2.sys;\??\c:\windows\System32\drivers\01ddf6a2.sys --> c:\windows\System32\drivers\01ddf6a2.sys [?]

S1 047db8fe.sys;047db8fe.sys;\??\c:\windows\System32\drivers\047db8fe.sys --> c:\windows\System32\drivers\047db8fe.sys [?]

S1 0505f9ca.sys;0505f9ca.sys;\??\c:\windows\System32\drivers\0505f9ca.sys --> c:\windows\System32\drivers\0505f9ca.sys [?]

S1 05e17a1e.sys;05e17a1e.sys;\??\c:\windows\System32\drivers\05e17a1e.sys --> c:\windows\System32\drivers\05e17a1e.sys [?]

S1 0677fb3c.sys;0677fb3c.sys;\??\c:\windows\System32\drivers\0677fb3c.sys --> c:\windows\System32\drivers\0677fb3c.sys [?]

S1 06e5f3a2.sys;06e5f3a2.sys;\??\c:\windows\System32\drivers\06e5f3a2.sys --> c:\windows\System32\drivers\06e5f3a2.sys [?]

S1 06fdbb7e.sys;06fdbb7e.sys;\??\c:\windows\System32\drivers\06fdbb7e.sys --> c:\windows\System32\drivers\06fdbb7e.sys [?]

S1 076dbbee.sys;076dbbee.sys;\??\c:\windows\System32\drivers\076dbbee.sys --> c:\windows\System32\drivers\076dbbee.sys [?]

S1 079183d7.sys;079183d7.sys;\??\c:\windows\System32\drivers\079183d7.sys --> c:\windows\System32\drivers\079183d7.sys [?]

S1 089fbd21.sys;089fbd21.sys;\??\c:\windows\System32\drivers\089fbd21.sys --> c:\windows\System32\drivers\089fbd21.sys [?]

S1 08e8f5a5.sys;08e8f5a5.sys;\??\c:\windows\System32\drivers\08e8f5a5.sys --> c:\windows\System32\drivers\08e8f5a5.sys [?]

S1 090cbd8d.sys;090cbd8d.sys;\??\c:\windows\System32\drivers\090cbd8d.sys --> c:\windows\System32\drivers\090cbd8d.sys [?]

S1 0918fddd.sys;0918fddd.sys;\??\c:\windows\System32\drivers\0918fddd.sys --> c:\windows\System32\drivers\0918fddd.sys [?]

S1 092c7d69.sys;092c7d69.sys;\??\c:\windows\System32\drivers\092c7d69.sys --> c:\windows\System32\drivers\092c7d69.sys [?]

S1 0a39f6f6.sys;0a39f6f6.sys;\??\c:\windows\System32\drivers\0a39f6f6.sys --> c:\windows\System32\drivers\0a39f6f6.sys [?]

S1 0adfffa4.sys;0adfffa4.sys;\??\c:\windows\System32\drivers\0adfffa4.sys --> c:\windows\System32\drivers\0adfffa4.sys [?]

S1 0b99f856.sys;0b99f856.sys;\??\c:\windows\System32\drivers\0b99f856.sys --> c:\windows\System32\drivers\0b99f856.sys [?]

S1 0c83c105.sys;0c83c105.sys;\??\c:\windows\System32\drivers\0c83c105.sys --> c:\windows\System32\drivers\0c83c105.sys [?]

S1 0c96c118.sys;0c96c118.sys;\??\c:\windows\System32\drivers\0c96c118.sys --> c:\windows\System32\drivers\0c96c118.sys [?]

S1 0ca4c125.sys;0ca4c125.sys;\??\c:\windows\System32\drivers\0ca4c125.sys --> c:\windows\System32\drivers\0ca4c125.sys [?]

S1 0ddcc25d.sys;0ddcc25d.sys;\??\c:\windows\System32\drivers\0ddcc25d.sys --> c:\windows\System32\drivers\0ddcc25d.sys [?]

S1 0e51c2d3.sys;0e51c2d3.sys;\??\c:\windows\System32\drivers\0e51c2d3.sys --> c:\windows\System32\drivers\0e51c2d3.sys [?]

S1 0e92c313.sys;0e92c313.sys;\??\c:\windows\System32\drivers\0e92c313.sys --> c:\windows\System32\drivers\0e92c313.sys [?]

S1 0e9d0363.sys;0e9d0363.sys;\??\c:\windows\System32\drivers\0e9d0363.sys --> c:\windows\System32\drivers\0e9d0363.sys [?]

S1 0ee603ac.sys;0ee603ac.sys;\??\c:\windows\System32\drivers\0ee603ac.sys --> c:\windows\System32\drivers\0ee603ac.sys [?]

S1 0f8bc40c.sys;0f8bc40c.sys;\??\c:\windows\System32\drivers\0f8bc40c.sys --> c:\windows\System32\drivers\0f8bc40c.sys [?]

S1 107fc500.sys;107fc500.sys;\??\c:\windows\System32\drivers\107fc500.sys --> c:\windows\System32\drivers\107fc500.sys [?]

S1 10e905af.sys;10e905af.sys;\??\c:\windows\System32\drivers\10e905af.sys --> c:\windows\System32\drivers\10e905af.sys [?]

S1 1135fdf1.sys;1135fdf1.sys;\??\c:\windows\System32\drivers\1135fdf1.sys --> c:\windows\System32\drivers\1135fdf1.sys [?]

S1 11400606.sys;11400606.sys;\??\c:\windows\System32\drivers\11400606.sys --> c:\windows\System32\drivers\11400606.sys [?]

S1 1162c5e3.sys;1162c5e3.sys;\??\c:\windows\System32\drivers\1162c5e3.sys --> c:\windows\System32\drivers\1162c5e3.sys [?]

S1 11ae0674.sys;11ae0674.sys;\??\c:\windows\System32\drivers\11ae0674.sys --> c:\windows\System32\drivers\11ae0674.sys [?]

S1 11b9067f.sys;11b9067f.sys;\??\c:\windows\System32\drivers\11b9067f.sys --> c:\windows\System32\drivers\11b9067f.sys [?]

S1 1259ff16.sys;1259ff16.sys;\??\c:\windows\System32\drivers\1259ff16.sys --> c:\windows\System32\drivers\1259ff16.sys [?]

S1 12be8f04.sys;12be8f04.sys;\??\c:\windows\System32\drivers\12be8f04.sys --> c:\windows\System32\drivers\12be8f04.sys [?]

S1 12d0c751.sys;12d0c751.sys;\??\c:\windows\System32\drivers\12d0c751.sys --> c:\windows\System32\drivers\12d0c751.sys [?]

S1 12e5c766.sys;12e5c766.sys;\??\c:\windows\System32\drivers\12e5c766.sys --> c:\windows\System32\drivers\12e5c766.sys [?]

S1 1307c788.sys;1307c788.sys;\??\c:\windows\System32\drivers\1307c788.sys --> c:\windows\System32\drivers\1307c788.sys [?]

S1 1381c802.sys;1381c802.sys;\??\c:\windows\System32\drivers\1381c802.sys --> c:\windows\System32\drivers\1381c802.sys [?]

S1 13af8ff5.sys;13af8ff5.sys;\??\c:\windows\System32\drivers\13af8ff5.sys --> c:\windows\System32\drivers\13af8ff5.sys [?]

S1 13dd009b.sys;13dd009b.sys;\??\c:\windows\System32\drivers\13dd009b.sys --> c:\windows\System32\drivers\13dd009b.sys [?]

S1 147e013b.sys;147e013b.sys;\??\c:\windows\System32\drivers\147e013b.sys --> c:\windows\System32\drivers\147e013b.sys [?]

S1 14da8917.sys;14da8917.sys;\??\c:\windows\System32\drivers\14da8917.sys --> c:\windows\System32\drivers\14da8917.sys [?]

S1 153109f7.sys;153109f7.sys;\??\c:\windows\System32\drivers\153109f7.sys --> c:\windows\System32\drivers\153109f7.sys [?]

S1 15bb0a81.sys;15bb0a81.sys;\??\c:\windows\System32\drivers\15bb0a81.sys --> c:\windows\System32\drivers\15bb0a81.sys [?]

S1 15deca5f.sys;15deca5f.sys;\??\c:\windows\System32\drivers\15deca5f.sys --> c:\windows\System32\drivers\15deca5f.sys [?]

S1 15e0029d.sys;15e0029d.sys;\??\c:\windows\System32\drivers\15e0029d.sys --> c:\windows\System32\drivers\15e0029d.sys [?]

S1 16600b26.sys;16600b26.sys;\??\c:\windows\System32\drivers\16600b26.sys --> c:\windows\System32\drivers\16600b26.sys [?]

S1 166e0b34.sys;166e0b34.sys;\??\c:\windows\System32\drivers\166e0b34.sys --> c:\windows\System32\drivers\166e0b34.sys [?]

S1 168192c7.sys;168192c7.sys;\??\c:\windows\System32\drivers\168192c7.sys --> c:\windows\System32\drivers\168192c7.sys [?]

S1 17130bd9.sys;17130bd9.sys;\??\c:\windows\System32\drivers\17130bd9.sys --> c:\windows\System32\drivers\17130bd9.sys [?]

S1 18cb0d91.sys;18cb0d91.sys;\??\c:\windows\System32\drivers\18cb0d91.sys --> c:\windows\System32\drivers\18cb0d91.sys [?]

S1 18cc058a.sys;18cc058a.sys;\??\c:\windows\System32\drivers\18cc058a.sys --> c:\windows\System32\drivers\18cc058a.sys [?]

S1 18e505a3.sys;18e505a3.sys;\??\c:\windows\System32\drivers\18e505a3.sys --> c:\windows\System32\drivers\18e505a3.sys [?]

S1 18e5cd66.sys;18e5cd66.sys;\??\c:\windows\System32\drivers\18e5cd66.sys --> c:\windows\System32\drivers\18e5cd66.sys [?]

S1 1924cda5.sys;1924cda5.sys;\??\c:\windows\System32\drivers\1924cda5.sys --> c:\windows\System32\drivers\1924cda5.sys [?]

S1 19310df8.sys;19310df8.sys;\??\c:\windows\System32\drivers\19310df8.sys --> c:\windows\System32\drivers\19310df8.sys [?]

S1 198d0e53.sys;198d0e53.sys;\??\c:\windows\System32\drivers\198d0e53.sys --> c:\windows\System32\drivers\198d0e53.sys [?]

S1 1adacf5c.sys;1adacf5c.sys;\??\c:\windows\System32\drivers\1adacf5c.sys --> c:\windows\System32\drivers\1adacf5c.sys [?]

S1 1b3acfbb.sys;1b3acfbb.sys;\??\c:\windows\System32\drivers\1b3acfbb.sys --> c:\windows\System32\drivers\1b3acfbb.sys [?]

S1 1bd2d053.sys;1bd2d053.sys;\??\c:\windows\System32\drivers\1bd2d053.sys --> c:\windows\System32\drivers\1bd2d053.sys [?]

S1 1c05d086.sys;1c05d086.sys;\??\c:\windows\System32\drivers\1c05d086.sys --> c:\windows\System32\drivers\1c05d086.sys [?]

S1 1c3208f0.sys;1c3208f0.sys;\??\c:\windows\System32\drivers\1c3208f0.sys --> c:\windows\System32\drivers\1c3208f0.sys [?]

S1 1c8cd10d.sys;1c8cd10d.sys;\??\c:\windows\System32\drivers\1c8cd10d.sys --> c:\windows\System32\drivers\1c8cd10d.sys [?]

S1 1c9c98e2.sys;1c9c98e2.sys;\??\c:\windows\System32\drivers\1c9c98e2.sys --> c:\windows\System32\drivers\1c9c98e2.sys [?]

S1 1cf011b6.sys;1cf011b6.sys;\??\c:\windows\System32\drivers\1cf011b6.sys --> c:\windows\System32\drivers\1cf011b6.sys [?]

S1 1d24d1a5.sys;1d24d1a5.sys;\??\c:\windows\System32\drivers\1d24d1a5.sys --> c:\windows\System32\drivers\1d24d1a5.sys [?]

S1 1d56121c.sys;1d56121c.sys;\??\c:\windows\System32\drivers\1d56121c.sys --> c:\windows\System32\drivers\1d56121c.sys [?]

S1 1dc7128d.sys;1dc7128d.sys;\??\c:\windows\System32\drivers\1dc7128d.sys --> c:\windows\System32\drivers\1dc7128d.sys [?]

S1 1e3412fa.sys;1e3412fa.sys;\??\c:\windows\System32\drivers\1e3412fa.sys --> c:\windows\System32\drivers\1e3412fa.sys [?]

S1 1f04d385.sys;1f04d385.sys;\??\c:\windows\System32\drivers\1f04d385.sys --> c:\windows\System32\drivers\1f04d385.sys [?]

S1 1f959bdb.sys;1f959bdb.sys;\??\c:\windows\System32\drivers\1f959bdb.sys --> c:\windows\System32\drivers\1f959bdb.sys [?]

S1 1fcad44b.sys;1fcad44b.sys;\??\c:\windows\System32\drivers\1fcad44b.sys --> c:\windows\System32\drivers\1fcad44b.sys [?]

S1 21060dc4.sys;21060dc4.sys;\??\c:\windows\System32\drivers\21060dc4.sys --> c:\windows\System32\drivers\21060dc4.sys [?]

S1 22130ed1.sys;22130ed1.sys;\??\c:\windows\System32\drivers\22130ed1.sys --> c:\windows\System32\drivers\22130ed1.sys [?]

S1 224a0f08.sys;224a0f08.sys;\??\c:\windows\System32\drivers\224a0f08.sys --> c:\windows\System32\drivers\224a0f08.sys [?]

S1 256fd9f0.sys;256fd9f0.sys;\??\c:\windows\System32\drivers\256fd9f0.sys --> c:\windows\System32\drivers\256fd9f0.sys [?]

S1 2667dae9.sys;2667dae9.sys;\??\c:\windows\System32\drivers\2667dae9.sys --> c:\windows\System32\drivers\2667dae9.sys [?]

S1 27b41471.sys;27b41471.sys;\??\c:\windows\System32\drivers\27b41471.sys --> c:\windows\System32\drivers\27b41471.sys [?]

S1 27c6dc48.sys;27c6dc48.sys;\??\c:\windows\System32\drivers\27c6dc48.sys --> c:\windows\System32\drivers\27c6dc48.sys [?]

S1 27d6dc58.sys;27d6dc58.sys;\??\c:\windows\System32\drivers\27d6dc58.sys --> c:\windows\System32\drivers\27d6dc58.sys [?]

S1 289bdd1c.sys;289bdd1c.sys;\??\c:\windows\System32\drivers\289bdd1c.sys --> c:\windows\System32\drivers\289bdd1c.sys [?]

S1 290edd8f.sys;290edd8f.sys;\??\c:\windows\System32\drivers\290edd8f.sys --> c:\windows\System32\drivers\290edd8f.sys [?]

S1 2958ddd9.sys;2958ddd9.sys;\??\c:\windows\System32\drivers\2958ddd9.sys --> c:\windows\System32\drivers\2958ddd9.sys [?]

S1 296f162c.sys;296f162c.sys;\??\c:\windows\System32\drivers\296f162c.sys --> c:\windows\System32\drivers\296f162c.sys [?]

S1 2a6ca6b1.sys;2a6ca6b1.sys;\??\c:\windows\System32\drivers\2a6ca6b1.sys --> c:\windows\System32\drivers\2a6ca6b1.sys [?]

S1 2c19a85f.sys;2c19a85f.sys;\??\c:\windows\System32\drivers\2c19a85f.sys --> c:\windows\System32\drivers\2c19a85f.sys [?]

S1 2c3720fd.sys;2c3720fd.sys;\??\c:\windows\System32\drivers\2c3720fd.sys --> c:\windows\System32\drivers\2c3720fd.sys [?]

S1 2d622228.sys;2d622228.sys;\??\c:\windows\System32\drivers\2d622228.sys --> c:\windows\System32\drivers\2d622228.sys [?]

S1 2d68e1e9.sys;2d68e1e9.sys;\??\c:\windows\System32\drivers\2d68e1e9.sys --> c:\windows\System32\drivers\2d68e1e9.sys [?]

S1 2d8fe210.sys;2d8fe210.sys;\??\c:\windows\System32\drivers\2d8fe210.sys --> c:\windows\System32\drivers\2d8fe210.sys [?]

S1 2e902356.sys;2e902356.sys;\??\c:\windows\System32\drivers\2e902356.sys --> c:\windows\System32\drivers\2e902356.sys [?]

S1 2f21a35e.sys;2f21a35e.sys;\??\c:\windows\System32\drivers\2f21a35e.sys --> c:\windows\System32\drivers\2f21a35e.sys [?]

S1 2fc0a3fd.sys;2fc0a3fd.sys;\??\c:\windows\System32\drivers\2fc0a3fd.sys --> c:\windows\System32\drivers\2fc0a3fd.sys [?]

S1 30ade52e.sys;30ade52e.sys;\??\c:\windows\System32\drivers\30ade52e.sys --> c:\windows\System32\drivers\30ade52e.sys [?]

S1 31136d15.sys;31136d15.sys;\??\c:\windows\System32\drivers\31136d15.sys --> c:\windows\System32\drivers\31136d15.sys [?]

S1 312525eb.sys;312525eb.sys;\??\c:\windows\System32\drivers\312525eb.sys --> c:\windows\System32\drivers\312525eb.sys [?]

S1 317b1e39.sys;317b1e39.sys;\??\c:\windows\System32\drivers\317b1e39.sys --> c:\windows\System32\drivers\317b1e39.sys [?]

S1 31b1e633.sys;31b1e633.sys;\??\c:\windows\System32\drivers\31b1e633.sys --> c:\windows\System32\drivers\31b1e633.sys [?]

S1 32261ee3.sys;32261ee3.sys;\??\c:\windows\System32\drivers\32261ee3.sys --> c:\windows\System32\drivers\32261ee3.sys [?]

S1 32826e84.sys;32826e84.sys;\??\c:\windows\System32\drivers\32826e84.sys --> c:\windows\System32\drivers\32826e84.sys [?]

S1 3285e706.sys;3285e706.sys;\??\c:\windows\System32\drivers\3285e706.sys --> c:\windows\System32\drivers\3285e706.sys [?]

S1 33081fc5.sys;33081fc5.sys;\??\c:\windows\System32\drivers\33081fc5.sys --> c:\windows\System32\drivers\33081fc5.sys [?]

S1 3316e797.sys;3316e797.sys;\??\c:\windows\System32\drivers\3316e797.sys --> c:\windows\System32\drivers\3316e797.sys [?]

S1 33862044.sys;33862044.sys;\??\c:\windows\System32\drivers\33862044.sys --> c:\windows\System32\drivers\33862044.sys [?]

S1 341ce89d.sys;341ce89d.sys;\??\c:\windows\System32\drivers\341ce89d.sys --> c:\windows\System32\drivers\341ce89d.sys [?]

S1 343be8bc.sys;343be8bc.sys;\??\c:\windows\System32\drivers\343be8bc.sys --> c:\windows\System32\drivers\343be8bc.sys [?]

S1 34d22998.sys;34d22998.sys;\??\c:\windows\System32\drivers\34d22998.sys --> c:\windows\System32\drivers\34d22998.sys [?]

S1 36472305.sys;36472305.sys;\??\c:\windows\System32\drivers\36472305.sys --> c:\windows\System32\drivers\36472305.sys [?]

S1 368a2b50.sys;368a2b50.sys;\??\c:\windows\System32\drivers\368a2b50.sys --> c:\windows\System32\drivers\368a2b50.sys [?]

S1 37d8ec59.sys;37d8ec59.sys;\??\c:\windows\System32\drivers\37d8ec59.sys --> c:\windows\System32\drivers\37d8ec59.sys [?]

S1 381feca1.sys;381feca1.sys;\??\c:\windows\System32\drivers\381feca1.sys --> c:\windows\System32\drivers\381feca1.sys [?]

S1 392cedad.sys;392cedad.sys;\??\c:\windows\System32\drivers\392cedad.sys --> c:\windows\System32\drivers\392cedad.sys [?]

S1 3a217623.sys;3a217623.sys;\??\c:\windows\System32\drivers\3a217623.sys --> c:\windows\System32\drivers\3a217623.sys [?]

S1 3a8d2f53.sys;3a8d2f53.sys;\??\c:\windows\System32\drivers\3a8d2f53.sys --> c:\windows\System32\drivers\3a8d2f53.sys [?]

S1 3abcef3d.sys;3abcef3d.sys;\??\c:\windows\System32\drivers\3abcef3d.sys --> c:\windows\System32\drivers\3abcef3d.sys [?]

S1 3ae5b72b.sys;3ae5b72b.sys;\??\c:\windows\System32\drivers\3ae5b72b.sys --> c:\windows\System32\drivers\3ae5b72b.sys [?]

S1 3ba9f02a.sys;3ba9f02a.sys;\??\c:\windows\System32\drivers\3ba9f02a.sys --> c:\windows\System32\drivers\3ba9f02a.sys [?]

S1 3c54311a.sys;3c54311a.sys;\??\c:\windows\System32\drivers\3c54311a.sys --> c:\windows\System32\drivers\3c54311a.sys [?]

S1 3cc0f141.sys;3cc0f141.sys;\??\c:\windows\System32\drivers\3cc0f141.sys --> c:\windows\System32\drivers\3cc0f141.sys [?]

S1 3d3ef1c0.sys;3d3ef1c0.sys;\??\c:\windows\System32\drivers\3d3ef1c0.sys --> c:\windows\System32\drivers\3d3ef1c0.sys [?]

S1 3d43b181.sys;3d43b181.sys;\??\c:\windows\System32\drivers\3d43b181.sys --> c:\windows\System32\drivers\3d43b181.sys [?]

S1 3e03f284.sys;3e03f284.sys;\??\c:\windows\System32\drivers\3e03f284.sys --> c:\windows\System32\drivers\3e03f284.sys [?]

S1 3e22f2a3.sys;3e22f2a3.sys;\??\c:\windows\System32\drivers\3e22f2a3.sys --> c:\windows\System32\drivers\3e22f2a3.sys [?]

S1 3e85f306.sys;3e85f306.sys;\??\c:\windows\System32\drivers\3e85f306.sys --> c:\windows\System32\drivers\3e85f306.sys [?]

S1 3f2ff3b0.sys;3f2ff3b0.sys;\??\c:\windows\System32\drivers\3f2ff3b0.sys --> c:\windows\System32\drivers\3f2ff3b0.sys [?]

S1 3fac3472.sys;3fac3472.sys;\??\c:\windows\System32\drivers\3fac3472.sys --> c:\windows\System32\drivers\3fac3472.sys [?]

S1 3feaf46b.sys;3feaf46b.sys;\??\c:\windows\System32\drivers\3feaf46b.sys --> c:\windows\System32\drivers\3feaf46b.sys [?]

S1 3ff834be.sys;3ff834be.sys;\??\c:\windows\System32\drivers\3ff834be.sys --> c:\windows\System32\drivers\3ff834be.sys [?]

S1 4147f5c8.sys;4147f5c8.sys;\??\c:\windows\System32\drivers\4147f5c8.sys --> c:\windows\System32\drivers\4147f5c8.sys [?]

S1 420e36d4.sys;420e36d4.sys;\??\c:\windows\System32\drivers\420e36d4.sys --> c:\windows\System32\drivers\420e36d4.sys [?]

S1 42172ed5.sys;42172ed5.sys;\??\c:\windows\System32\drivers\42172ed5.sys --> c:\windows\System32\drivers\42172ed5.sys [?]

S1 43b9387f.sys;43b9387f.sys;\??\c:\windows\System32\drivers\43b9387f.sys --> c:\windows\System32\drivers\43b9387f.sys [?]

S1 43c7388d.sys;43c7388d.sys;\??\c:\windows\System32\drivers\43c7388d.sys --> c:\windows\System32\drivers\43c7388d.sys [?]

S1 4408800a.sys;4408800a.sys;\??\c:\windows\System32\drivers\4408800a.sys --> c:\windows\System32\drivers\4408800a.sys [?]

S1 4464f8e5.sys;4464f8e5.sys;\??\c:\windows\System32\drivers\4464f8e5.sys --> c:\windows\System32\drivers\4464f8e5.sys [?]

S1 458dfa0e.sys;458dfa0e.sys;\??\c:\windows\System32\drivers\458dfa0e.sys --> c:\windows\System32\drivers\458dfa0e.sys [?]

S1 463632f4.sys;463632f4.sys;\??\c:\windows\System32\drivers\463632f4.sys --> c:\windows\System32\drivers\463632f4.sys [?]

S1 467c827e.sys;467c827e.sys;\??\c:\windows\System32\drivers\467c827e.sys --> c:\windows\System32\drivers\467c827e.sys [?]

S1 46c53383.sys;46c53383.sys;\??\c:\windows\System32\drivers\46c53383.sys --> c:\windows\System32\drivers\46c53383.sys [?]

S1 46e5fb66.sys;46e5fb66.sys;\??\c:\windows\System32\drivers\46e5fb66.sys --> c:\windows\System32\drivers\46e5fb66.sys [?]

S1 47a3fc25.sys;47a3fc25.sys;\??\c:\windows\System32\drivers\47a3fc25.sys --> c:\windows\System32\drivers\47a3fc25.sys [?]

S1 482d3cf3.sys;482d3cf3.sys;\??\c:\windows\System32\drivers\482d3cf3.sys --> c:\windows\System32\drivers\482d3cf3.sys [?]

S1 4874fcf5.sys;4874fcf5.sys;\??\c:\windows\System32\drivers\4874fcf5.sys --> c:\windows\System32\drivers\4874fcf5.sys [?]

S1 48b5fd36.sys;48b5fd36.sys;\??\c:\windows\System32\drivers\48b5fd36.sys --> c:\windows\System32\drivers\48b5fd36.sys [?]

S1 48f33db9.sys;48f33db9.sys;\??\c:\windows\System32\drivers\48f33db9.sys --> c:\windows\System32\drivers\48f33db9.sys [?]

S1 4b3b4001.sys;4b3b4001.sys;\??\c:\windows\System32\drivers\4b3b4001.sys --> c:\windows\System32\drivers\4b3b4001.sys [?]

S1 4c2a38e7.sys;4c2a38e7.sys;\??\c:\windows\System32\drivers\4c2a38e7.sys --> c:\windows\System32\drivers\4c2a38e7.sys [?]

S1 4d140197.sys;4d140197.sys;\??\c:\windows\System32\drivers\4d140197.sys --> c:\windows\System32\drivers\4d140197.sys [?]

S1 4d8b4251.sys;4d8b4251.sys;\??\c:\windows\System32\drivers\4d8b4251.sys --> c:\windows\System32\drivers\4d8b4251.sys [?]

S1 4da43a62.sys;4da43a62.sys;\??\c:\windows\System32\drivers\4da43a62.sys --> c:\windows\System32\drivers\4da43a62.sys [?]

S1 4df20274.sys;4df20274.sys;\??\c:\windows\System32\drivers\4df20274.sys --> c:\windows\System32\drivers\4df20274.sys [?]

S1 4f2203a4.sys;4f2203a4.sys;\??\c:\windows\System32\drivers\4f2203a4.sys --> c:\windows\System32\drivers\4f2203a4.sys [?]

S1 50588c5a.sys;50588c5a.sys;\??\c:\windows\System32\drivers\50588c5a.sys --> c:\windows\System32\drivers\50588c5a.sys [?]

S1 513705b9.sys;513705b9.sys;\??\c:\windows\System32\drivers\513705b9.sys --> c:\windows\System32\drivers\513705b9.sys [?]

S1 525a4720.sys;525a4720.sys;\??\c:\windows\System32\drivers\525a4720.sys --> c:\windows\System32\drivers\525a4720.sys [?]

S1 530f3fcd.sys;530f3fcd.sys;\??\c:\windows\System32\drivers\530f3fcd.sys --> c:\windows\System32\drivers\530f3fcd.sys [?]

S1 542a40e8.sys;542a40e8.sys;\??\c:\windows\System32\drivers\542a40e8.sys --> c:\windows\System32\drivers\542a40e8.sys [?]

S1 542b08ad.sys;542b08ad.sys;\??\c:\windows\System32\drivers\542b08ad.sys --> c:\windows\System32\drivers\542b08ad.sys [?]

S1 54d60958.sys;54d60958.sys;\??\c:\windows\System32\drivers\54d60958.sys --> c:\windows\System32\drivers\54d60958.sys [?]

S1 56620ae4.sys;56620ae4.sys;\??\c:\windows\System32\drivers\56620ae4.sys --> c:\windows\System32\drivers\56620ae4.sys [?]

S1 568b0b0d.sys;568b0b0d.sys;\??\c:\windows\System32\drivers\568b0b0d.sys --> c:\windows\System32\drivers\568b0b0d.sys [?]

S1 56fe43bb.sys;56fe43bb.sys;\??\c:\windows\System32\drivers\56fe43bb.sys --> c:\windows\System32\drivers\56fe43bb.sys [?]

S1 578a0c0c.sys;578a0c0c.sys;\??\c:\windows\System32\drivers\578a0c0c.sys --> c:\windows\System32\drivers\578a0c0c.sys [?]

S1 57b90c3b.sys;57b90c3b.sys;\??\c:\windows\System32\drivers\57b90c3b.sys --> c:\windows\System32\drivers\57b90c3b.sys [?]

S1 58484d0e.sys;58484d0e.sys;\??\c:\windows\System32\drivers\58484d0e.sys --> c:\windows\System32\drivers\58484d0e.sys [?]

S1 588b4548.sys;588b4548.sys;\??\c:\windows\System32\drivers\588b4548.sys --> c:\windows\System32\drivers\588b4548.sys [?]

S1 58d74d9d.sys;58d74d9d.sys;\??\c:\windows\System32\drivers\58d74d9d.sys --> c:\windows\System32\drivers\58d74d9d.sys [?]

S1 596fd5b5.sys;596fd5b5.sys;\??\c:\windows\System32\drivers\596fd5b5.sys --> c:\windows\System32\drivers\596fd5b5.sys [?]

S1 5a780efa.sys;5a780efa.sys;\??\c:\windows\System32\drivers\5a780efa.sys --> c:\windows\System32\drivers\5a780efa.sys [?]

S1 5a9fcedc.sys;5a9fcedc.sys;\??\c:\windows\System32\drivers\5a9fcedc.sys --> c:\windows\System32\drivers\5a9fcedc.sys [?]

S1 5bf748b5.sys;5bf748b5.sys;\??\c:\windows\System32\drivers\5bf748b5.sys --> c:\windows\System32\drivers\5bf748b5.sys [?]

S1 5c4f490d.sys;5c4f490d.sys;\??\c:\windows\System32\drivers\5c4f490d.sys --> c:\windows\System32\drivers\5c4f490d.sys [?]

S1 5caa5170.sys;5caa5170.sys;\??\c:\windows\System32\drivers\5caa5170.sys --> c:\windows\System32\drivers\5caa5170.sys [?]

S1 5ce01163.sys;5ce01163.sys;\??\c:\windows\System32\drivers\5ce01163.sys --> c:\windows\System32\drivers\5ce01163.sys [?]

S1 5d57521d.sys;5d57521d.sys;\??\c:\windows\System32\drivers\5d57521d.sys --> c:\windows\System32\drivers\5d57521d.sys [?]

S1 5de7d224.sys;5de7d224.sys;\??\c:\windows\System32\drivers\5de7d224.sys --> c:\windows\System32\drivers\5de7d224.sys [?]

S1 5e111293.sys;5e111293.sys;\??\c:\windows\System32\drivers\5e111293.sys --> c:\windows\System32\drivers\5e111293.sys [?]

S1 5e6c12ee.sys;5e6c12ee.sys;\??\c:\windows\System32\drivers\5e6c12ee.sys --> c:\windows\System32\drivers\5e6c12ee.sys [?]

S1 5e95dadb.sys;5e95dadb.sys;\??\c:\windows\System32\drivers\5e95dadb.sys --> c:\windows\System32\drivers\5e95dadb.sys [?]

S1 5eeb4ba8.sys;5eeb4ba8.sys;\??\c:\windows\System32\drivers\5eeb4ba8.sys --> c:\windows\System32\drivers\5eeb4ba8.sys [?]

S1 5f1153d7.sys;5f1153d7.sys;\??\c:\windows\System32\drivers\5f1153d7.sys --> c:\windows\System32\drivers\5f1153d7.sys [?]

S1 5f3113b3.sys;5f3113b3.sys;\??\c:\windows\System32\drivers\5f3113b3.sys --> c:\windows\System32\drivers\5f3113b3.sys [?]

S1 5fb34c71.sys;5fb34c71.sys;\??\c:\windows\System32\drivers\5fb34c71.sys --> c:\windows\System32\drivers\5fb34c71.sys [?]

S1 607614f8.sys;607614f8.sys;\??\c:\windows\System32\drivers\607614f8.sys --> c:\windows\System32\drivers\607614f8.sys [?]

S1 60961518.sys;60961518.sys;\??\c:\windows\System32\drivers\60961518.sys --> c:\windows\System32\drivers\60961518.sys [?]

S1 60e74da4.sys;60e74da4.sys;\??\c:\windows\System32\drivers\60e74da4.sys --> c:\windows\System32\drivers\60e74da4.sys [?]

S1 61a34e61.sys;61a34e61.sys;\??\c:\windows\System32\drivers\61a34e61.sys --> c:\windows\System32\drivers\61a34e61.sys [?]

S1 6304d741.sys;6304d741.sys;\??\c:\windows\System32\drivers\6304d741.sys --> c:\windows\System32\drivers\6304d741.sys [?]

S1 63f058b6.sys;63f058b6.sys;\??\c:\windows\System32\drivers\63f058b6.sys --> c:\windows\System32\drivers\63f058b6.sys [?]

S1 64031885.sys;64031885.sys;\??\c:\windows\System32\drivers\64031885.sys --> c:\windows\System32\drivers\64031885.sys [?]

S1 643418b6.sys;643418b6.sys;\??\c:\windows\System32\drivers\643418b6.sys --> c:\windows\System32\drivers\643418b6.sys [?]

S1 646118e3.sys;646118e3.sys;\??\c:\windows\System32\drivers\646118e3.sys --> c:\windows\System32\drivers\646118e3.sys [?]

S1 652351e1.sys;652351e1.sys;\??\c:\windows\System32\drivers\652351e1.sys --> c:\windows\System32\drivers\652351e1.sys [?]

S1 65e852a6.sys;65e852a6.sys;\??\c:\windows\System32\drivers\65e852a6.sys --> c:\windows\System32\drivers\65e852a6.sys [?]

S1 66041a86.sys;66041a86.sys;\??\c:\windows\System32\drivers\66041a86.sys --> c:\windows\System32\drivers\66041a86.sys [?]

S1 662ea230.sys;662ea230.sys;\??\c:\windows\System32\drivers\662ea230.sys --> c:\windows\System32\drivers\662ea230.sys [?]

S1 66d81b5a.sys;66d81b5a.sys;\??\c:\windows\System32\drivers\66d81b5a.sys --> c:\windows\System32\drivers\66d81b5a.sys [?]

S1 66dd1b5f.sys;66dd1b5f.sys;\??\c:\windows\System32\drivers\66dd1b5f.sys --> c:\windows\System32\drivers\66dd1b5f.sys [?]

S1 67cd1c4f.sys;67cd1c4f.sys;\??\c:\windows\System32\drivers\67cd1c4f.sys --> c:\windows\System32\drivers\67cd1c4f.sys [?]

S1 67d61c59.sys;67d61c59.sys;\??\c:\windows\System32\drivers\67d61c59.sys --> c:\windows\System32\drivers\67d61c59.sys [?]

S1 68cc1d4e.sys;68cc1d4e.sys;\??\c:\windows\System32\drivers\68cc1d4e.sys --> c:\windows\System32\drivers\68cc1d4e.sys [?]

S1 68e1e526.sys;68e1e526.sys;\??\c:\windows\System32\drivers\68e1e526.sys --> c:\windows\System32\drivers\68e1e526.sys [?]

S1 69525e18.sys;69525e18.sys;\??\c:\windows\System32\drivers\69525e18.sys --> c:\windows\System32\drivers\69525e18.sys [?]

S1 6a181e9a.sys;6a181e9a.sys;\??\c:\windows\System32\drivers\6a181e9a.sys --> c:\windows\System32\drivers\6a181e9a.sys [?]

S1 6a53de90.sys;6a53de90.sys;\??\c:\windows\System32\drivers\6a53de90.sys --> c:\windows\System32\drivers\6a53de90.sys [?]

S1 6ac25780.sys;6ac25780.sys;\??\c:\windows\System32\drivers\6ac25780.sys --> c:\windows\System32\drivers\6ac25780.sys [?]

S1 6b06e74b.sys;6b06e74b.sys;\??\c:\windows\System32\drivers\6b06e74b.sys --> c:\windows\System32\drivers\6b06e74b.sys [?]

S1 6b806046.sys;6b806046.sys;\??\c:\windows\System32\drivers\6b806046.sys --> c:\windows\System32\drivers\6b806046.sys [?]

S1 6b85dfc2.sys;6b85dfc2.sys;\??\c:\windows\System32\drivers\6b85dfc2.sys --> c:\windows\System32\drivers\6b85dfc2.sys [?]

S1 6c4d590a.sys;6c4d590a.sys;\??\c:\windows\System32\drivers\6c4d590a.sys --> c:\windows\System32\drivers\6c4d590a.sys [?]

S1 6c5c591a.sys;6c5c591a.sys;\??\c:\windows\System32\drivers\6c5c591a.sys --> c:\windows\System32\drivers\6c5c591a.sys [?]

S1 6dd8629e.sys;6dd8629e.sys;\??\c:\windows\System32\drivers\6dd8629e.sys --> c:\windows\System32\drivers\6dd8629e.sys [?]

S1 6e4622c8.sys;6e4622c8.sys;\??\c:\windows\System32\drivers\6e4622c8.sys --> c:\windows\System32\drivers\6e4622c8.sys [?]

S1 6e4c6312.sys;6e4c6312.sys;\??\c:\windows\System32\drivers\6e4c6312.sys --> c:\windows\System32\drivers\6e4c6312.sys [?]

S1 6f1f5bdc.sys;6f1f5bdc.sys;\??\c:\windows\System32\drivers\6f1f5bdc.sys --> c:\windows\System32\drivers\6f1f5bdc.sys [?]

S1 6f2163e7.sys;6f2163e7.sys;\??\c:\windows\System32\drivers\6f2163e7.sys --> c:\windows\System32\drivers\6f2163e7.sys [?]

S1 6f4123c4.sys;6f4123c4.sys;\??\c:\windows\System32\drivers\6f4123c4.sys --> c:\windows\System32\drivers\6f4123c4.sys [?]

S1 703664fc.sys;703664fc.sys;\??\c:\windows\System32\drivers\703664fc.sys --> c:\windows\System32\drivers\703664fc.sys [?]

S1 7166752c.sys;7166752c.sys;\??\c:\windows\System32\drivers\7166752c.sys --> c:\windows\System32\drivers\7166752c.sys [?]

S1 717ee5bb.sys;717ee5bb.sys;\??\c:\windows\System32\drivers\717ee5bb.sys --> c:\windows\System32\drivers\717ee5bb.sys [?]

S1 728beed0.sys;728beed0.sys;\??\c:\windows\System32\drivers\728beed0.sys --> c:\windows\System32\drivers\728beed0.sys [?]

S1 72fa277c.sys;72fa277c.sys;\??\c:\windows\System32\drivers\72fa277c.sys --> c:\windows\System32\drivers\72fa277c.sys [?]

S1 74c9698f.sys;74c9698f.sys;\??\c:\windows\System32\drivers\74c9698f.sys --> c:\windows\System32\drivers\74c9698f.sys [?]

S1 74d16997.sys;74d16997.sys;\??\c:\windows\System32\drivers\74d16997.sys --> c:\windows\System32\drivers\74d16997.sys [?]

S1 74f269b8.sys;74f269b8.sys;\??\c:\windows\System32\drivers\74f269b8.sys --> c:\windows\System32\drivers\74f269b8.sys [?]

S1 75ff6ac5.sys;75ff6ac5.sys;\??\c:\windows\System32\drivers\75ff6ac5.sys --> c:\windows\System32\drivers\75ff6ac5.sys [?]

S1 773f63fc.sys;773f63fc.sys;\??\c:\windows\System32\drivers\773f63fc.sys --> c:\windows\System32\drivers\773f63fc.sys [?]

S1 79b92e3b.sys;79b92e3b.sys;\??\c:\windows\System32\drivers\79b92e3b.sys --> c:\windows\System32\drivers\79b92e3b.sys [?]

S1 79cdf613.sys;79cdf613.sys;\??\c:\windows\System32\drivers\79cdf613.sys --> c:\windows\System32\drivers\79cdf613.sys [?]

S1 7aa72f29.sys;7aa72f29.sys;\??\c:\windows\System32\drivers\7aa72f29.sys --> c:\windows\System32\drivers\7aa72f29.sys [?]

S1 7ae5ef23.sys;7ae5ef23.sys;\??\c:\windows\System32\drivers\7ae5ef23.sys --> c:\windows\System32\drivers\7ae5ef23.sys [?]

S1 7b266fec.sys;7b266fec.sys;\??\c:\windows\System32\drivers\7b266fec.sys --> c:\windows\System32\drivers\7b266fec.sys [?]

S1 7bbb303d.sys;7bbb303d.sys;\??\c:\windows\System32\drivers\7bbb303d.sys --> c:\windows\System32\drivers\7bbb303d.sys [?]

S1 7bc43046.sys;7bc43046.sys;\??\c:\windows\System32\drivers\7bc43046.sys --> c:\windows\System32\drivers\7bc43046.sys [?]

S1 7ca36960.sys;7ca36960.sys;\??\c:\windows\System32\drivers\7ca36960.sys --> c:\windows\System32\drivers\7ca36960.sys [?]

S1 7d4c6a09.sys;7d4c6a09.sys;\??\c:\windows\System32\drivers\7d4c6a09.sys --> c:\windows\System32\drivers\7d4c6a09.sys [?]

S1 7ddd6a9a.sys;7ddd6a9a.sys;\??\c:\windows\System32\drivers\7ddd6a9a.sys --> c:\windows\System32\drivers\7ddd6a9a.sys [?]

S1 7e637329.sys;7e637329.sys;\??\c:\windows\System32\drivers\7e637329.sys --> c:\windows\System32\drivers\7e637329.sys [?]

S1 7ea4736a.sys;7ea4736a.sys;\??\c:\windows\System32\drivers\7ea4736a.sys --> c:\windows\System32\drivers\7ea4736a.sys [?]

S1 7ecd6b8a.sys;7ecd6b8a.sys;\??\c:\windows\System32\drivers\7ecd6b8a.sys --> c:\windows\System32\drivers\7ecd6b8a.sys [?]

S1 7edc6b9a.sys;7edc6b9a.sys;\??\c:\windows\System32\drivers\7edc6b9a.sys --> c:\windows\System32\drivers\7edc6b9a.sys [?]

S1 7fdc74a2.sys;7fdc74a2.sys;\??\c:\windows\System32\drivers\7fdc74a2.sys --> c:\windows\System32\drivers\7fdc74a2.sys [?]

S1 819b7661.sys;819b7661.sys;\??\c:\windows\System32\drivers\819b7661.sys --> c:\windows\System32\drivers\819b7661.sys [?]

S1 81c8364a.sys;81c8364a.sys;\??\c:\windows\System32\drivers\81c8364a.sys --> c:\windows\System32\drivers\81c8364a.sys [?]

S1 823c36be.sys;823c36be.sys;\??\c:\windows\System32\drivers\823c36be.sys --> c:\windows\System32\drivers\823c36be.sys [?]

S1 8289370c.sys;8289370c.sys;\??\c:\windows\System32\drivers\8289370c.sys --> c:\windows\System32\drivers\8289370c.sys [?]

S1 83133795.sys;83133795.sys;\??\c:\windows\System32\drivers\83133795.sys --> c:\windows\System32\drivers\83133795.sys [?]

S1 840470c1.sys;840470c1.sys;\??\c:\windows\System32\drivers\840470c1.sys --> c:\windows\System32\drivers\840470c1.sys [?]

S1 841278d8.sys;841278d8.sys;\??\c:\windows\System32\drivers\841278d8.sys --> c:\windows\System32\drivers\841278d8.sys [?]

S1 8424f862.sys;8424f862.sys;\??\c:\windows\System32\drivers\8424f862.sys --> c:\windows\System32\drivers\8424f862.sys [?]

S1 843438b6.sys;843438b6.sys;\??\c:\windows\System32\drivers\843438b6.sys --> c:\windows\System32\drivers\843438b6.sys [?]

S1 84913913.sys;84913913.sys;\??\c:\windows\System32\drivers\84913913.sys --> c:\windows\System32\drivers\84913913.sys [?]

S1 84b5f8f3.sys;84b5f8f3.sys;\??\c:\windows\System32\drivers\84b5f8f3.sys --> c:\windows\System32\drivers\84b5f8f3.sys [?]

S1 855839da.sys;855839da.sys;\??\c:\windows\System32\drivers\855839da.sys --> c:\windows\System32\drivers\855839da.sys [?]

S1 85ce0215.sys;85ce0215.sys;\??\c:\windows\System32\drivers\85ce0215.sys --> c:\windows\System32\drivers\85ce0215.sys [?]

S1 864e3ad1.sys;864e3ad1.sys;\??\c:\windows\System32\drivers\864e3ad1.sys --> c:\windows\System32\drivers\864e3ad1.sys [?]

S1 87933c15.sys;87933c15.sys;\??\c:\windows\System32\drivers\87933c15.sys --> c:\windows\System32\drivers\87933c15.sys [?]

S1 87e3fc20.sys;87e3fc20.sys;\??\c:\windows\System32\drivers\87e3fc20.sys --> c:\windows\System32\drivers\87e3fc20.sys [?]

S1 8807fc44.sys;8807fc44.sys;\??\c:\windows\System32\drivers\8807fc44.sys --> c:\windows\System32\drivers\8807fc44.sys [?]

S1 88be3d40.sys;88be3d40.sys;\??\c:\windows\System32\drivers\88be3d40.sys --> c:\windows\System32\drivers\88be3d40.sys [?]

S1 89713df3.sys;89713df3.sys;\??\c:\windows\System32\drivers\89713df3.sys --> c:\windows\System32\drivers\89713df3.sys [?]

S1 89b77674.sys;89b77674.sys;\??\c:\windows\System32\drivers\89b77674.sys --> c:\windows\System32\drivers\89b77674.sys [?]

S1 8a5f3ee1.sys;8a5f3ee1.sys;\??\c:\windows\System32\drivers\8a5f3ee1.sys --> c:\windows\System32\drivers\8a5f3ee1.sys [?]

S1 8ba04022.sys;8ba04022.sys;\??\c:\windows\System32\drivers\8ba04022.sys --> c:\windows\System32\drivers\8ba04022.sys [?]

S1 8bd44056.sys;8bd44056.sys;\??\c:\windows\System32\drivers\8bd44056.sys --> c:\windows\System32\drivers\8bd44056.sys [?]

S1 8c064088.sys;8c064088.sys;\??\c:\windows\System32\drivers\8c064088.sys --> c:\windows\System32\drivers\8c064088.sys [?]

S1 8c9b00d9.sys;8c9b00d9.sys;\??\c:\windows\System32\drivers\8c9b00d9.sys --> c:\windows\System32\drivers\8c9b00d9.sys [?]

S1 8d2a81f1.sys;8d2a81f1.sys;\??\c:\windows\System32\drivers\8d2a81f1.sys --> c:\windows\System32\drivers\8d2a81f1.sys [?]

S1 8e7b42fd.sys;8e7b42fd.sys;\??\c:\windows\System32\drivers\8e7b42fd.sys --> c:\windows\System32\drivers\8e7b42fd.sys [?]

S1 8f4c0b93.sys;8f4c0b93.sys;\??\c:\windows\System32\drivers\8f4c0b93.sys --> c:\windows\System32\drivers\8f4c0b93.sys [?]

S1 8fd04452.sys;8fd04452.sys;\??\c:\windows\System32\drivers\8fd04452.sys --> c:\windows\System32\drivers\8fd04452.sys [?]

S1 8fd74459.sys;8fd74459.sys;\??\c:\windows\System32\drivers\8fd74459.sys --> c:\windows\System32\drivers\8fd74459.sys [?]

S1 90964518.sys;90964518.sys;\??\c:\windows\System32\drivers\90964518.sys --> c:\windows\System32\drivers\90964518.sys [?]

S1 90c24544.sys;90c24544.sys;\??\c:\windows\System32\drivers\90c24544.sys --> c:\windows\System32\drivers\90c24544.sys [?]

S1 91104592.sys;91104592.sys;\??\c:\windows\System32\drivers\91104592.sys --> c:\windows\System32\drivers\91104592.sys [?]

S1 91117dce.sys;91117dce.sys;\??\c:\windows\System32\drivers\91117dce.sys --> c:\windows\System32\drivers\91117dce.sys [?]

S1 92160e5d.sys;92160e5d.sys;\??\c:\windows\System32\drivers\92160e5d.sys --> c:\windows\System32\drivers\92160e5d.sys [?]

S1 927446f6.sys;927446f6.sys;\??\c:\windows\System32\drivers\927446f6.sys --> c:\windows\System32\drivers\927446f6.sys [?]

S1 935b65de.sys;935b65de.sys;\??\c:\windows\System32\drivers\935b65de.sys --> c:\windows\System32\drivers\935b65de.sys [?]

S1 93c64848.sys;93c64848.sys;\??\c:\windows\System32\drivers\93c64848.sys --> c:\windows\System32\drivers\93c64848.sys [?]

S1 947048f2.sys;947048f2.sys;\??\c:\windows\System32\drivers\947048f2.sys --> c:\windows\System32\drivers\947048f2.sys [?]

S1 94878144.sys;94878144.sys;\??\c:\windows\System32\drivers\94878144.sys --> c:\windows\System32\drivers\94878144.sys [?]

S1 95768234.sys;95768234.sys;\??\c:\windows\System32\drivers\95768234.sys --> c:\windows\System32\drivers\95768234.sys [?]

S1 96298aef.sys;96298aef.sys;\??\c:\windows\System32\drivers\96298aef.sys --> c:\windows\System32\drivers\96298aef.sys [?]

S1 96584adb.sys;96584adb.sys;\??\c:\windows\System32\drivers\96584adb.sys --> c:\windows\System32\drivers\96584adb.sys [?]

S1 971a83d8.sys;971a83d8.sys;\??\c:\windows\System32\drivers\971a83d8.sys --> c:\windows\System32\drivers\971a83d8.sys [?]

S1 98021449.sys;98021449.sys;\??\c:\windows\System32\drivers\98021449.sys --> c:\windows\System32\drivers\98021449.sys [?]

S1 985e4ce0.sys;985e4ce0.sys;\??\c:\windows\System32\drivers\985e4ce0.sys --> c:\windows\System32\drivers\985e4ce0.sys [?]

S1 98824d04.sys;98824d04.sys;\??\c:\windows\System32\drivers\98824d04.sys --> c:\windows\System32\drivers\98824d04.sys [?]

S1 988d8d53.sys;988d8d53.sys;\??\c:\windows\System32\drivers\988d8d53.sys --> c:\windows\System32\drivers\988d8d53.sys [?]

S1 990d4d8f.sys;990d4d8f.sys;\??\c:\windows\System32\drivers\990d4d8f.sys --> c:\windows\System32\drivers\990d4d8f.sys [?]

S1 99e34e65.sys;99e34e65.sys;\??\c:\windows\System32\drivers\99e34e65.sys --> c:\windows\System32\drivers\99e34e65.sys [?]

S1 9ade879c.sys;9ade879c.sys;\??\c:\windows\System32\drivers\9ade879c.sys --> c:\windows\System32\drivers\9ade879c.sys [?]

S1 9ae98faf.sys;9ae98faf.sys;\??\c:\windows\System32\drivers\9ae98faf.sys --> c:\windows\System32\drivers\9ae98faf.sys [?]

S1 9bb15033.sys;9bb15033.sys;\??\c:\windows\System32\drivers\9bb15033.sys --> c:\windows\System32\drivers\9bb15033.sys [?]

S1 9c1690dc.sys;9c1690dc.sys;\??\c:\windows\System32\drivers\9c1690dc.sys --> c:\windows\System32\drivers\9c1690dc.sys [?]

S1 9c21105f.sys;9c21105f.sys;\??\c:\windows\System32\drivers\9c21105f.sys --> c:\windows\System32\drivers\9c21105f.sys [?]

S1 9c3790fd.sys;9c3790fd.sys;\??\c:\windows\System32\drivers\9c3790fd.sys --> c:\windows\System32\drivers\9c3790fd.sys [?]

S1 9c4f50d1.sys;9c4f50d1.sys;\??\c:\windows\System32\drivers\9c4f50d1.sys --> c:\windows\System32\drivers\9c4f50d1.sys [?]

S1 9e6352e5.sys;9e6352e5.sys;\??\c:\windows\System32\drivers\9e6352e5.sys --> c:\windows\System32\drivers\9e6352e5.sys [?]

S1 9e85934b.sys;9e85934b.sys;\??\c:\windows\System32\drivers\9e85934b.sys --> c:\windows\System32\drivers\9e85934b.sys [?]

S1 9e8d12cc.sys;9e8d12cc.sys;\??\c:\windows\System32\drivers\9e8d12cc.sys --> c:\windows\System32\drivers\9e8d12cc.sys [?]

S1 9f1993df.sys;9f1993df.sys;\??\c:\windows\System32\drivers\9f1993df.sys --> c:\windows\System32\drivers\9f1993df.sys [?]

S1 a00c144a.sys;a00c144a.sys;\??\c:\windows\System32\drivers\a00c144a.sys --> c:\windows\System32\drivers\a00c144a.sys [?]

S1 a0f81d3f.sys;a0f81d3f.sys;\??\c:\windows\System32\drivers\a0f81d3f.sys --> c:\windows\System32\drivers\a0f81d3f.sys [?]

S1 a1538e10.sys;a1538e10.sys;\??\c:\windows\System32\drivers\a1538e10.sys --> c:\windows\System32\drivers\a1538e10.sys [?]

S1 a1fc96c2.sys;a1fc96c2.sys;\??\c:\windows\System32\drivers\a1fc96c2.sys --> c:\windows\System32\drivers\a1fc96c2.sys [?]

S1 a24d1e94.sys;a24d1e94.sys;\??\c:\windows\System32\drivers\a24d1e94.sys --> c:\windows\System32\drivers\a24d1e94.sys [?]

S1 a32b97f1.sys;a32b97f1.sys;\??\c:\windows\System32\drivers\a32b97f1.sys --> c:\windows\System32\drivers\a32b97f1.sys [?]

S1 a3301f77.sys;a3301f77.sys;\??\c:\windows\System32\drivers\a3301f77.sys --> c:\windows\System32\drivers\a3301f77.sys [?]

S1 a3b79075.sys;a3b79075.sys;\??\c:\windows\System32\drivers\a3b79075.sys --> c:\windows\System32\drivers\a3b79075.sys [?]

S1 a3c8988e.sys;a3c8988e.sys;\??\c:\windows\System32\drivers\a3c8988e.sys --> c:\windows\System32\drivers\a3c8988e.sys [?]

S1 a40498ca.sys;a40498ca.sys;\??\c:\windows\System32\drivers\a40498ca.sys --> c:\windows\System32\drivers\a40498ca.sys [?]

S1 a4221860.sys;a4221860.sys;\??\c:\windows\System32\drivers\a4221860.sys --> c:\windows\System32\drivers\a4221860.sys [?]

S1 a48c914a.sys;a48c914a.sys;\??\c:\windows\System32\drivers\a48c914a.sys --> c:\windows\System32\drivers\a48c914a.sys [?]

S1 a4b8997f.sys;a4b8997f.sys;\??\c:\windows\System32\drivers\a4b8997f.sys --> c:\windows\System32\drivers\a4b8997f.sys [?]

S1 a54a9a10.sys;a54a9a10.sys;\??\c:\windows\System32\drivers\a54a9a10.sys --> c:\windows\System32\drivers\a54a9a10.sys [?]

S1 a5719a37.sys;a5719a37.sys;\??\c:\windows\System32\drivers\a5719a37.sys --> c:\windows\System32\drivers\a5719a37.sys [?]

S1 a5b85a3a.sys;a5b85a3a.sys;\??\c:\windows\System32\drivers\a5b85a3a.sys --> c:\windows\System32\drivers\a5b85a3a.sys [?]

S1 a6415ac3.sys;a6415ac3.sys;\??\c:\windows\System32\drivers\a6415ac3.sys --> c:\windows\System32\drivers\a6415ac3.sys [?]

S1 aa3096ee.sys;aa3096ee.sys;\??\c:\windows\System32\drivers\aa3096ee.sys --> c:\windows\System32\drivers\aa3096ee.sys [?]

S1 aa3f1e7d.sys;aa3f1e7d.sys;\??\c:\windows\System32\drivers\aa3f1e7d.sys --> c:\windows\System32\drivers\aa3f1e7d.sys [?]

S1 aa615ee3.sys;aa615ee3.sys;\??\c:\windows\System32\drivers\aa615ee3.sys --> c:\windows\System32\drivers\aa615ee3.sys [?]

S1 ab0d97cb.sys;ab0d97cb.sys;\??\c:\windows\System32\drivers\ab0d97cb.sys --> c:\windows\System32\drivers\ab0d97cb.sys [?]

S1 ab25276c.sys;ab25276c.sys;\??\c:\windows\System32\drivers\ab25276c.sys --> c:\windows\System32\drivers\ab25276c.sys [?]

S1 ab959853.sys;ab959853.sys;\??\c:\windows\System32\drivers\ab959853.sys --> c:\windows\System32\drivers\ab959853.sys [?]

S1 acbaa180.sys;acbaa180.sys;\??\c:\windows\System32\drivers\acbaa180.sys --> c:\windows\System32\drivers\acbaa180.sys [?]

S1 ad5461d6.sys;ad5461d6.sys;\??\c:\windows\System32\drivers\ad5461d6.sys --> c:\windows\System32\drivers\ad5461d6.sys [?]

S1 ae19629b.sys;ae19629b.sys;\??\c:\windows\System32\drivers\ae19629b.sys --> c:\windows\System32\drivers\ae19629b.sys [?]

S1 aeff6381.sys;aeff6381.sys;\??\c:\windows\System32\drivers\aeff6381.sys --> c:\windows\System32\drivers\aeff6381.sys [?]

S1 aeff9bbd.sys;aeff9bbd.sys;\??\c:\windows\System32\drivers\aeff9bbd.sys --> c:\windows\System32\drivers\aeff9bbd.sys [?]

S1 af44a40a.sys;af44a40a.sys;\??\c:\windows\System32\drivers\af44a40a.sys --> c:\windows\System32\drivers\af44a40a.sys [?]

S1 af5863da.sys;af5863da.sys;\??\c:\windows\System32\drivers\af5863da.sys --> c:\windows\System32\drivers\af5863da.sys [?]

S1 b14a65cc.sys;b14a65cc.sys;\??\c:\windows\System32\drivers\b14a65cc.sys --> c:\windows\System32\drivers\b14a65cc.sys [?]

S1 b1869e44.sys;b1869e44.sys;\??\c:\windows\System32\drivers\b1869e44.sys --> c:\windows\System32\drivers\b1869e44.sys [?]

S1 b1b26634.sys;b1b26634.sys;\??\c:\windows\System32\drivers\b1b26634.sys --> c:\windows\System32\drivers\b1b26634.sys [?]

S1 b2b326f2.sys;b2b326f2.sys;\??\c:\windows\System32\drivers\b2b326f2.sys --> c:\windows\System32\drivers\b2b326f2.sys [?]

S1 b3fca8c2.sys;b3fca8c2.sys;\??\c:\windows\System32\drivers\b3fca8c2.sys --> c:\windows\System32\drivers\b3fca8c2.sys [?]

S1 b407a8cd.sys;b407a8cd.sys;\??\c:\windows\System32\drivers\b407a8cd.sys --> c:\windows\System32\drivers\b407a8cd.sys [?]

S1 b45c68df.sys;b45c68df.sys;\??\c:\windows\System32\drivers\b45c68df.sys --> c:\windows\System32\drivers\b45c68df.sys [?]

S1 b47268f4.sys;b47268f4.sys;\??\c:\windows\System32\drivers\b47268f4.sys --> c:\windows\System32\drivers\b47268f4.sys [?]

S1 b52ea9f4.sys;b52ea9f4.sys;\??\c:\windows\System32\drivers\b52ea9f4.sys --> c:\windows\System32\drivers\b52ea9f4.sys [?]

S1 b536a9fc.sys;b536a9fc.sys;\??\c:\windows\System32\drivers\b536a9fc.sys --> c:\windows\System32\drivers\b536a9fc.sys [?]

S1 b56b69ed.sys;b56b69ed.sys;\??\c:\windows\System32\drivers\b56b69ed.sys --> c:\windows\System32\drivers\b56b69ed.sys [?]

S1 b5c26a44.sys;b5c26a44.sys;\??\c:\windows\System32\drivers\b5c26a44.sys --> c:\windows\System32\drivers\b5c26a44.sys [?]

S1 b5d1a28f.sys;b5d1a28f.sys;\??\c:\windows\System32\drivers\b5d1a28f.sys --> c:\windows\System32\drivers\b5d1a28f.sys [?]

S1 b5e66a69.sys;b5e66a69.sys;\??\c:\windows\System32\drivers\b5e66a69.sys --> c:\windows\System32\drivers\b5e66a69.sys [?]

S1 b754339b.sys;b754339b.sys;\??\c:\windows\System32\drivers\b754339b.sys --> c:\windows\System32\drivers\b754339b.sys [?]

S1 b76e33b4.sys;b76e33b4.sys;\??\c:\windows\System32\drivers\b76e33b4.sys --> c:\windows\System32\drivers\b76e33b4.sys [?]

S1 b818a4d6.sys;b818a4d6.sys;\??\c:\windows\System32\drivers\b818a4d6.sys --> c:\windows\System32\drivers\b818a4d6.sys [?]

S1 b8482c86.sys;b8482c86.sys;\??\c:\windows\System32\drivers\b8482c86.sys --> c:\windows\System32\drivers\b8482c86.sys [?]

S1 b8b26d34.sys;b8b26d34.sys;\??\c:\windows\System32\drivers\b8b26d34.sys --> c:\windows\System32\drivers\b8b26d34.sys [?]

S1 ba08f60a.sys;ba08f60a.sys;\??\c:\windows\System32\drivers\ba08f60a.sys --> c:\windows\System32\drivers\ba08f60a.sys [?]

S1 ba52af18.sys;ba52af18.sys;\??\c:\windows\System32\drivers\ba52af18.sys --> c:\windows\System32\drivers\ba52af18.sys [?]

S1 ba94a752.sys;ba94a752.sys;\??\c:\windows\System32\drivers\ba94a752.sys --> c:\windows\System32\drivers\ba94a752.sys [?]

S1 bc117093.sys;bc117093.sys;\??\c:\windows\System32\drivers\bc117093.sys --> c:\windows\System32\drivers\bc117093.sys [?]

S1 bc53b119.sys;bc53b119.sys;\??\c:\windows\System32\drivers\bc53b119.sys --> c:\windows\System32\drivers\bc53b119.sys [?]

S1 bc5fb125.sys;bc5fb125.sys;\??\c:\windows\System32\drivers\bc5fb125.sys --> c:\windows\System32\drivers\bc5fb125.sys [?]

S1 bc7f30bd.sys;bc7f30bd.sys;\??\c:\windows\System32\drivers\bc7f30bd.sys --> c:\windows\System32\drivers\bc7f30bd.sys [?]

S1 be01aabf.sys;be01aabf.sys;\??\c:\windows\System32\drivers\be01aabf.sys --> c:\windows\System32\drivers\be01aabf.sys [?]

S1 bf2a73ac.sys;bf2a73ac.sys;\??\c:\windows\System32\drivers\bf2a73ac.sys --> c:\windows\System32\drivers\bf2a73ac.sys [?]

S1 c00eb4d5.sys;c00eb4d5.sys;\??\c:\windows\System32\drivers\c00eb4d5.sys --> c:\windows\System32\drivers\c00eb4d5.sys [?]

S1 c01aacd7.sys;c01aacd7.sys;\??\c:\windows\System32\drivers\c01aacd7.sys --> c:\windows\System32\drivers\c01aacd7.sys [?]

S1 c06eb534.sys;c06eb534.sys;\??\c:\windows\System32\drivers\c06eb534.sys --> c:\windows\System32\drivers\c06eb534.sys [?]

S1 c230366e.sys;c230366e.sys;\??\c:\windows\System32\drivers\c230366e.sys --> c:\windows\System32\drivers\c230366e.sys [?]

S1 c26976eb.sys;c26976eb.sys;\??\c:\windows\System32\drivers\c26976eb.sys --> c:\windows\System32\drivers\c26976eb.sys [?]

S1 c26fb735.sys;c26fb735.sys;\??\c:\windows\System32\drivers\c26fb735.sys --> c:\windows\System32\drivers\c26fb735.sys [?]

S1 c34d77cf.sys;c34d77cf.sys;\??\c:\windows\System32\drivers\c34d77cf.sys --> c:\windows\System32\drivers\c34d77cf.sys [?]

S1 c4037885.sys;c4037885.sys;\??\c:\windows\System32\drivers\c4037885.sys --> c:\windows\System32\drivers\c4037885.sys [?]

S1 c43e78c0.sys;c43e78c0.sys;\??\c:\windows\System32\drivers\c43e78c0.sys --> c:\windows\System32\drivers\c43e78c0.sys [?]

S1 c470b12d.sys;c470b12d.sys;\??\c:\windows\System32\drivers\c470b12d.sys --> c:\windows\System32\drivers\c470b12d.sys [?]

S1 c47f38be.sys;c47f38be.sys;\??\c:\windows\System32\drivers\c47f38be.sys --> c:\windows\System32\drivers\c47f38be.sys [?]

S1 c4967918.sys;c4967918.sys;\??\c:\windows\System32\drivers\c4967918.sys --> c:\windows\System32\drivers\c4967918.sys [?]

S1 c698bb5e.sys;c698bb5e.sys;\??\c:\windows\System32\drivers\c698bb5e.sys --> c:\windows\System32\drivers\c698bb5e.sys [?]

S1 c6f77b79.sys;c6f77b79.sys;\??\c:\windows\System32\drivers\c6f77b79.sys --> c:\windows\System32\drivers\c6f77b79.sys [?]

S1 c8707cf2.sys;c8707cf2.sys;\??\c:\windows\System32\drivers\c8707cf2.sys --> c:\windows\System32\drivers\c8707cf2.sys [?]

S1 c8d67d58.sys;c8d67d58.sys;\??\c:\windows\System32\drivers\c8d67d58.sys --> c:\windows\System32\drivers\c8d67d58.sys [?]

S1 c918455f.sys;c918455f.sys;\??\c:\windows\System32\drivers\c918455f.sys --> c:\windows\System32\drivers\c918455f.sys [?]

S1 c9d9be9f.sys;c9d9be9f.sys;\??\c:\windows\System32\drivers\c9d9be9f.sys --> c:\windows\System32\drivers\c9d9be9f.sys [?]

S1 c9ecbeb2.sys;c9ecbeb2.sys;\??\c:\windows\System32\drivers\c9ecbeb2.sys --> c:\windows\System32\drivers\c9ecbeb2.sys [?]

S1 cac9b786.sys;cac9b786.sys;\??\c:\windows\System32\drivers\cac9b786.sys --> c:\windows\System32\drivers\cac9b786.sys [?]

S1 cb03bfc9.sys;cb03bfc9.sys;\??\c:\windows\System32\drivers\cb03bfc9.sys --> c:\windows\System32\drivers\cb03bfc9.sys [?]

S1 ccc4c18a.sys;ccc4c18a.sys;\??\c:\windows\System32\drivers\ccc4c18a.sys --> c:\windows\System32\drivers\ccc4c18a.sys [?]

S1 cd5cc222.sys;cd5cc222.sys;\??\c:\windows\System32\drivers\cd5cc222.sys --> c:\windows\System32\drivers\cd5cc222.sys [?]

S1 ce3282b4.sys;ce3282b4.sys;\??\c:\windows\System32\drivers\ce3282b4.sys --> c:\windows\System32\drivers\ce3282b4.sys [?]

S1 ced8bb96.sys;ced8bb96.sys;\??\c:\windows\System32\drivers\ced8bb96.sys --> c:\windows\System32\drivers\ced8bb96.sys [?]

S1 cf6683e8.sys;cf6683e8.sys;\??\c:\windows\System32\drivers\cf6683e8.sys --> c:\windows\System32\drivers\cf6683e8.sys [?]

S1 cfde441c.sys;cfde441c.sys;\??\c:\windows\System32\drivers\cfde441c.sys --> c:\windows\System32\drivers\cfde441c.sys [?]

S1 d02084a2.sys;d02084a2.sys;\??\c:\windows\System32\drivers\d02084a2.sys --> c:\windows\System32\drivers\d02084a2.sys [?]

S1 d15885da.sys;d15885da.sys;\??\c:\windows\System32\drivers\d15885da.sys --> c:\windows\System32\drivers\d15885da.sys [?]

S1 d17485f6.sys;d17485f6.sys;\??\c:\windows\System32\drivers\d17485f6.sys --> c:\windows\System32\drivers\d17485f6.sys [?]

S1 d2abbf69.sys;d2abbf69.sys;\??\c:\windows\System32\drivers\d2abbf69.sys --> c:\windows\System32\drivers\d2abbf69.sys [?]

S1 d2b5bf73.sys;d2b5bf73.sys;\??\c:\windows\System32\drivers\d2b5bf73.sys --> c:\windows\System32\drivers\d2b5bf73.sys [?]

S1 d3858807.sys;d3858807.sys;\??\c:\windows\System32\drivers\d3858807.sys --> c:\windows\System32\drivers\d3858807.sys [?]

S1 d555ca1b.sys;d555ca1b.sys;\??\c:\windows\System32\drivers\d555ca1b.sys --> c:\windows\System32\drivers\d555ca1b.sys [?]

S1 d5a0c25d.sys;d5a0c25d.sys;\??\c:\windows\System32\drivers\d5a0c25d.sys --> c:\windows\System32\drivers\d5a0c25d.sys [?]

S1 d68acb50.sys;d68acb50.sys;\??\c:\windows\System32\drivers\d68acb50.sys --> c:\windows\System32\drivers\d68acb50.sys [?]

S1 d81f5466.sys;d81f5466.sys;\??\c:\windows\System32\drivers\d81f5466.sys --> c:\windows\System32\drivers\d81f5466.sys [?]

S1 d9778dfa.sys;d9778dfa.sys;\??\c:\windows\System32\drivers\d9778dfa.sys --> c:\windows\System32\drivers\d9778dfa.sys [?]

S1 d99cce62.sys;d99cce62.sys;\??\c:\windows\System32\drivers\d99cce62.sys --> c:\windows\System32\drivers\d99cce62.sys [?]

S1 db384f76.sys;db384f76.sys;\??\c:\windows\System32\drivers\db384f76.sys --> c:\windows\System32\drivers\db384f76.sys [?]

S1 db684fa6.sys;db684fa6.sys;\??\c:\windows\System32\drivers\db684fa6.sys --> c:\windows\System32\drivers\db684fa6.sys [?]

S1 dcc9c986.sys;dcc9c986.sys;\??\c:\windows\System32\drivers\dcc9c986.sys --> c:\windows\System32\drivers\dcc9c986.sys [?]

S1 dd31c9ef.sys;dd31c9ef.sys;\??\c:\windows\System32\drivers\dd31c9ef.sys --> c:\windows\System32\drivers\dd31c9ef.sys [?]

S1 de202923.sys;de202923.sys;\??\c:\windows\System32\drivers\de202923.sys --> c:\windows\System32\drivers\de202923.sys [?]

S1 de2ad2f0.sys;de2ad2f0.sys;\??\c:\windows\System32\drivers\de2ad2f0.sys --> c:\windows\System32\drivers\de2ad2f0.sys [?]

S1 de6bd331.sys;de6bd331.sys;\??\c:\windows\System32\drivers\de6bd331.sys --> c:\windows\System32\drivers\de6bd331.sys [?]

S1 df2cd3f2.sys;df2cd3f2.sys;\??\c:\windows\System32\drivers\df2cd3f2.sys --> c:\windows\System32\drivers\df2cd3f2.sys [?]

S1 e01ad4e0.sys;e01ad4e0.sys;\??\c:\windows\System32\drivers\e01ad4e0.sys --> c:\windows\System32\drivers\e01ad4e0.sys [?]

S1 e170ce2e.sys;e170ce2e.sys;\??\c:\windows\System32\drivers\e170ce2e.sys --> c:\windows\System32\drivers\e170ce2e.sys [?]

S1 e272cf30.sys;e272cf30.sys;\??\c:\windows\System32\drivers\e272cf30.sys --> c:\windows\System32\drivers\e272cf30.sys [?]

S1 e37a97fc.sys;e37a97fc.sys;\??\c:\windows\System32\drivers\e37a97fc.sys --> c:\windows\System32\drivers\e37a97fc.sys [?]

S1 e4d09952.sys;e4d09952.sys;\??\c:\windows\System32\drivers\e4d09952.sys --> c:\windows\System32\drivers\e4d09952.sys [?]

S1 e563da29.sys;e563da29.sys;\??\c:\windows\System32\drivers\e563da29.sys --> c:\windows\System32\drivers\e563da29.sys [?]

S1 e6639ae5.sys;e6639ae5.sys;\??\c:\windows\System32\drivers\e6639ae5.sys --> c:\windows\System32\drivers\e6639ae5.sys [?]

S1 e669db2f.sys;e669db2f.sys;\??\c:\windows\System32\drivers\e669db2f.sys --> c:\windows\System32\drivers\e669db2f.sys [?]

S1 e7339bb5.sys;e7339bb5.sys;\??\c:\windows\System32\drivers\e7339bb5.sys --> c:\windows\System32\drivers\e7339bb5.sys [?]

S1 e746d404.sys;e746d404.sys;\??\c:\windows\System32\drivers\e746d404.sys --> c:\windows\System32\drivers\e746d404.sys [?]

S1 e759dc1f.sys;e759dc1f.sys;\??\c:\windows\System32\drivers\e759dc1f.sys --> c:\windows\System32\drivers\e759dc1f.sys [?]

S1 e7abdc71.sys;e7abdc71.sys;\??\c:\windows\System32\drivers\e7abdc71.sys --> c:\windows\System32\drivers\e7abdc71.sys [?]

S1 e8cc9d4e.sys;e8cc9d4e.sys;\??\c:\windows\System32\drivers\e8cc9d4e.sys --> c:\windows\System32\drivers\e8cc9d4e.sys [?]

S1 e9819e03.sys;e9819e03.sys;\??\c:\windows\System32\drivers\e9819e03.sys --> c:\windows\System32\drivers\e9819e03.sys [?]

S1 eaf3d7b0.sys;eaf3d7b0.sys;\??\c:\windows\System32\drivers\eaf3d7b0.sys --> c:\windows\System32\drivers\eaf3d7b0.sys [?]

S1 eb0e9f90.sys;eb0e9f90.sys;\??\c:\windows\System32\drivers\eb0e9f90.sys --> c:\windows\System32\drivers\eb0e9f90.sys [?]

S1 eb1d9fa0.sys;eb1d9fa0.sys;\??\c:\windows\System32\drivers\eb1d9fa0.sys --> c:\windows\System32\drivers\eb1d9fa0.sys [?]

S1 eb815fbf.sys;eb815fbf.sys;\??\c:\windows\System32\drivers\eb815fbf.sys --> c:\windows\System32\drivers\eb815fbf.sys [?]

S1 ebd9e09f.sys;ebd9e09f.sys;\??\c:\windows\System32\drivers\ebd9e09f.sys --> c:\windows\System32\drivers\ebd9e09f.sys [?]

S1 ec4ba0cd.sys;ec4ba0cd.sys;\??\c:\windows\System32\drivers\ec4ba0cd.sys --> c:\windows\System32\drivers\ec4ba0cd.sys [?]

S1 eca2e168.sys;eca2e168.sys;\??\c:\windows\System32\drivers\eca2e168.sys --> c:\windows\System32\drivers\eca2e168.sys [?]

S1 ed64a1e6.sys;ed64a1e6.sys;\??\c:\windows\System32\drivers\ed64a1e6.sys --> c:\windows\System32\drivers\ed64a1e6.sys [?]

S1 eeeea370.sys;eeeea370.sys;\??\c:\windows\System32\drivers\eeeea370.sys --> c:\windows\System32\drivers\eeeea370.sys [?]

S1 ef82ef07.sys;ef82ef07.sys;\??\c:\windows\System32\drivers\ef82ef07.sys --> c:\windows\System32\drivers\ef82ef07.sys [?]

S1 efc3e489.sys;efc3e489.sys;\??\c:\windows\System32\drivers\efc3e489.sys --> c:\windows\System32\drivers\efc3e489.sys [?]

S1 f011a493.sys;f011a493.sys;\??\c:\windows\System32\drivers\f011a493.sys --> c:\windows\System32\drivers\f011a493.sys [?]

S1 f056a4d8.sys;f056a4d8.sys;\??\c:\windows\System32\drivers\f056a4d8.sys --> c:\windows\System32\drivers\f056a4d8.sys [?]

S1 f27ddf3b.sys;f27ddf3b.sys;\??\c:\windows\System32\drivers\f27ddf3b.sys --> c:\windows\System32\drivers\f27ddf3b.sys [?]

S1 f2d1df8f.sys;f2d1df8f.sys;\??\c:\windows\System32\drivers\f2d1df8f.sys --> c:\windows\System32\drivers\f2d1df8f.sys [?]

S1 f3c6e083.sys;f3c6e083.sys;\??\c:\windows\System32\drivers\f3c6e083.sys --> c:\windows\System32\drivers\f3c6e083.sys [?]

S1 f425e0e2.sys;f425e0e2.sys;\??\c:\windows\System32\drivers\f425e0e2.sys --> c:\windows\System32\drivers\f425e0e2.sys [?]

S1 f44ae108.sys;f44ae108.sys;\??\c:\windows\System32\drivers\f44ae108.sys --> c:\windows\System32\drivers\f44ae108.sys [?]

S1 f54bea11.sys;f54bea11.sys;\??\c:\windows\System32\drivers\f54bea11.sys --> c:\windows\System32\drivers\f54bea11.sys [?]

S1 f689eb4f.sys;f689eb4f.sys;\??\c:\windows\System32\drivers\f689eb4f.sys --> c:\windows\System32\drivers\f689eb4f.sys [?]

S1 f71febe5.sys;f71febe5.sys;\??\c:\windows\System32\drivers\f71febe5.sys --> c:\windows\System32\drivers\f71febe5.sys [?]

S1 f74cabce.sys;f74cabce.sys;\??\c:\windows\System32\drivers\f74cabce.sys --> c:\windows\System32\drivers\f74cabce.sys [?]

S1 f7b8ac3b.sys;f7b8ac3b.sys;\??\c:\windows\System32\drivers\f7b8ac3b.sys --> c:\windows\System32\drivers\f7b8ac3b.sys [?]

S1 f7f0ecb6.sys;f7f0ecb6.sys;\??\c:\windows\System32\drivers\f7f0ecb6.sys --> c:\windows\System32\drivers\f7f0ecb6.sys [?]

S1 f8b36cf1.sys;f8b36cf1.sys;\??\c:\windows\System32\drivers\f8b36cf1.sys --> c:\windows\System32\drivers\f8b36cf1.sys [?]

S1 fa006e3f.sys;fa006e3f.sys;\??\c:\windows\System32\drivers\fa006e3f.sys --> c:\windows\System32\drivers\fa006e3f.sys [?]

S1 fa29aeab.sys;fa29aeab.sys;\??\c:\windows\System32\drivers\fa29aeab.sys --> c:\windows\System32\drivers\fa29aeab.sys [?]

S1 fa72aef4.sys;fa72aef4.sys;\??\c:\windows\System32\drivers\fa72aef4.sys --> c:\windows\System32\drivers\fa72aef4.sys [?]

S1 fa84af06.sys;fa84af06.sys;\??\c:\windows\System32\drivers\fa84af06.sys --> c:\windows\System32\drivers\fa84af06.sys [?]

S1 fa95af17.sys;fa95af17.sys;\??\c:\windows\System32\drivers\fa95af17.sys --> c:\windows\System32\drivers\fa95af17.sys [?]

S1 fad3af55.sys;fad3af55.sys;\??\c:\windows\System32\drivers\fad3af55.sys --> c:\windows\System32\drivers\fad3af55.sys [?]

S1 fb29efef.sys;fb29efef.sys;\??\c:\windows\System32\drivers\fb29efef.sys --> c:\windows\System32\drivers\fb29efef.sys [?]

S1 fbc47002.sys;fbc47002.sys;\??\c:\windows\System32\drivers\fbc47002.sys --> c:\windows\System32\drivers\fbc47002.sys [?]

S1 fc8de94a.sys;fc8de94a.sys;\??\c:\windows\System32\drivers\fc8de94a.sys --> c:\windows\System32\drivers\fc8de94a.sys [?]

S1 fd8af250.sys;fd8af250.sys;\??\c:\windows\System32\drivers\fd8af250.sys --> c:\windows\System32\drivers\fd8af250.sys [?]

S1 fdbdb23f.sys;fdbdb23f.sys;\??\c:\windows\System32\drivers\fdbdb23f.sys --> c:\windows\System32\drivers\fdbdb23f.sys [?]

S1 fe097248.sys;fe097248.sys;\??\c:\windows\System32\drivers\fe097248.sys --> c:\windows\System32\drivers\fe097248.sys [?]

S1 fe8eb310.sys;fe8eb310.sys;\??\c:\windows\System32\drivers\fe8eb310.sys --> c:\windows\System32\drivers\fe8eb310.sys [?]

S1 ff3debfb.sys;ff3debfb.sys;\??\c:\windows\System32\drivers\ff3debfb.sys --> c:\windows\System32\drivers\ff3debfb.sys [?]

S1 ffa573e3.sys;ffa573e3.sys;\??\c:\windows\System32\drivers\ffa573e3.sys --> c:\windows\System32\drivers\ffa573e3.sys [?]

S2 0207141250448231mcinstcleanup;McAfee Application Installer Cleanup (0207141250448231);c:\docume~1\Kevin\LOCALS~1\Temp\020714~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\Kevin\LOCALS~1\Temp\020714~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [3/7/2009 6:33 PM 33752]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys [8/10/2009 5:23 PM 38160]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

Contents of the 'Scheduled Tasks' folder

2009-08-07 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

.

- - - - ORPHANS REMOVED - - - -

HKLM-Run-11546564 - c:\documents and settings\All Users\Application Data\11546564\11546564.exe

.

------- Supplementary Scan -------

.

uLocal Page = \blank.htm

uStart Page = hxxp://att.net

mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com

IE: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html

IE: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm078LUUS

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-16 15:07

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

DLBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(636)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

.

Completion time: 2009-08-16 15:14 - machine was rebooted

ComboFix-quarantined-files.txt 2009-08-16 19:14

ComboFix2.txt 2009-08-13 00:45

Pre-Run: 30,082,740,224 bytes free

Post-Run: 30,061,207,552 bytes free

652 --- E O F --- 2009-07-29 07:02

Link to post
Share on other sites

  • Staff

Hi,

What a mess here :rolleyes:

Can you please follow my instructions and move combofix to the desktop? Because it's currently running from a temp folder. Also, if you follow my instructions, it will be easier to follow the rest of my instructions properly as well, because we have to create a script as well to drag into combofix.

* Open notepad - don't use any other texteditor than notepad or the script will fail.

Copy/paste the text in the quotebox below into notepad:

File::

c:\windows\system32\drivers\runnin.sys

c:\windows\system32\drivers\log.ini.sys

c:\windows\system32\drivers\DA39A3EE5E6B4B0D3255BFEF956018.sys

c:\windows\system32\drivers\Microsoft.sys

c:\windows\system32\drivers\AssetCache.sys

c:\windows\system32\drivers\MYWEBS.sys

c:\windows\system32\muhodogu.dll

c:\windows\system32\butugagu.dll

c:\windows\system32\lagoguze.dll

c:\windows\system32\rotawugo.dll

c:\windows\system32\yepogofa.dll

c:\windows\SYSTEM32\difebebu.dll

c:\windows\SYSTEM32\sivotumo.dll

Driver::

0106edc3.sys

01a7b628.sys

01ddf6a2.sys

047db8fe.sys

0505f9ca.sys

05e17a1e.sys

0677fb3c.sys

06e5f3a2.sys

06fdbb7e.sys

076dbbee.sys

079183d7.sys

089fbd21.sys

08e8f5a5.sys

090cbd8d.sys

0918fddd.sys

092c7d69.sys

0a39f6f6.sys

0adfffa4.sys

0b99f856.sys

0c83c105.sys

0c96c118.sys

0ca4c125.sys

0ddcc25d.sys

0e51c2d3.sys

0e92c313.sys

0e9d0363.sys

0ee603ac.sys

0f8bc40c.sys

107fc500.sys

10e905af.sys

1135fdf1.sys

11400606.sys

1162c5e3.sys

11ae0674.sys

11b9067f.sys

1259ff16.sys

12be8f04.sys

12d0c751.sys

12e5c766.sys

1307c788.sys

1381c802.sys

13af8ff5.sys

13dd009b.sys

147e013b.sys

14da8917.sys

153109f7.sys

15bb0a81.sys

15deca5f.sys

15e0029d.sys

16600b26.sys

166e0b34.sys

168192c7.sys

17130bd9.sys

18cb0d91.sys

18cc058a.sys

18e505a3.sys

18e5cd66.sys

1924cda5.sys

19310df8.sys

198d0e53.sys

1adacf5c.sys

1b3acfbb.sys

1bd2d053.sys

1c05d086.sys

1c3208f0.sys

1c8cd10d.sys

1c9c98e2.sys

1cf011b6.sys

1d24d1a5.sys

1d56121c.sys

1dc7128d.sys

1e3412fa.sys

1f04d385.sys

1f959bdb.sys

1fcad44b.sys

21060dc4.sys

22130ed1.sys

224a0f08.sys

256fd9f0.sys

2667dae9.sys

27b41471.sys

27c6dc48.sys

27d6dc58.sys

289bdd1c.sys

290edd8f.sys

2958ddd9.sys

296f162c.sys

2a6ca6b1.sys

2c19a85f.sys

2c3720fd.sys

2d622228.sys

2d68e1e9.sys

2d8fe210.sys

2e902356.sys

2f21a35e.sys

2fc0a3fd.sys

30ade52e.sys

31136d15.sys

312525eb.sys

317b1e39.sys

31b1e633.sys

32261ee3.sys

32826e84.sys

3285e706.sys

33081fc5.sys

3316e797.sys

33862044.sys

341ce89d.sys

343be8bc.sys

34d22998.sys

36472305.sys

368a2b50.sys

37d8ec59.sys

381feca1.sys

392cedad.sys

3a217623.sys

3a8d2f53.sys

3abcef3d.sys

3ae5b72b.sys

3ba9f02a.sys

3c54311a.sys

3cc0f141.sys

3d3ef1c0.sys

3d43b181.sys

3e03f284.sys

3e22f2a3.sys

3e85f306.sys

3f2ff3b0.sys

3fac3472.sys

3feaf46b.sys

3ff834be.sys

4147f5c8.sys

420e36d4.sys

42172ed5.sys

43b9387f.sys

43c7388d.sys

4408800a.sys

4464f8e5.sys

458dfa0e.sys

463632f4.sys

467c827e.sys

46c53383.sys

46e5fb66.sys

47a3fc25.sys

482d3cf3.sys

4874fcf5.sys

48b5fd36.sys

48f33db9.sys

4b3b4001.sys

4c2a38e7.sys

4d140197.sys

4d8b4251.sys

4da43a62.sys

4df20274.sys

4f2203a4.sys

50588c5a.sys

513705b9.sys

525a4720.sys

530f3fcd.sys

542a40e8.sys

542b08ad.sys

54d60958.sys

56620ae4.sys

568b0b0d.sys

56fe43bb.sys

578a0c0c.sys

57b90c3b.sys

58484d0e.sys

588b4548.sys

58d74d9d.sys

596fd5b5.sys

5a780efa.sys

5a9fcedc.sys

5bf748b5.sys

5c4f490d.sys

5caa5170.sys

5ce01163.sys

5d57521d.sys

5de7d224.sys

5e111293.sys

5e6c12ee.sys

5e95dadb.sys

5eeb4ba8.sys

5f1153d7.sys

5f3113b3.sys

5fb34c71.sys

607614f8.sys

60961518.sys

60e74da4.sys

61a34e61.sys

6304d741.sys

63f058b6.sys

64031885.sys

643418b6.sys

646118e3.sys

652351e1.sys

65e852a6.sys

66041a86.sys

662ea230.sys

66d81b5a.sys

66dd1b5f.sys

67cd1c4f.sys

67d61c59.sys

68cc1d4e.sys

68e1e526.sys

69525e18.sys

6a181e9a.sys

6a53de90.sys

6ac25780.sys

6b06e74b.sys

6b806046.sys

6b85dfc2.sys

6c4d590a.sys

6c5c591a.sys

6dd8629e.sys

6e4622c8.sys

6e4c6312.sys

6f1f5bdc.sys

6f2163e7.sys

6f4123c4.sys

703664fc.sys

7166752c.sys

717ee5bb.sys

728beed0.sys

72fa277c.sys

74c9698f.sys

74d16997.sys

74f269b8.sys

75ff6ac5.sys

773f63fc.sys

79b92e3b.sys

79cdf613.sys

7aa72f29.sys

7ae5ef23.sys

7b266fec.sys

7bbb303d.sys

7bc43046.sys

7ca36960.sys

7d4c6a09.sys

7ddd6a9a.sys

7e637329.sys

7ea4736a.sys

7ecd6b8a.sys

7edc6b9a.sys

7fdc74a2.sys

819b7661.sys

81c8364a.sys

823c36be.sys

8289370c.sys

83133795.sys

840470c1.sys

841278d8.sys

8424f862.sys

843438b6.sys

84913913.sys

84b5f8f3.sys

855839da.sys

85ce0215.sys

864e3ad1.sys

87933c15.sys

87e3fc20.sys

8807fc44.sys

88be3d40.sys

89713df3.sys

89b77674.sys

8a5f3ee1.sys

8ba04022.sys

8bd44056.sys

8c064088.sys

8c9b00d9.sys

8d2a81f1.sys

8e7b42fd.sys

8f4c0b93.sys

8fd04452.sys

8fd74459.sys

90964518.sys

90c24544.sys

91104592.sys

91117dce.sys

92160e5d.sys

927446f6.sys

935b65de.sys

93c64848.sys

947048f2.sys

94878144.sys

95768234.sys

96298aef.sys

96584adb.sys

971a83d8.sys

98021449.sys

985e4ce0.sys

98824d04.sys

988d8d53.sys

990d4d8f.sys

99e34e65.sys

9ade879c.sys

9ae98faf.sys

9bb15033.sys

9c1690dc.sys

9c21105f.sys

9c3790fd.sys

9c4f50d1.sys

9e6352e5.sys

9e85934b.sys

9e8d12cc.sys

9f1993df.sys

a00c144a.sys

a0f81d3f.sys

a1538e10.sys

a1fc96c2.sys

a24d1e94.sys

a32b97f1.sys

a3301f77.sys

a3b79075.sys

a3c8988e.sys

a40498ca.sys

a4221860.sys

a48c914a.sys

a4b8997f.sys

a54a9a10.sys

a5719a37.sys

a5b85a3a.sys

a6415ac3.sys

aa3096ee.sys

aa3f1e7d.sys

aa615ee3.sys

ab0d97cb.sys

ab25276c.sys

ab959853.sys

acbaa180.sys

ad5461d6.sys

ae19629b.sys

aeff6381.sys

aeff9bbd.sys

af44a40a.sys

af5863da.sys

b14a65cc.sys

b1869e44.sys

b1b26634.sys

b2b326f2.sys

b3fca8c2.sys

b407a8cd.sys

b45c68df.sys

b47268f4.sys

b52ea9f4.sys

b536a9fc.sys

b56b69ed.sys

b5c26a44.sys

b5d1a28f.sys

b5e66a69.sys

b754339b.sys

b76e33b4.sys

b818a4d6.sys

b8482c86.sys

b8b26d34.sys

ba08f60a.sys

ba52af18.sys

ba94a752.sys

bc117093.sys

bc53b119.sys

bc5fb125.sys

bc7f30bd.sys

be01aabf.sys

bf2a73ac.sys

c00eb4d5.sys

c01aacd7.sys

c06eb534.sys

c230366e.sys

c26976eb.sys

c26fb735.sys

c34d77cf.sys

c4037885.sys

c43e78c0.sys

c470b12d.sys

c47f38be.sys

c4967918.sys

c698bb5e.sys

c6f77b79.sys

c8707cf2.sys

c8d67d58.sys

c918455f.sys

c9d9be9f.sys

c9ecbeb2.sys

cac9b786.sys

cb03bfc9.sys

ccc4c18a.sys

cd5cc222.sys

ce3282b4.sys

ced8bb96.sys

cf6683e8.sys

cfde441c.sys

d02084a2.sys

d15885da.sys

d17485f6.sys

d2abbf69.sys

d2b5bf73.sys

d3858807.sys

d555ca1b.sys

d5a0c25d.sys

d68acb50.sys

d81f5466.sys

d9778dfa.sys

d99cce62.sys

db384f76.sys

db684fa6.sys

dcc9c986.sys

dd31c9ef.sys

de202923.sys

de2ad2f0.sys

de6bd331.sys

df2cd3f2.sys

e01ad4e0.sys

e170ce2e.sys

e272cf30.sys

e37a97fc.sys

e4d09952.sys

e563da29.sys

e6639ae5.sys

e669db2f.sys

e7339bb5.sys

e746d404.sys

e759dc1f.sys

e7abdc71.sys

e8cc9d4e.sys

e9819e03.sys

eaf3d7b0.sys

eb0e9f90.sys

eb1d9fa0.sys

eb815fbf.sys

ebd9e09f.sys

ec4ba0cd.sys

eca2e168.sys

ed64a1e6.sys

eeeea370.sys

ef82ef07.sys

efc3e489.sys

f011a493.sys

f056a4d8.sys

f27ddf3b.sys

f2d1df8f.sys

f3c6e083.sys

f425e0e2.sys

f44ae108.sys

f54bea11.sys

f689eb4f.sys

f71febe5.sys

f74cabce.sys

f7b8ac3b.sys

f7f0ecb6.sys

f8b36cf1.sys

fa006e3f.sys

fa29aeab.sys

fa72aef4.sys

fa84af06.sys

fa95af17.sys

fad3af55.sys

fb29efef.sys

fbc47002.sys

fc8de94a.sys

fd8af250.sys

fdbdb23f.sys

fe097248.sys

fe8eb310.sys

ff3debfb.sys

ffa573e3.sys

DDS::

uLocal Page = \blank.htm

mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html

uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com

IE: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm078LUUS

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5bf894e9-285f-4b64-ae49-08d3b5b39c75}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"rameyarure"=-

"CPMc30faf3c"=-

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000000

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScript.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

Link to post
Share on other sites

I followed your instructions and here is the comofix log. My PC is running faster and the popups seem to have stopped so I think we're making progress. Thanks so much for the help!

ComboFix 09-08-10.06 - Kevin 08/17/2009 18:25.3.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.208 [GMT -4:00]

Running from: c:\documents and settings\Kevin\Desktop\Combo-Fix1.exe

Command switches used :: c:\documents and settings\Kevin\Desktop\CFScript.txt

* Created a new restore point

FILE ::

"c:\windows\system32\butugagu.dll"

"c:\windows\SYSTEM32\difebebu.dll"

"c:\windows\system32\drivers\AssetCache.sys"

"c:\windows\system32\drivers\DA39A3EE5E6B4B0D3255BFEF956018.sys"

"c:\windows\system32\drivers\log.ini.sys"

"c:\windows\system32\drivers\Microsoft.sys"

"c:\windows\system32\drivers\MYWEBS.sys"

"c:\windows\system32\drivers\runnin.sys"

"c:\windows\system32\lagoguze.dll"

"c:\windows\system32\muhodogu.dll"

"c:\windows\system32\rotawugo.dll"

"c:\windows\SYSTEM32\sivotumo.dll"

"c:\windows\system32\yepogofa.dll"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\butugagu.dll

c:\windows\system32\drivers\AssetCache.sys

c:\windows\system32\drivers\DA39A3EE5E6B4B0D3255BFEF956018.sys

c:\windows\system32\drivers\log.ini.sys

c:\windows\system32\drivers\Microsoft.sys

c:\windows\system32\drivers\MYWEBS.sys

c:\windows\system32\drivers\runnin.sys

c:\windows\system32\fomekinu.dll

c:\windows\system32\lagoguze.dll

c:\windows\system32\mosoraza.dll

c:\windows\system32\muhodogu.dll

c:\windows\system32\rotawugo.dll

c:\windows\system32\yepogofa.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_0106edc3.sys

-------\Service_01a7b628.sys

-------\Service_01ddf6a2.sys

-------\Service_047db8fe.sys

-------\Service_0505f9ca.sys

-------\Service_05e17a1e.sys

-------\Service_0677fb3c.sys

-------\Service_06e5f3a2.sys

-------\Service_06fdbb7e.sys

-------\Service_076dbbee.sys

-------\Service_079183d7.sys

-------\Service_089fbd21.sys

-------\Service_08e8f5a5.sys

-------\Service_090cbd8d.sys

-------\Service_0918fddd.sys

-------\Service_092c7d69.sys

-------\Service_0a39f6f6.sys

-------\Service_0adfffa4.sys

-------\Service_0b99f856.sys

-------\Service_0c83c105.sys

-------\Service_0c96c118.sys

-------\Service_0ca4c125.sys

-------\Service_0ddcc25d.sys

-------\Service_0e51c2d3.sys

-------\Service_0e92c313.sys

-------\Service_0e9d0363.sys

-------\Service_0ee603ac.sys

-------\Service_0f8bc40c.sys

-------\Service_107fc500.sys

-------\Service_10e905af.sys

-------\Service_1135fdf1.sys

-------\Service_11400606.sys

-------\Service_1162c5e3.sys

-------\Service_11ae0674.sys

-------\Service_11b9067f.sys

-------\Service_1259ff16.sys

-------\Service_12be8f04.sys

-------\Service_12d0c751.sys

-------\Service_12e5c766.sys

-------\Service_1307c788.sys

-------\Service_1381c802.sys

-------\Service_13af8ff5.sys

-------\Service_13dd009b.sys

-------\Service_147e013b.sys

-------\Service_14da8917.sys

-------\Service_153109f7.sys

-------\Service_15bb0a81.sys

-------\Service_15deca5f.sys

-------\Service_15e0029d.sys

-------\Service_16600b26.sys

-------\Service_166e0b34.sys

-------\Service_168192c7.sys

-------\Service_17130bd9.sys

-------\Service_18cb0d91.sys

-------\Service_18cc058a.sys

-------\Service_18e505a3.sys

-------\Service_18e5cd66.sys

-------\Service_1924cda5.sys

-------\Service_19310df8.sys

-------\Service_198d0e53.sys

-------\Service_1adacf5c.sys

-------\Service_1b3acfbb.sys

-------\Service_1bd2d053.sys

-------\Service_1c05d086.sys

-------\Service_1c3208f0.sys

-------\Service_1c8cd10d.sys

-------\Service_1c9c98e2.sys

-------\Service_1cf011b6.sys

-------\Service_1d24d1a5.sys

-------\Service_1d56121c.sys

-------\Service_1dc7128d.sys

-------\Service_1e3412fa.sys

-------\Service_1f04d385.sys

-------\Service_1f959bdb.sys

-------\Service_1fcad44b.sys

-------\Service_21060dc4.sys

-------\Service_22130ed1.sys

-------\Service_224a0f08.sys

-------\Service_256fd9f0.sys

-------\Service_2667dae9.sys

-------\Service_27b41471.sys

-------\Service_27c6dc48.sys

-------\Service_27d6dc58.sys

-------\Service_289bdd1c.sys

-------\Service_290edd8f.sys

-------\Service_2958ddd9.sys

-------\Service_296f162c.sys

-------\Service_2a6ca6b1.sys

-------\Service_2c19a85f.sys

-------\Service_2c3720fd.sys

-------\Service_2d622228.sys

-------\Service_2d68e1e9.sys

-------\Service_2d8fe210.sys

-------\Service_2e902356.sys

-------\Service_2f21a35e.sys

-------\Service_2fc0a3fd.sys

-------\Service_30ade52e.sys

-------\Service_31136d15.sys

-------\Service_312525eb.sys

-------\Service_317b1e39.sys

-------\Service_31b1e633.sys

-------\Service_32261ee3.sys

-------\Service_32826e84.sys

-------\Service_3285e706.sys

-------\Service_33081fc5.sys

-------\Service_3316e797.sys

-------\Service_33862044.sys

-------\Service_341ce89d.sys

-------\Service_343be8bc.sys

-------\Service_34d22998.sys

-------\Service_36472305.sys

-------\Service_368a2b50.sys

-------\Service_37d8ec59.sys

-------\Service_381feca1.sys

-------\Service_392cedad.sys

-------\Service_3a217623.sys

-------\Service_3a8d2f53.sys

-------\Service_3abcef3d.sys

-------\Service_3ae5b72b.sys

-------\Service_3ba9f02a.sys

-------\Service_3c54311a.sys

-------\Service_3cc0f141.sys

-------\Service_3d3ef1c0.sys

-------\Service_3d43b181.sys

-------\Service_3e03f284.sys

-------\Service_3e22f2a3.sys

-------\Service_3e85f306.sys

-------\Service_3f2ff3b0.sys

-------\Service_3fac3472.sys

-------\Service_3feaf46b.sys

-------\Service_3ff834be.sys

-------\Service_4147f5c8.sys

-------\Service_420e36d4.sys

-------\Service_42172ed5.sys

-------\Service_43b9387f.sys

-------\Service_43c7388d.sys

-------\Service_4408800a.sys

-------\Service_4464f8e5.sys

-------\Service_458dfa0e.sys

-------\Service_463632f4.sys

-------\Service_467c827e.sys

-------\Service_46c53383.sys

-------\Service_46e5fb66.sys

-------\Service_47a3fc25.sys

-------\Service_482d3cf3.sys

-------\Service_4874fcf5.sys

-------\Service_48b5fd36.sys

-------\Service_48f33db9.sys

-------\Service_4b3b4001.sys

-------\Service_4c2a38e7.sys

-------\Service_4d140197.sys

-------\Service_4d8b4251.sys

-------\Service_4da43a62.sys

-------\Service_4df20274.sys

-------\Service_4f2203a4.sys

-------\Service_50588c5a.sys

-------\Service_513705b9.sys

-------\Service_525a4720.sys

-------\Service_530f3fcd.sys

-------\Service_542a40e8.sys

-------\Service_542b08ad.sys

-------\Service_54d60958.sys

-------\Service_56620ae4.sys

-------\Service_568b0b0d.sys

-------\Service_56fe43bb.sys

-------\Service_578a0c0c.sys

-------\Service_57b90c3b.sys

-------\Service_58484d0e.sys

-------\Service_588b4548.sys

-------\Service_58d74d9d.sys

-------\Service_596fd5b5.sys

-------\Service_5a780efa.sys

-------\Service_5a9fcedc.sys

-------\Service_5bf748b5.sys

-------\Service_5c4f490d.sys

-------\Service_5caa5170.sys

-------\Service_5ce01163.sys

-------\Service_5d57521d.sys

-------\Service_5de7d224.sys

-------\Service_5e111293.sys

-------\Service_5e6c12ee.sys

-------\Service_5e95dadb.sys

-------\Service_5eeb4ba8.sys

-------\Service_5f1153d7.sys

-------\Service_5f3113b3.sys

-------\Service_5fb34c71.sys

-------\Service_607614f8.sys

-------\Service_60961518.sys

-------\Service_60e74da4.sys

-------\Service_61a34e61.sys

-------\Service_6304d741.sys

-------\Service_63f058b6.sys

-------\Service_64031885.sys

-------\Service_643418b6.sys

-------\Service_646118e3.sys

-------\Service_652351e1.sys

-------\Service_65e852a6.sys

-------\Service_66041a86.sys

-------\Service_662ea230.sys

-------\Service_66d81b5a.sys

-------\Service_66dd1b5f.sys

-------\Service_67cd1c4f.sys

-------\Service_67d61c59.sys

-------\Service_68cc1d4e.sys

-------\Service_68e1e526.sys

-------\Service_69525e18.sys

-------\Service_6a181e9a.sys

-------\Service_6a53de90.sys

-------\Service_6ac25780.sys

-------\Service_6b06e74b.sys

-------\Service_6b806046.sys

-------\Service_6b85dfc2.sys

-------\Service_6c4d590a.sys

-------\Service_6c5c591a.sys

-------\Service_6dd8629e.sys

-------\Service_6e4622c8.sys

-------\Service_6e4c6312.sys

-------\Service_6f1f5bdc.sys

-------\Service_6f2163e7.sys

-------\Service_6f4123c4.sys

-------\Service_703664fc.sys

-------\Service_7166752c.sys

-------\Service_717ee5bb.sys

-------\Service_728beed0.sys

-------\Service_72fa277c.sys

-------\Service_74c9698f.sys

-------\Service_74d16997.sys

-------\Service_74f269b8.sys

-------\Service_75ff6ac5.sys

-------\Service_773f63fc.sys

-------\Service_79b92e3b.sys

-------\Service_79cdf613.sys

-------\Service_7aa72f29.sys

-------\Service_7ae5ef23.sys

-------\Service_7b266fec.sys

-------\Service_7bbb303d.sys

-------\Service_7bc43046.sys

-------\Service_7ca36960.sys

-------\Service_7d4c6a09.sys

-------\Service_7ddd6a9a.sys

-------\Service_7e637329.sys

-------\Service_7ea4736a.sys

-------\Service_7ecd6b8a.sys

-------\Service_7edc6b9a.sys

-------\Service_7fdc74a2.sys

-------\Service_819b7661.sys

-------\Service_81c8364a.sys

-------\Service_823c36be.sys

-------\Service_8289370c.sys

-------\Service_83133795.sys

-------\Service_840470c1.sys

-------\Service_841278d8.sys

-------\Service_8424f862.sys

-------\Service_843438b6.sys

-------\Service_84913913.sys

-------\Service_84b5f8f3.sys

-------\Service_855839da.sys

-------\Service_85ce0215.sys

-------\Service_864e3ad1.sys

-------\Service_87933c15.sys

-------\Service_87e3fc20.sys

-------\Service_8807fc44.sys

-------\Service_88be3d40.sys

-------\Service_89713df3.sys

-------\Service_89b77674.sys

-------\Service_8a5f3ee1.sys

-------\Service_8ba04022.sys

-------\Service_8bd44056.sys

-------\Service_8c064088.sys

-------\Service_8c9b00d9.sys

-------\Service_8d2a81f1.sys

-------\Service_8e7b42fd.sys

-------\Service_8f4c0b93.sys

-------\Service_8fd04452.sys

-------\Service_8fd74459.sys

-------\Service_90964518.sys

-------\Service_90c24544.sys

-------\Service_91104592.sys

-------\Service_91117dce.sys

-------\Service_92160e5d.sys

-------\Service_927446f6.sys

-------\Service_935b65de.sys

-------\Service_93c64848.sys

-------\Service_947048f2.sys

-------\Service_94878144.sys

-------\Service_95768234.sys

-------\Service_96298aef.sys

-------\Service_96584adb.sys

-------\Service_971a83d8.sys

-------\Service_98021449.sys

-------\Service_985e4ce0.sys

-------\Service_98824d04.sys

-------\Service_988d8d53.sys

-------\Service_990d4d8f.sys

-------\Service_99e34e65.sys

-------\Service_9ade879c.sys

-------\Service_9ae98faf.sys

-------\Service_9bb15033.sys

-------\Service_9c1690dc.sys

-------\Service_9c21105f.sys

-------\Service_9c3790fd.sys

-------\Service_9c4f50d1.sys

-------\Service_9e6352e5.sys

-------\Service_9e85934b.sys

-------\Service_9e8d12cc.sys

-------\Service_9f1993df.sys

-------\Service_a00c144a.sys

-------\Service_a0f81d3f.sys

-------\Service_a1538e10.sys

-------\Service_a1fc96c2.sys

-------\Service_a24d1e94.sys

-------\Service_a32b97f1.sys

-------\Service_a3301f77.sys

-------\Service_a3b79075.sys

-------\Service_a3c8988e.sys

-------\Service_a40498ca.sys

-------\Service_a4221860.sys

-------\Service_a48c914a.sys

-------\Service_a4b8997f.sys

-------\Service_a54a9a10.sys

-------\Service_a5719a37.sys

-------\Service_a5b85a3a.sys

-------\Service_a6415ac3.sys

-------\Service_aa3096ee.sys

-------\Service_aa3f1e7d.sys

-------\Service_aa615ee3.sys

-------\Service_ab0d97cb.sys

-------\Service_ab25276c.sys

-------\Service_ab959853.sys

-------\Service_acbaa180.sys

-------\Service_ad5461d6.sys

-------\Service_ae19629b.sys

-------\Service_aeff6381.sys

-------\Service_aeff9bbd.sys

-------\Service_af44a40a.sys

-------\Service_af5863da.sys

-------\Service_b14a65cc.sys

-------\Service_b1869e44.sys

-------\Service_b1b26634.sys

-------\Service_b2b326f2.sys

-------\Service_b3fca8c2.sys

-------\Service_b407a8cd.sys

-------\Service_b45c68df.sys

-------\Service_b47268f4.sys

-------\Service_b52ea9f4.sys

-------\Service_b536a9fc.sys

-------\Service_b56b69ed.sys

-------\Service_b5c26a44.sys

-------\Service_b5d1a28f.sys

-------\Service_b5e66a69.sys

-------\Service_b754339b.sys

-------\Service_b76e33b4.sys

-------\Service_b818a4d6.sys

-------\Service_b8482c86.sys

-------\Service_b8b26d34.sys

-------\Service_ba08f60a.sys

-------\Service_ba52af18.sys

-------\Service_ba94a752.sys

-------\Service_bc117093.sys

-------\Service_bc53b119.sys

-------\Service_bc5fb125.sys

-------\Service_bc7f30bd.sys

-------\Service_be01aabf.sys

-------\Service_bf2a73ac.sys

-------\Service_c00eb4d5.sys

-------\Service_c01aacd7.sys

-------\Service_c06eb534.sys

-------\Service_c230366e.sys

-------\Service_c26976eb.sys

-------\Service_c26fb735.sys

-------\Service_c34d77cf.sys

-------\Service_c4037885.sys

-------\Service_c43e78c0.sys

-------\Service_c470b12d.sys

-------\Service_c47f38be.sys

-------\Service_c4967918.sys

-------\Service_c698bb5e.sys

-------\Service_c6f77b79.sys

-------\Service_c8707cf2.sys

-------\Service_c8d67d58.sys

-------\Service_c918455f.sys

-------\Service_c9d9be9f.sys

-------\Service_c9ecbeb2.sys

-------\Service_cac9b786.sys

-------\Service_cb03bfc9.sys

-------\Service_ccc4c18a.sys

-------\Service_cd5cc222.sys

-------\Service_ce3282b4.sys

-------\Service_ced8bb96.sys

-------\Service_cf6683e8.sys

-------\Service_cfde441c.sys

-------\Service_d02084a2.sys

-------\Service_d15885da.sys

-------\Service_d17485f6.sys

-------\Service_d2abbf69.sys

-------\Service_d2b5bf73.sys

-------\Service_d3858807.sys

-------\Service_d555ca1b.sys

-------\Service_d5a0c25d.sys

-------\Service_d68acb50.sys

-------\Service_d81f5466.sys

-------\Service_d9778dfa.sys

-------\Service_d99cce62.sys

-------\Service_db384f76.sys

-------\Service_db684fa6.sys

-------\Service_dcc9c986.sys

-------\Service_dd31c9ef.sys

-------\Service_de202923.sys

-------\Service_de2ad2f0.sys

-------\Service_de6bd331.sys

-------\Service_df2cd3f2.sys

-------\Service_e01ad4e0.sys

-------\Service_e170ce2e.sys

-------\Service_e272cf30.sys

-------\Service_e37a97fc.sys

-------\Service_e4d09952.sys

-------\Service_e563da29.sys

-------\Service_e6639ae5.sys

-------\Service_e669db2f.sys

-------\Service_e7339bb5.sys

-------\Service_e746d404.sys

-------\Service_e759dc1f.sys

-------\Service_e7abdc71.sys

-------\Service_e8cc9d4e.sys

-------\Service_e9819e03.sys

-------\Service_eaf3d7b0.sys

-------\Service_eb0e9f90.sys

-------\Service_eb1d9fa0.sys

-------\Service_eb815fbf.sys

-------\Service_ebd9e09f.sys

-------\Service_ec4ba0cd.sys

-------\Service_eca2e168.sys

-------\Service_ed64a1e6.sys

-------\Service_eeeea370.sys

-------\Service_ef82ef07.sys

-------\Service_efc3e489.sys

-------\Service_f011a493.sys

-------\Service_f056a4d8.sys

-------\Service_f27ddf3b.sys

-------\Service_f2d1df8f.sys

-------\Service_f3c6e083.sys

-------\Service_f425e0e2.sys

-------\Service_f44ae108.sys

-------\Service_f54bea11.sys

-------\Service_f689eb4f.sys

-------\Service_f71febe5.sys

-------\Service_f74cabce.sys

-------\Service_f7b8ac3b.sys

-------\Service_f7f0ecb6.sys

-------\Service_f8b36cf1.sys

-------\Service_fa006e3f.sys

-------\Service_fa29aeab.sys

-------\Service_fa72aef4.sys

-------\Service_fa84af06.sys

-------\Service_fa95af17.sys

-------\Service_fad3af55.sys

-------\Service_fb29efef.sys

-------\Service_fbc47002.sys

-------\Service_fc8de94a.sys

-------\Service_fd8af250.sys

-------\Service_fdbdb23f.sys

-------\Service_fe097248.sys

-------\Service_fe8eb310.sys

-------\Service_ff3debfb.sys

-------\Service_ffa573e3.sys

((((((((((((((((((((((((( Files Created from 2009-07-17 to 2009-08-17 )))))))))))))))))))))))))))))))

.

2009-08-13 00:05 . 2009-08-13 00:04 3124187 ----a-r- c:\temp\Combo-Fix.exe

2009-08-12 23:48 . 2009-08-12 23:52 -------- d-s---w- C:\Combo-Fix

2009-08-11 22:11 . 2009-08-11 22:11 -------- d-----w- c:\program files\Trend Micro

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\documents and settings\Kevin\Application Data\Malwarebytes

2009-08-10 21:23 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-10 21:23 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-09 20:16 . 2009-08-09 20:22 -------- d-----w- c:\program files\Windows Live Safety Center

2009-08-09 13:48 . 2009-08-09 13:48 174048 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\windows\system32\XPSViewer

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\program files\MSBuild

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\program files\Reference Assemblies

2009-08-09 13:44 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-08-09 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-08-09 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-08-09 13:44 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-08-09 13:44 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-08-09 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-08-09 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll

2009-08-09 13:44 . 2009-08-09 13:46 -------- d-----w- C:\ebae09d0825d365a1a945158

2009-08-09 03:18 . 2009-08-09 03:18 -------- d-sh--w- c:\documents and settings\Kevin\IECompatCache

2009-08-08 22:03 . 2009-08-08 22:13 -------- d-----w- c:\program files\Common Files\PC Tools

2009-08-08 15:06 . 2009-08-08 15:28 78336 --sha-w- c:\windows\system32\swupdate.dll

2009-07-29 05:05 . 2009-07-03 17:09 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll

2009-07-29 05:05 . 2009-07-03 17:09 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-17 22:12 . 2009-05-17 22:12 49664 --sha-w- c:\windows\system32\sowemame.dll

2009-08-17 22:12 . 2009-05-17 22:12 83968 --sha-w- c:\windows\system32\vuwupajo.dll

2009-08-16 17:45 . 2005-07-21 23:14 -------- d-----w- c:\program files\Dl_cats

2009-08-13 23:21 . 2005-07-19 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint

2009-08-09 13:30 . 2005-07-22 00:53 79984 ----a-w- c:\documents and settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-08-08 22:20 . 2008-02-08 01:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-07-10 14:57 . 2008-02-07 01:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2009-07-10 14:05 . 2009-03-13 21:48 -------- d-----w- c:\program files\McAfee

2009-07-03 17:09 . 2004-08-10 10:00 915456 ----a-w- c:\windows\system32\wininet.dll

2009-06-24 01:47 . 2006-09-10 14:36 -------- d-----w- c:\documents and settings\Erin\Application Data\Yahoo!

2009-06-22 23:57 . 2006-08-22 02:40 -------- d-----w- c:\documents and settings\Sherry\Application Data\Apple Computer

2009-06-16 14:36 . 2004-08-10 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:36 . 2004-08-10 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-03 19:09 . 2004-08-10 10:00 1291264 ----a-w- c:\windows\system32\quartz.dll

2009-05-27 19:41 . 2005-07-22 15:10 79984 ----a-w- c:\documents and settings\Sherry\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-22 20:04 . 2006-11-02 23:28 1328 ----a-w- c:\documents and settings\Erin\Application Data\wklnhst.dat

2009-05-22 19:30 . 2006-11-02 23:24 79984 ----a-w- c:\documents and settings\Erin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2002-07-31 23:55 . 2007-03-26 01:57 321 --sh--w- c:\windows\WSYS049.SYS

2009-05-12 17:40 . 2009-05-12 17:40 50176 --sha-w- c:\windows\SYSTEM32\difebebu.dll.tmp

2009-05-17 22:12 . 2009-05-17 22:12 49664 --sha-w- c:\windows\SYSTEM32\makezimu.dll

2009-05-12 17:40 . 2009-05-12 17:40 50176 --sha-w- c:\windows\SYSTEM32\sivotumo.dll.tmp

2009-05-17 22:12 . 2009-05-17 22:12 49664 --sha-w- c:\windows\SYSTEM32\wehokepu.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-08-13_00.35.49 )))))))))))))))))))))))))))))))))))))))))

.

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 8192 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat

- 2009-08-13 00:29 . 2009-08-13 00:29 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat

- 2009-08-13 00:29 . 2009-08-13 00:29 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 241664 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT

- 2009-08-13 00:29 . 2009-08-13 00:29 241664 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT

+ 2009-08-17 22:37 . 2009-08-17 22:37 241664 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT

- 2009-08-13 00:29 . 2009-08-13 00:29 241664 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT

+ 2009-08-17 22:37 . 2009-08-17 22:37 3993600 c:\windows\ERDNT\subs\Users\00000005\ntuser.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\ypager.exe" [2005-08-15 3092480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-10 69632]

"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]

"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]

"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]

"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-11-11 290816]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-30 339968]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]

"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]

"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\STSYSTRA.EXE [2005-03-22 339968]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe"=

S2 0207141250448231mcinstcleanup;McAfee Application Installer Cleanup (0207141250448231);c:\docume~1\Kevin\LOCALS~1\Temp\020714~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\Kevin\LOCALS~1\Temp\020714~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S3 getPlus

Link to post
Share on other sites

  • Staff

Hi,

We'll have to do this one more time to deal with some leftovers...

* Open notepad - don't use any other texteditor than notepad or the script will fail.

Copy/paste the text in the quotebox below into notepad:

File::

c:\windows\system32\sowemame.dll

c:\windows\system32\vuwupajo.dll

c:\windows\SYSTEM32\difebebu.dll.tmp

c:\windows\SYSTEM32\makezimu.dll

c:\windows\SYSTEM32\sivotumo.dll.tmp

c:\windows\SYSTEM32\wehokepu.dll

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScript.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

Link to post
Share on other sites

Here you go. Thanks!

ComboFix 09-08-10.06 - Kevin 08/18/2009 17:08.4.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.239 [GMT -4:00]

Running from: c:\documents and settings\Kevin\Desktop\Combo-Fix1.exe

Command switches used :: c:\documents and settings\Kevin\Desktop\CFScript.txt

FILE ::

"c:\windows\SYSTEM32\difebebu.dll.tmp"

"c:\windows\SYSTEM32\makezimu.dll"

"c:\windows\SYSTEM32\sivotumo.dll.tmp"

"c:\windows\system32\sowemame.dll"

"c:\windows\system32\vuwupajo.dll"

"c:\windows\SYSTEM32\wehokepu.dll"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\SYSTEM32\difebebu.dll.tmp

c:\windows\SYSTEM32\makezimu.dll

c:\windows\SYSTEM32\sivotumo.dll.tmp

c:\windows\system32\sowemame.dll

c:\windows\system32\vuwupajo.dll

c:\windows\SYSTEM32\wehokepu.dll

.

((((((((((((((((((((((((( Files Created from 2009-07-18 to 2009-08-18 )))))))))))))))))))))))))))))))

.

2009-08-13 00:05 . 2009-08-13 00:04 3124187 ----a-r- c:\temp\Combo-Fix.exe

2009-08-12 23:48 . 2009-08-12 23:52 -------- d-s---w- C:\Combo-Fix

2009-08-11 22:11 . 2009-08-11 22:11 -------- d-----w- c:\program files\Trend Micro

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\documents and settings\Kevin\Application Data\Malwarebytes

2009-08-10 21:23 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-08-10 21:23 . 2009-08-10 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-08-10 21:23 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-08-09 20:16 . 2009-08-09 20:22 -------- d-----w- c:\program files\Windows Live Safety Center

2009-08-09 13:48 . 2009-08-09 13:48 174048 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\windows\system32\XPSViewer

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\program files\MSBuild

2009-08-09 13:46 . 2009-08-09 13:46 -------- d-----w- c:\program files\Reference Assemblies

2009-08-09 13:44 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-08-09 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2009-08-09 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll

2009-08-09 13:44 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2009-08-09 13:44 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-08-09 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2009-08-09 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll

2009-08-09 13:44 . 2009-08-09 13:46 -------- d-----w- C:\ebae09d0825d365a1a945158

2009-08-09 03:18 . 2009-08-09 03:18 -------- d-sh--w- c:\documents and settings\Kevin\IECompatCache

2009-08-08 22:03 . 2009-08-08 22:13 -------- d-----w- c:\program files\Common Files\PC Tools

2009-08-08 15:06 . 2009-08-08 15:28 78336 --sha-w- c:\windows\system32\swupdate.dll

2009-07-29 05:05 . 2009-07-03 17:09 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll

2009-07-29 05:05 . 2009-07-03 17:09 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-16 17:45 . 2005-07-21 23:14 -------- d-----w- c:\program files\Dl_cats

2009-08-13 23:21 . 2005-07-19 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint

2009-08-09 13:30 . 2005-07-22 00:53 79984 ----a-w- c:\documents and settings\Kevin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-08-08 22:20 . 2008-02-08 01:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-07-10 14:57 . 2008-02-07 01:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2009-07-10 14:05 . 2009-03-13 21:48 -------- d-----w- c:\program files\McAfee

2009-07-03 17:09 . 2004-08-10 10:00 915456 ----a-w- c:\windows\system32\wininet.dll

2009-06-24 01:47 . 2006-09-10 14:36 -------- d-----w- c:\documents and settings\Erin\Application Data\Yahoo!

2009-06-22 23:57 . 2006-08-22 02:40 -------- d-----w- c:\documents and settings\Sherry\Application Data\Apple Computer

2009-06-16 14:36 . 2004-08-10 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:36 . 2004-08-10 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-03 19:09 . 2004-08-10 10:00 1291264 ----a-w- c:\windows\system32\quartz.dll

2009-05-27 19:41 . 2005-07-22 15:10 79984 ----a-w- c:\documents and settings\Sherry\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-22 20:04 . 2006-11-02 23:28 1328 ----a-w- c:\documents and settings\Erin\Application Data\wklnhst.dat

2009-05-22 19:30 . 2006-11-02 23:24 79984 ----a-w- c:\documents and settings\Erin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2002-07-31 23:55 . 2007-03-26 01:57 321 --sh--w- c:\windows\WSYS049.SYS

.

((((((((((((((((((((((((((((( SnapShot@2009-08-13_00.35.49 )))))))))))))))))))))))))))))))))))))))))

.

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat

- 2005-07-21 23:03 . 2009-08-12 22:02 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat

+ 2005-07-21 23:03 . 2009-08-16 17:42 32768 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 8192 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat

- 2009-08-13 00:29 . 2009-08-13 00:29 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat

- 2009-08-13 00:29 . 2009-08-13 00:29 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat

+ 2009-08-17 22:37 . 2009-08-17 22:37 241664 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT

- 2009-08-13 00:29 . 2009-08-13 00:29 241664 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT

+ 2009-08-17 22:37 . 2009-08-17 22:37 241664 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT

- 2009-08-13 00:29 . 2009-08-13 00:29 241664 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT

+ 2009-08-17 22:37 . 2009-08-17 22:37 3993600 c:\windows\ERDNT\subs\Users\00000005\ntuser.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\ypager.exe" [2005-08-15 3092480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-10 69632]

"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]

"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]

"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]

"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-11-11 290816]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-30 339968]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]

"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]

"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\STSYSTRA.EXE [2005-03-22 339968]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe"=

S2 0207141250448231mcinstcleanup;McAfee Application Installer Cleanup (0207141250448231);c:\docume~1\Kevin\LOCALS~1\Temp\020714~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\Kevin\LOCALS~1\Temp\020714~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S3 getPlus

Link to post
Share on other sites

  • Staff

Hi,

This looks OK again.

* Go to start > run and copy and paste next command in the field:

ComboFix /u

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Let me know in your next reply how things are now.

Link to post
Share on other sites

Hi,

I think we cleaned it up. My PC seems to be running normally again and I haven't seen any pop ups or experienced any other weird internet events. Malwarebytes finds no infected files but still ends with the "runtime 5" error though.

Thank you so much for your help in clearing this up!

Link to post
Share on other sites

  • Staff

Hi,

Please download and run this utility and REBOOT. (very important).

Then redownload the latest version of MBAM from here.

Glad I could help. <_<

Please read my Prevention page with lots of info and tips how to prevent this in the future.

And if you want to improve speed/system performance after malware removal, take a look here.

Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Happy Surfing again!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.