Jump to content

Threats

Hawkflyer

By Hawkflyer
in Resolved Malware Removal Logs

 Share

Recommended Posts

Hawkflyer

Hawkflyer

Posted
Posted

Hi,

Dont know if this is in the right place but everytime i do a scan with Spyhunter it says there are maybe 30 threats that were found.I remove them using Spyhunter then then the next time i do a scan the same threats come up.

Computer is running kind of slow and freezing sometimes plus on my wifes computer account she cant get a homepage up it just says Blank Page???

Sorry if this is in the wrong place.

P.S. i dont know much about computers :)

Link to post
Share on other sites
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Hi and welcome to Malwarebytes.

Where is it finding threats?? Does it produce a log?

Update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post DDS.txt directly into your reply.

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

Hi thanks for your help

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 5199

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

27/11/2010 10:33:24

mbam-log-2010-11-27 (10-33-24).txt

Scan type: Quick scan

Objects scanned: 155257

Time elapsed: 11 minute(s), 4 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

DDS (Ver_10-11-27.01) - NTFSx86

Run by colin at 10:39:41.87 on 27/11/2010

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.500 [GMT 0:00]

============== Running Processes ===============

C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\Program Files\Acer\Acer VCM\RS_Service.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Launch Manager\LManager.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\PLFSetL.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Acer\Acer VCM\AcerVCM.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\WINDOWS\system32\igfxext.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\DOCUME~1\colin\LOCALS~1\Temp\RtkBtMnt.exe

C:\Documents and Settings\colin\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page =

uInternet Connection Wizard,ShellNext = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0909&m=ao531h

BHO: ALOT Toolbar Helper: {14ceeaff-96dd-4101-ae37-d5ecdc23c3f6} - c:\program files\alot\bin\bho\alotBHO.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe

mRun: [LManager] c:\program files\launch manager\LManager.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [PLFSetL] c:\windows\PLFSetL.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [spyHunter Security Suite] c:\program files\enigma software group\spyhunter\SpyHunter4.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.1.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-3-20 90112]

R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-7-16 237568]

R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2010-11-5 327000]

R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2010-1-27 5248]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-29 135664]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-16 30192]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-7-16 162816]

S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]

=============== Created Last 30 ================

2010-11-17 17:01:02 110080 ----a-r- c:\docume~1\colin\applic~1\microsoft\installer\{4e97ae47-1293-4669-bbf3-4bde52501a1a}\IconF7A21AF7.exe

2010-11-17 17:01:02 110080 ----a-r- c:\docume~1\colin\applic~1\microsoft\installer\{4e97ae47-1293-4669-bbf3-4bde52501a1a}\IconD7F16134.exe

2010-11-17 17:01:00 -------- d-----w- C:\sh4ldr

2010-11-17 17:00:28 -------- d-----w- c:\windows\4E97AE4712934669BBF34BDE52501A1A.TMP

2010-11-16 18:43:39 -------- d-----w- c:\docume~1\colin\applic~1\AccurateRip

2010-11-16 18:43:37 6814952 ----a-w- c:\windows\system32\SpoonUninstall.exe

2010-11-16 18:23:43 -------- d-----w- c:\program files\AudioConverter

2010-11-16 18:06:15 -------- d-----w- c:\program files\FLAC to MP3 Converter

2010-11-16 17:28:33 -------- d-----w- c:\docume~1\colin\applic~1\PeaZip

2010-11-16 14:44:57 -------- d-----w- c:\docume~1\colin\applic~1\alot

2010-11-06 11:37:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2010-11-06 11:37:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2010-10-29 21:01:11 -------- d-----w- c:\windows\6239C519FFFD4F0A938A78C6F2FA0BFA.TMP

2010-10-29 21:00:03 -------- d-----w- c:\windows\D005F851ED234778B233A3E32CFD6017.TMP

==================== Find3M ====================

2010-09-18 11:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll

2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll

2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll

2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll

2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll

2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-09-08 10:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 10:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll

2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 10:40:32.79 ===============

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

ComboFix 10-11-26.07 - colin 27/11/2010 11:05:12.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.401 [GMT 0:00]

Running from: c:\documents and settings\colin\Desktop\ComboFix.exe

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\aisling\Application Data\alot

c:\documents and settings\aisling\Application Data\PriceGong

c:\documents and settings\aisling\Application Data\PriceGong\Data\1.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\a.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\b.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\c.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\d.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\e.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\f.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\g.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\h.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\i.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\J.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\k.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\l.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\m.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\n.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\o.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\p.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\q.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\r.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\s.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\t.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\u.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\v.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\w.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\x.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\y.xml

c:\documents and settings\aisling\Application Data\PriceGong\Data\z.xml

c:\documents and settings\colin\Application Data\alot

c:\documents and settings\colin\Application Data\alot\Button_0\Button_0.xml

c:\documents and settings\colin\Application Data\alot\Button_0\Button_0.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_1\Button_1.xml

c:\documents and settings\colin\Application Data\alot\Button_1\Button_1.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_2\Button_2.xml

c:\documents and settings\colin\Application Data\alot\Button_2\Button_2.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_3\Button_3.xml

c:\documents and settings\colin\Application Data\alot\Button_3\Button_3.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_4\Button_4.xml

c:\documents and settings\colin\Application Data\alot\Button_4\Button_4.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_5\Button_5.xml

c:\documents and settings\colin\Application Data\alot\Button_5\Button_5.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_6\Button_6.xml

c:\documents and settings\colin\Application Data\alot\Button_6\Button_6.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_7\Button_7.xml

c:\documents and settings\colin\Application Data\alot\Button_7\Button_7.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_8\Button_8.xml

c:\documents and settings\colin\Application Data\alot\Button_8\Button_8.xml.backup

c:\documents and settings\colin\Application Data\alot\Button_9\Button_9.xml

c:\documents and settings\colin\Application Data\alot\Button_9\Button_9.xml.backup

c:\documents and settings\colin\Application Data\alot\configurator\configurator.xml

c:\documents and settings\colin\Application Data\alot\configurator\configurator.xml.backup

c:\documents and settings\colin\Application Data\alot\contextMenu\contextMenu.xml

c:\documents and settings\colin\Application Data\alot\contextMenu\contextMenu.xml.backup

c:\documents and settings\colin\Application Data\alot\hideToolbarLayout\hideToolbarLayout.xml

c:\documents and settings\colin\Application Data\alot\hideToolbarLayout\hideToolbarLayout.xml.backup

c:\documents and settings\colin\Application Data\alot\postInstallLayout\postInstallLayout.xml

c:\documents and settings\colin\Application Data\alot\postInstallLayout\postInstallLayout.xml.backup

c:\documents and settings\colin\Application Data\alot\products\products.xml

c:\documents and settings\colin\Application Data\alot\products\products.xml.backup

c:\documents and settings\colin\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html

c:\documents and settings\colin\Application Data\alot\Resources\BrowserSearch\images\favicon.ico

c:\documents and settings\colin\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_0\images\alot_logo_button.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_image_search.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_image_search.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_news_search.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_news_search.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_search_button.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_shop_search.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_shop_search.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_videos_search.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_videos_search.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_web_search.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_1\images\alot_web_search.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_2\images\alot_configure.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_2\images\alot_configure.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_3\images\4678_icon.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_3\images\4678_icon.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_4\images\default_2304_default_1379_alot_cas_playgames.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_4\images\default_2304_default_1379_alot_cas_playgames.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_5\images\default_2303_default_1379_alot_cas_playgames.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_5\images\default_2303_default_1379_alot_cas_playgames.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_6\images\default_2305_default_1613_alot_online_games_tetriz.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_6\images\default_2305_default_1613_alot_online_games_tetriz.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_7\images\default_2306_default_2080_frogger_button.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_7\images\default_2306_default_2080_frogger_button.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_8\images\4675_icon.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_8\images\4675_icon.png

c:\documents and settings\colin\Application Data\alot\Resources\Button_9\images\4680_icon.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Button_9\images\4680_icon.png

c:\documents and settings\colin\Application Data\alot\Resources\contextMenu\images\alot_icon.bmp

c:\documents and settings\colin\Application Data\alot\Resources\contextMenu\images\alot_icon.png

c:\documents and settings\colin\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp

c:\documents and settings\colin\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png

c:\documents and settings\colin\Application Data\alot\Resources\Shared\domains.dat

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\alot_brand.png

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\alot_splitter.png

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\discover.png

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\intro_popup.png

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\spinner.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_bottom.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_caption.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_error_close.bmp

c:\documents and settings\colin\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp

c:\documents and settings\colin\Application Data\alot\TimerManager\TimerManager.xml

c:\documents and settings\colin\Application Data\alot\TimerManager\TimerManager.xml.backup

c:\documents and settings\colin\Application Data\alot\toolbar.xml

c:\documents and settings\colin\Application Data\alot\toolbar.xml.backup

c:\documents and settings\colin\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml

c:\documents and settings\colin\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml.backup

c:\documents and settings\colin\Application Data\alot\ToolbarSearch\ToolbarSearch.xml

c:\documents and settings\colin\Application Data\alot\Updater\Updater.xml

c:\documents and settings\colin\Application Data\alot\Updater\Updater.xml.backup

.

((((((((((((((((((((((((( Files Created from 2010-10-27 to 2010-11-27 )))))))))))))))))))))))))))))))

.

2010-11-21 21:25 . 2010-11-21 21:25 -------- d-----w- c:\documents and settings\aisling\Application Data\Malwarebytes

2010-11-17 17:01 . 2010-11-17 17:01 110080 ----a-r- c:\documents and settings\colin\Application Data\Microsoft\Installer\{4E97AE47-1293-4669-BBF3-4BDE52501A1A}\IconF7A21AF7.exe

2010-11-17 17:01 . 2010-11-17 17:01 110080 ----a-r- c:\documents and settings\colin\Application Data\Microsoft\Installer\{4E97AE47-1293-4669-BBF3-4BDE52501A1A}\IconD7F16134.exe

2010-11-17 17:01 . 2010-11-17 17:01 -------- d-----w- C:\sh4ldr

2010-11-17 17:00 . 2010-11-17 17:01 -------- d-----w- c:\windows\4E97AE4712934669BBF34BDE52501A1A.TMP

2010-11-16 18:43 . 2010-11-16 18:43 -------- d-----w- c:\documents and settings\colin\Application Data\AccurateRip

2010-11-16 18:43 . 2010-11-16 18:43 6814952 ----a-w- c:\windows\system32\SpoonUninstall.exe

2010-11-16 18:23 . 2010-11-16 18:23 -------- d-----w- c:\program files\AudioConverter

2010-11-16 18:07 . 2010-11-16 18:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-11-16 18:06 . 2010-11-20 07:24 -------- d-----w- c:\program files\FLAC to MP3 Converter

2010-11-16 17:28 . 2010-11-16 17:35 -------- d-----w- c:\documents and settings\colin\Application Data\PeaZip

2010-11-16 14:45 . 2010-11-20 07:24 -------- d-----w- c:\program files\7-Zip

2010-11-06 11:37 . 2010-11-06 11:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll

2010-11-06 11:37 . 2010-11-06 11:37 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

2010-10-29 21:01 . 2010-10-29 21:01 -------- d-----w- c:\windows\6239C519FFFD4F0A938A78C6F2FA0BFA.TMP

2010-10-29 21:00 . 2010-11-17 17:00 -------- d-----w- c:\windows\D005F851ED234778B233A3E32CFD6017.TMP

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-18 11:23 . 2009-07-16 12:02 974848 ----a-w- c:\windows\system32\mfc42u.dll

2010-09-18 06:53 . 2009-07-16 12:02 974848 ----a-w- c:\windows\system32\mfc42.dll

2010-09-18 06:53 . 2009-07-16 12:02 954368 ----a-w- c:\windows\system32\mfc40.dll

2010-09-18 06:53 . 2009-07-16 12:02 953856 ----a-w- c:\windows\system32\mfc40u.dll

2010-09-10 05:58 . 2009-07-16 12:02 916480 ----a-w- c:\windows\system32\wininet.dll

2010-09-10 05:58 . 2009-07-16 12:02 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-10 05:58 . 2009-07-16 12:02 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-09-08 10:17 . 2010-09-08 10:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 10:17 . 2010-09-08 10:17 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-09-01 11:51 . 2009-07-16 12:02 285824 ----a-w- c:\windows\system32\atmfd.dll

2010-08-31 13:42 . 2009-07-16 12:02 1852800 ----a-w- c:\windows\system32\win32k.sys

2010-07-02 23:08 . 2010-07-02 23:08 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-25 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-02 30192]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1434920]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]

"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]

"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-20 817672]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

"PLFSetL"="c:\windows\PLFSetL.exe" [2008-07-03 94208]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-18 202256]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-09-12 182808]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-7-16 565248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Documents and Settings\\colin\\My Documents\\Downloads\\AudioConverter_Setup.exe"=

R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [16/07/2009 05:07 237568]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [27/01/2010 17:10 5248]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/12/2009 21:49 135664]

S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [20/03/2010 22:49 90112]

S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [05/11/2010 17:53 327000]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [16/07/2009 04:30 30192]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [16/07/2009 04:15 162816]

S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]

.

Contents of the 'Scheduled Tasks' folder

2010-11-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2010-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 21:49]

2010-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 21:49]

2010-11-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3364022493-1685927933-3398289191-1005.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 22:09]

2010-11-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3364022493-1685927933-3398289191-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 22:09]

2010-11-23 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3364022493-1685927933-3398289191-1005.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 22:09]

2010-11-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3364022493-1685927933-3398289191-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 22:09]

2010-11-27 c:\windows\Tasks\User_Feed_Synchronization-{82E2EDD9-0E8F-40A2-A663-29D0B3539DA7}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Supplementary Scan -------

.

uStart Page =

uInternet Connection Wizard,ShellNext = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0909&m=ao531h

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

.

**************************************************************************

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files:

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.

device: opened successfully

user: error reading MBR

Disk trace:

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; }

user != kernel MBR !!!

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(748)

c:\windows\system32\igfxdev.dll

.

Completion time: 2010-11-27 11:13:23

ComboFix-quarantined-files.txt 2010-11-27 11:13

Pre-Run: 130,151,190,528 bytes free

Post-Run: 130,591,395,840 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 9F8168E6B455BC82B2551761DD29A6B6

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

DDS (Ver_10-11-27.01) - NTFSx86

Run by colin at 11:19:58.60 on 27/11/2010

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.483 [GMT 0:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Acer\Acer VCM\RS_Service.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Launch Manager\LManager.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\PLFSetL.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\WINDOWS\system32\igfxext.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\rundll32.exe

C:\Documents and Settings\colin\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page =

uInternet Connection Wizard,ShellNext = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0909&m=ao531h

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe

mRun: [LManager] c:\program files\launch manager\LManager.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [PLFSetL] c:\windows\PLFSetL.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.1.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-7-16 237568]

R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2010-1-27 5248]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-29 135664]

S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-3-20 90112]

S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2010-11-5 327000]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-16 30192]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-7-16 162816]

S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]

=============== Created Last 30 ================

2010-11-27 11:04:18 -------- d-sha-r- C:\cmdcons

2010-11-27 11:02:13 98816 ----a-w- c:\windows\sed.exe

2010-11-27 11:02:13 161792 ----a-w- c:\windows\SWREG.exe

2010-11-27 11:02:04 -------- d-----w- C:\ComboFix

2010-11-17 17:01:02 110080 ----a-r- c:\docume~1\colin\applic~1\microsoft\installer\{4e97ae47-1293-4669-bbf3-4bde52501a1a}\IconF7A21AF7.exe

2010-11-17 17:01:02 110080 ----a-r- c:\docume~1\colin\applic~1\microsoft\installer\{4e97ae47-1293-4669-bbf3-4bde52501a1a}\IconD7F16134.exe

2010-11-17 17:01:00 -------- d-----w- C:\sh4ldr

2010-11-17 17:00:28 -------- d-----w- c:\windows\4E97AE4712934669BBF34BDE52501A1A.TMP

2010-11-16 18:43:39 -------- d-----w- c:\docume~1\colin\applic~1\AccurateRip

2010-11-16 18:43:37 6814952 ----a-w- c:\windows\system32\SpoonUninstall.exe

2010-11-16 18:23:43 -------- d-----w- c:\program files\AudioConverter

2010-11-16 18:06:15 -------- d-----w- c:\program files\FLAC to MP3 Converter

2010-11-16 17:28:33 -------- d-----w- c:\docume~1\colin\applic~1\PeaZip

2010-11-06 11:37:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2010-11-06 11:37:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2010-10-29 21:01:11 -------- d-----w- c:\windows\6239C519FFFD4F0A938A78C6F2FA0BFA.TMP

2010-10-29 21:00:03 -------- d-----w- c:\windows\D005F851ED234778B233A3E32CFD6017.TMP

==================== Find3M ====================

2010-11-08 01:20:24 89088 ----a-w- c:\windows\MBR.exe

2010-09-18 11:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll

2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll

2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll

2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll

2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll

2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-09-08 10:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 10:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll

2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.

device: opened successfully

user: error reading MBR

Disk trace:

called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys

c:\docume~1\colin\locals~1\temp\catchme.sys

c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x8676C288]

3 CLASSPNP[0xF7737FD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\0000008c[0x862008D8]

5 ACPI[0xF762E620] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IAAStorageDevice-0[0x8675A028]

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; }

user != kernel MBR !!!

============= FINISH: 11:20:20.21 ===============

Link to post
Share on other sites
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Hi,

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

2010/11/27 23:50:04.0375 TDSS rootkit removing tool 2.4.9.0 Nov 26 2010 15:38:31

2010/11/27 23:50:04.0375 ================================================================================

2010/11/27 23:50:04.0375 SystemInfo:

2010/11/27 23:50:04.0375

2010/11/27 23:50:04.0375 OS Version: 5.1.2600 ServicePack: 3.0

2010/11/27 23:50:04.0375 Product type: Workstation

2010/11/27 23:50:04.0375 ComputerName: C

2010/11/27 23:50:04.0375 UserName: colin

2010/11/27 23:50:04.0375 Windows directory: C:\WINDOWS

2010/11/27 23:50:04.0375 System windows directory: C:\WINDOWS

2010/11/27 23:50:04.0375 Processor architecture: Intel x86

2010/11/27 23:50:04.0375 Number of processors: 2

2010/11/27 23:50:04.0375 Page size: 0x1000

2010/11/27 23:50:04.0375 Boot type: Normal boot

2010/11/27 23:50:04.0375 ================================================================================

2010/11/27 23:50:05.0000 Initialize success

2010/11/27 23:50:14.0718 ================================================================================

2010/11/27 23:50:14.0718 Scan started

2010/11/27 23:50:14.0718 Mode: Manual;

2010/11/27 23:50:14.0718 ================================================================================

2010/11/27 23:50:15.0718 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2010/11/27 23:50:15.0828 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2010/11/27 23:50:15.0890 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

2010/11/27 23:50:15.0968 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2010/11/27 23:50:16.0062 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2010/11/27 23:50:16.0140 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2010/11/27 23:50:16.0203 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2010/11/27 23:50:16.0265 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2010/11/27 23:50:16.0343 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2010/11/27 23:50:16.0390 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2010/11/27 23:50:16.0453 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2010/11/27 23:50:16.0562 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2010/11/27 23:50:16.0625 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2010/11/27 23:50:16.0671 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2010/11/27 23:50:16.0734 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2010/11/27 23:50:16.0843 AR5416 (74ad200c4e5454a884d7c711b6a906cf) C:\WINDOWS\system32\DRIVERS\athw.sys

2010/11/27 23:50:16.0953 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2010/11/27 23:50:17.0015 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2010/11/27 23:50:17.0078 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2010/11/27 23:50:17.0218 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2010/11/27 23:50:17.0281 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2010/11/27 23:50:17.0406 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2010/11/27 23:50:17.0500 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2010/11/27 23:50:17.0578 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2010/11/27 23:50:17.0796 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2010/11/27 23:50:17.0828 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2010/11/27 23:50:17.0921 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2010/11/27 23:50:17.0953 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2010/11/27 23:50:18.0015 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2010/11/27 23:50:18.0062 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2010/11/27 23:50:18.0109 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2010/11/27 23:50:18.0218 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2010/11/27 23:50:18.0250 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2010/11/27 23:50:18.0296 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2010/11/27 23:50:18.0375 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2010/11/27 23:50:18.0453 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2010/11/27 23:50:18.0484 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2010/11/27 23:50:18.0546 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2010/11/27 23:50:18.0609 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys

2010/11/27 23:50:18.0718 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2010/11/27 23:50:18.0781 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2010/11/27 23:50:18.0828 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2010/11/27 23:50:18.0906 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2010/11/27 23:50:18.0968 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2010/11/27 23:50:19.0015 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2010/11/27 23:50:19.0250 esgiguard (051a2e2a75adb6d1c5c27e940fdabcba) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys

2010/11/27 23:50:19.0343 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2010/11/27 23:50:19.0500 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

2010/11/27 23:50:19.0531 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2010/11/27 23:50:19.0562 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

2010/11/27 23:50:19.0625 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2010/11/27 23:50:19.0687 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2010/11/27 23:50:19.0750 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2010/11/27 23:50:19.0812 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2010/11/27 23:50:19.0906 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2010/11/27 23:50:19.0984 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2010/11/27 23:50:20.0046 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2010/11/27 23:50:20.0109 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2010/11/27 23:50:20.0140 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2010/11/27 23:50:20.0187 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2010/11/27 23:50:20.0406 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2010/11/27 23:50:20.0687 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\drivers\iaStor.sys

2010/11/27 23:50:20.0750 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2010/11/27 23:50:20.0796 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2010/11/27 23:50:21.0015 IntcAzAudAddService (2feb5bf0312e1cb76cd2caa875cbaa5d) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2010/11/27 23:50:21.0171 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

2010/11/27 23:50:21.0203 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2010/11/27 23:50:21.0281 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2010/11/27 23:50:21.0343 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2010/11/27 23:50:21.0390 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2010/11/27 23:50:21.0437 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2010/11/27 23:50:21.0500 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2010/11/27 23:50:21.0546 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2010/11/27 23:50:21.0609 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2010/11/27 23:50:21.0687 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2010/11/27 23:50:21.0734 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2010/11/27 23:50:21.0781 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2010/11/27 23:50:21.0843 L1e (131f87c6dcd9bb7caf31e315a4fbdc8b) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys

2010/11/27 23:50:22.0000 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2010/11/27 23:50:22.0109 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2010/11/27 23:50:22.0171 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2010/11/27 23:50:22.0218 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2010/11/27 23:50:22.0250 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2010/11/27 23:50:22.0312 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2010/11/27 23:50:22.0437 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2010/11/27 23:50:22.0656 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2010/11/27 23:50:22.0750 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2010/11/27 23:50:22.0812 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2010/11/27 23:50:22.0859 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2010/11/27 23:50:22.0921 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2010/11/27 23:50:22.0968 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2010/11/27 23:50:23.0015 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2010/11/27 23:50:23.0062 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2010/11/27 23:50:23.0140 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2010/11/27 23:50:23.0203 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2010/11/27 23:50:23.0250 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2010/11/27 23:50:23.0281 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2010/11/27 23:50:23.0312 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2010/11/27 23:50:23.0343 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

2010/11/27 23:50:23.0375 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2010/11/27 23:50:23.0421 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2010/11/27 23:50:23.0578 nmwcd (357ddb51e03cae598c096d95497373d0) C:\WINDOWS\system32\drivers\ccdcmb.sys

2010/11/27 23:50:23.0609 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\WINDOWS\system32\drivers\ccdcmbo.sys

2010/11/27 23:50:23.0625 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2010/11/27 23:50:23.0718 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2010/11/27 23:50:23.0796 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2010/11/27 23:50:23.0859 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2010/11/27 23:50:23.0921 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2010/11/27 23:50:24.0046 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

2010/11/27 23:50:24.0078 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2010/11/27 23:50:24.0125 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2010/11/27 23:50:24.0187 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

2010/11/27 23:50:24.0218 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2010/11/27 23:50:24.0312 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2010/11/27 23:50:24.0359 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2010/11/27 23:50:24.0531 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2010/11/27 23:50:24.0562 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2010/11/27 23:50:24.0718 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2010/11/27 23:50:24.0750 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2010/11/27 23:50:24.0796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2010/11/27 23:50:24.0828 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2010/11/27 23:50:24.0875 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2010/11/27 23:50:24.0906 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2010/11/27 23:50:24.0937 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2010/11/27 23:50:24.0984 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2010/11/27 23:50:25.0031 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2010/11/27 23:50:25.0078 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2010/11/27 23:50:25.0125 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2010/11/27 23:50:25.0171 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2010/11/27 23:50:25.0203 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2010/11/27 23:50:25.0250 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2010/11/27 23:50:25.0312 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2010/11/27 23:50:25.0375 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2010/11/27 23:50:25.0437 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2010/11/27 23:50:25.0562 RSUSBSTOR (7ffa9821b1c5e0e0667e0a2685cfb89f) C:\WINDOWS\system32\Drivers\RtsUStor.sys

2010/11/27 23:50:25.0687 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2010/11/27 23:50:25.0765 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

2010/11/27 23:50:25.0843 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2010/11/27 23:50:25.0968 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2010/11/27 23:50:26.0000 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2010/11/27 23:50:26.0109 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys

2010/11/27 23:50:26.0218 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2010/11/27 23:50:26.0265 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2010/11/27 23:50:26.0343 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2010/11/27 23:50:26.0406 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2010/11/27 23:50:26.0531 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2010/11/27 23:50:26.0609 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2010/11/27 23:50:26.0656 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2010/11/27 23:50:26.0703 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2010/11/27 23:50:26.0750 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2010/11/27 23:50:26.0812 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2010/11/27 23:50:26.0843 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2010/11/27 23:50:26.0921 SynTP (60cd166ae4261920b4008a1a114ae97c) C:\WINDOWS\system32\DRIVERS\SynTP.sys

2010/11/27 23:50:26.0984 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2010/11/27 23:50:27.0062 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2010/11/27 23:50:27.0125 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2010/11/27 23:50:27.0156 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2010/11/27 23:50:27.0234 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2010/11/27 23:50:27.0328 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

2010/11/27 23:50:27.0406 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2010/11/27 23:50:27.0453 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2010/11/27 23:50:27.0515 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2010/11/27 23:50:27.0609 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

2010/11/27 23:50:27.0671 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2010/11/27 23:50:27.0812 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2010/11/27 23:50:27.0843 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2010/11/27 23:50:27.0921 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2010/11/27 23:50:27.0984 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

2010/11/27 23:50:28.0046 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

2010/11/27 23:50:28.0109 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2010/11/27 23:50:28.0171 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2010/11/27 23:50:28.0218 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

2010/11/27 23:50:28.0265 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2010/11/27 23:50:28.0328 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2010/11/27 23:50:28.0390 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2010/11/27 23:50:28.0421 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2010/11/27 23:50:28.0531 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2010/11/27 23:50:28.0609 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

2010/11/27 23:50:28.0703 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2010/11/27 23:50:28.0812 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

2010/11/27 23:50:28.0906 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2010/11/27 23:50:28.0984 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2010/11/27 23:50:29.0062 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2010/11/27 23:50:29.0109 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2010/11/27 23:50:29.0265 ================================================================================

2010/11/27 23:50:29.0265 Scan finished

2010/11/27 23:50:29.0265 ================================================================================

2010/11/27 23:51:24.0109 ================================================================================

2010/11/27 23:51:24.0109 Scan started

2010/11/27 23:51:24.0109 Mode: Manual;

2010/11/27 23:51:24.0109 ================================================================================

2010/11/27 23:51:24.0703 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2010/11/27 23:51:24.0750 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2010/11/27 23:51:24.0781 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

2010/11/27 23:51:24.0843 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2010/11/27 23:51:24.0890 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2010/11/27 23:51:24.0968 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2010/11/27 23:51:25.0000 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2010/11/27 23:51:25.0046 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2010/11/27 23:51:25.0078 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2010/11/27 23:51:25.0125 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2010/11/27 23:51:25.0156 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2010/11/27 23:51:25.0218 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2010/11/27 23:51:25.0250 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2010/11/27 23:51:25.0296 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2010/11/27 23:51:25.0328 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2010/11/27 23:51:25.0437 AR5416 (74ad200c4e5454a884d7c711b6a906cf) C:\WINDOWS\system32\DRIVERS\athw.sys

2010/11/27 23:51:25.0484 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2010/11/27 23:51:25.0515 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2010/11/27 23:51:25.0546 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2010/11/27 23:51:25.0625 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2010/11/27 23:51:25.0671 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2010/11/27 23:51:25.0765 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2010/11/27 23:51:25.0859 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2010/11/27 23:51:25.0921 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2010/11/27 23:51:26.0187 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2010/11/27 23:51:26.0218 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2010/11/27 23:51:26.0312 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2010/11/27 23:51:26.0343 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2010/11/27 23:51:26.0421 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2010/11/27 23:51:26.0468 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2010/11/27 23:51:26.0531 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2010/11/27 23:51:26.0625 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2010/11/27 23:51:26.0687 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2010/11/27 23:51:26.0718 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2010/11/27 23:51:26.0796 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2010/11/27 23:51:26.0859 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2010/11/27 23:51:26.0890 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2010/11/27 23:51:26.0953 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2010/11/27 23:51:27.0015 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys

2010/11/27 23:51:27.0125 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2010/11/27 23:51:27.0171 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2010/11/27 23:51:27.0531 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2010/11/27 23:51:27.0656 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2010/11/27 23:51:27.0765 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2010/11/27 23:51:27.0812 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2010/11/27 23:51:28.0062 esgiguard (051a2e2a75adb6d1c5c27e940fdabcba) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys

2010/11/27 23:51:28.0218 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2010/11/27 23:51:28.0312 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

2010/11/27 23:51:28.0343 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2010/11/27 23:51:28.0375 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

2010/11/27 23:51:28.0437 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2010/11/27 23:51:28.0500 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2010/11/27 23:51:28.0562 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2010/11/27 23:51:28.0625 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2010/11/27 23:51:28.0703 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2010/11/27 23:51:28.0796 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2010/11/27 23:51:28.0859 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2010/11/27 23:51:28.0906 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2010/11/27 23:51:28.0937 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2010/11/27 23:51:29.0000 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2010/11/27 23:51:29.0234 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2010/11/27 23:51:29.0343 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\drivers\iaStor.sys

2010/11/27 23:51:29.0421 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2010/11/27 23:51:29.0484 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2010/11/27 23:51:29.0703 IntcAzAudAddService (2feb5bf0312e1cb76cd2caa875cbaa5d) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2010/11/27 23:51:29.0781 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

2010/11/27 23:51:29.0828 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2010/11/27 23:51:29.0875 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2010/11/27 23:51:29.0937 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2010/11/27 23:51:30.0046 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2010/11/27 23:51:30.0125 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2010/11/27 23:51:30.0156 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2010/11/27 23:51:30.0203 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2010/11/27 23:51:30.0265 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2010/11/27 23:51:30.0343 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2010/11/27 23:51:30.0390 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2010/11/27 23:51:30.0437 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2010/11/27 23:51:30.0500 L1e (131f87c6dcd9bb7caf31e315a4fbdc8b) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys

2010/11/27 23:51:30.0656 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2010/11/27 23:51:30.0750 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2010/11/27 23:51:30.0812 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2010/11/27 23:51:30.0859 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2010/11/27 23:51:30.0906 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2010/11/27 23:51:30.0937 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2010/11/27 23:51:31.0000 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2010/11/27 23:51:31.0062 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2010/11/27 23:51:31.0109 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2010/11/27 23:51:31.0171 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2010/11/27 23:51:31.0234 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2010/11/27 23:51:31.0296 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2010/11/27 23:51:31.0328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2010/11/27 23:51:31.0390 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2010/11/27 23:51:31.0437 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2010/11/27 23:51:31.0484 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2010/11/27 23:51:31.0531 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2010/11/27 23:51:31.0578 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2010/11/27 23:51:31.0609 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2010/11/27 23:51:31.0640 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2010/11/27 23:51:31.0687 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

2010/11/27 23:51:31.0718 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2010/11/27 23:51:31.0765 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2010/11/27 23:51:31.0906 nmwcd (357ddb51e03cae598c096d95497373d0) C:\WINDOWS\system32\drivers\ccdcmb.sys

2010/11/27 23:51:31.0937 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\WINDOWS\system32\drivers\ccdcmbo.sys

2010/11/27 23:51:31.0968 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2010/11/27 23:51:32.0031 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2010/11/27 23:51:32.0109 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2010/11/27 23:51:32.0156 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2010/11/27 23:51:32.0218 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2010/11/27 23:51:32.0328 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

2010/11/27 23:51:32.0359 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2010/11/27 23:51:32.0406 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2010/11/27 23:51:32.0453 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

2010/11/27 23:51:32.0484 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2010/11/27 23:51:32.0578 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2010/11/27 23:51:32.0734 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2010/11/27 23:51:32.0921 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2010/11/27 23:51:32.0968 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2010/11/27 23:51:33.0093 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2010/11/27 23:51:33.0156 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2010/11/27 23:51:33.0187 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2010/11/27 23:51:33.0218 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2010/11/27 23:51:33.0265 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2010/11/27 23:51:33.0296 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2010/11/27 23:51:33.0343 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2010/11/27 23:51:33.0375 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2010/11/27 23:51:33.0421 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2010/11/27 23:51:33.0468 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2010/11/27 23:51:33.0515 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2010/11/27 23:51:33.0546 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2010/11/27 23:51:33.0593 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2010/11/27 23:51:33.0640 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2010/11/27 23:51:33.0703 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2010/11/27 23:51:33.0765 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2010/11/27 23:51:33.0828 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2010/11/27 23:51:33.0921 RSUSBSTOR (7ffa9821b1c5e0e0667e0a2685cfb89f) C:\WINDOWS\system32\Drivers\RtsUStor.sys

2010/11/27 23:51:34.0062 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2010/11/27 23:51:34.0125 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

2010/11/27 23:51:34.0203 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2010/11/27 23:51:34.0328 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2010/11/27 23:51:34.0359 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2010/11/27 23:51:34.0468 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys

2010/11/27 23:51:34.0531 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2010/11/27 23:51:34.0578 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2010/11/27 23:51:34.0640 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2010/11/27 23:51:34.0718 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2010/11/27 23:51:34.0781 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2010/11/27 23:51:34.0828 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2010/11/27 23:51:34.0890 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2010/11/27 23:51:34.0968 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2010/11/27 23:51:35.0015 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2010/11/27 23:51:35.0046 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2010/11/27 23:51:35.0078 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2010/11/27 23:51:35.0156 SynTP (60cd166ae4261920b4008a1a114ae97c) C:\WINDOWS\system32\DRIVERS\SynTP.sys

2010/11/27 23:51:35.0218 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2010/11/27 23:51:35.0296 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2010/11/27 23:51:35.0359 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2010/11/27 23:51:35.0390 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2010/11/27 23:51:35.0468 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2010/11/27 23:51:35.0562 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

2010/11/27 23:51:35.0640 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2010/11/27 23:51:35.0687 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2010/11/27 23:51:35.0734 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2010/11/27 23:51:35.0796 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

2010/11/27 23:51:35.0859 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2010/11/27 23:51:35.0953 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2010/11/27 23:51:36.0000 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2010/11/27 23:51:36.0046 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2010/11/27 23:51:36.0125 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

2010/11/27 23:51:36.0187 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

2010/11/27 23:51:36.0265 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2010/11/27 23:51:36.0328 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2010/11/27 23:51:36.0359 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

2010/11/27 23:51:36.0406 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2010/11/27 23:51:36.0468 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2010/11/27 23:51:36.0500 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2010/11/27 23:51:36.0546 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2010/11/27 23:51:36.0625 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2010/11/27 23:51:36.0703 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

2010/11/27 23:51:36.0796 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2010/11/27 23:51:36.0937 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

2010/11/27 23:51:37.0015 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2010/11/27 23:51:37.0093 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2010/11/27 23:51:37.0156 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2010/11/27 23:51:37.0203 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2010/11/27 23:51:37.0375 ================================================================================

2010/11/27 23:51:37.0375 Scan finished

2010/11/27 23:51:37.0375 ================================================================================

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

Hi i cant find the eset logfile :)

here is the other one

Things seem to be running fine now.

Results of screen317's Security Check version 0.99.6

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET Online Scanner v3

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Adobe Flash Player 10.0.45.2

Adobe Reader 9.4.1

````````````````````````````````

Process Check:

objlist.exe by Laurent

````````````````````````````````

DNS Vulnerability Check:

Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

``````````End of Log````````````

Link to post
Share on other sites
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Hi,

I will need to see a log from SpyHunter to see if it's actually detecting anything.

I would like you to read the comments on this page regarding the company that develops SpyHunter:

http://www.mywot.com/en/scorecard/enigmasoftware.com

I wouldn't trust it and it wouldn't surprise me if it were giving you false results.

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted
Hi,

I will need to see a log from SpyHunter to see if it's actually detecting anything.

I would like you to read the comments on this page regarding the company that develops SpyHunter:

http://www.mywot.com/en/scorecard/enigmasoftware.com

I wouldn't trust it and it wouldn't surprise me if it were giving you false results.

When the scan is finished with Spyhunter it just says fix threats.It doesnt show a log to copy ;)

Like i said i dont know much about computers :D

Link to post
Share on other sites
Hawkflyer

Hawkflyer

Posted
  • Author
Posted

The only problem that is back is the wifes account has now got blankpage again for her home page.foe a couple of days she was able to use her usual homepage but now its back to blankpage.Everything else seems to be working fine.

So you would recommend uninstalling Spyhunter and using something else for security?

Link to post
Share on other sites
  • Staff
screen317

screen317

Posted
  • Staff
Posted

It may very well be SpyHunter that's restoring the home page back to a blank setting.

Yes I would highly recommend uninstalling it and replacing it with the Pro version of MBAM, if possible. Purchasing that will give you a lifetime license of our software with realtime protection from malware.

If you would like to pursue that avenue, great. After uninstalling SpyHunter, see if you can change your homepage back without it reverting to the blank page.

-screen317

Link to post
Share on other sites
  • 4 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.