Jump to content

Recommended Posts

Hello and thank you in advance for your help.

This is my dads computer and I am trying to fix it but am in over my head now. I thought I had it going a few months ago but what ever it was came back twice as bad.

I can not get Malwarebytes to run it freezes mid scan and my Microsoft Security is disabled along with the firewall when I boot up. The Microsoft anti virus will not update just freezes this computer.

I did run DeFogger and I managed to get DDS to run but when I tried GMER the first time it said it encountered an error and had to close. I tried to run it a second time and I got a BSOD.

Here is my report:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by James Dean at 19:49:30 on 2011-10-04

.

============== Running Processes ===============

.

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\WINDOWS\system32\dlcdcoms.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\America Online 9.0\aoltray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Documents and Settings\James Dean\Desktop\dds.com

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.comcast.net/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE

uDefault_Page_URL = hxxp://www.dell4me.com/myway

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

mURLSearchHooks: H - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ALOT Toolbar Helper: {14ceeaff-96dd-4101-ae37-d5ecdc23c3f6} - c:\program files\alot\bin\bho\alotBHO.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: ALOT Toolbar: {5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} - c:\program files\alot\bin\alot.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe

mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe

mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [dlcdmon.exe] "c:\program files\dell photo aio printer 944\dlcdmon.exe"

mRun: [MemoryCardManager] c:\program files\dell photo aio printer 944\memcard.exe

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [MBBalloon] c:\program files\hotalbummybox\MBBalloon.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [DLCDCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCDtime.dll,_RunDLLEntry@16

mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL

IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

Trusted Zone: comcast.net\www

DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} - hxxp://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{CDDA4564-75E9-4B7B-9132-C07332E415A0} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxdev.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

.

============= SERVICES / DRIVERS ===============

.

R? APL531;OVT Scanner

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? MatSvc;Microsoft Automated Troubleshooting Service

R? MpKsl07d5673d;MpKsl07d5673d

R? MpKsl12d948c9;MpKsl12d948c9

R? MpKsl20aabb81;MpKsl20aabb81

R? MpKsl421cd748;MpKsl421cd748

R? MpKsl5972f8a4;MpKsl5972f8a4

R? MpKsl63233f3d;MpKsl63233f3d

R? MpKsl6eaf2a50;MpKsl6eaf2a50

R? MpKsl8364c35f;MpKsl8364c35f

R? MpKsl8f49281a;MpKsl8f49281a

R? MpKsl95cd5031;MpKsl95cd5031

R? MpKsla98db9d8;MpKsla98db9d8

R? MpKslba1d1f4a;MpKslba1d1f4a

R? MpKslc2e1e80a;MpKslc2e1e80a

R? MpKslc585ef58;MpKslc585ef58

R? MpKsldbd3fc6e;MpKsldbd3fc6e

R? MpKslded52ce6;MpKslded52ce6

R? MpKsle34509d4;MpKsle34509d4

S? aawservice;Lavasoft Ad-Aware Service

S? dlcd_device;dlcd_device

S? HPFECP12;HPFECP12

S? MpFilter;Microsoft Malware Protection Driver

S? MpKsl5558cfde;MpKsl5558cfde

S? MpKsl87b1c2fd;MpKsl87b1c2fd

S? MpKsle37c99af;MpKsle37c99af

S? MpKslfd534c2d;MpKslfd534c2d

S? PzWDM;PzWDM

.

=============== Created Last 30 ================

.

2011-10-05 00:48:18 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKslfd534c2d.sys

2011-10-05 00:41:40 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsl63233f3d.sys

2011-10-05 00:18:46 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsle37c99af.sys

2011-10-05 00:16:23 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsl5558cfde.sys

2011-10-05 00:06:54 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsl87b1c2fd.sys

2011-10-02 14:25:15 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\offreg.dll

2011-10-01 20:08:32 7269712 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\mpengine.dll

2011-09-24 20:20:02 -------- d-----w- c:\documents and settings\james dean\local settings\application data\FixItCenter

2011-09-24 19:34:20 -------- d-----w- c:\windows\MATS

2011-09-24 19:33:22 -------- d-----w- c:\program files\Microsoft Fix it Center

.

==================== Find3M ====================

.

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-08-31 22:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-19 19:38:48 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-07-19 19:38:46 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2004-07-30 15:56:22 90112 ----a-w- c:\program files\common files\PCSBclean.exe

2004-07-26 21:30:14 291840 ----a-w- c:\program files\common files\PCSBoff.exe

.

============= FINISH: 19:56:27.78 ===============

attach.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

Hello Screen317,

Thank you for helping me with this.

MBAM gave me a BSOD 29 minutes into the scan so I have no log for it.

Here is my TDSS Report

07:40:36.0671 1336 TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06

07:40:37.0343 1336 ============================================================

07:40:37.0343 1336 Current date / time: 2011/10/10 07:40:37.0343

07:40:37.0343 1336 SystemInfo:

07:40:37.0343 1336

07:40:37.0343 1336 OS Version: 5.1.2600 ServicePack: 3.0

07:40:37.0343 1336 Product type: Workstation

07:40:37.0375 1336 ComputerName: DADSCOMPUTER

07:40:37.0375 1336 UserName: James Dean

07:40:37.0375 1336 Windows directory: C:\WINDOWS

07:40:37.0375 1336 System windows directory: C:\WINDOWS

07:40:37.0375 1336 Processor architecture: Intel x86

07:40:37.0375 1336 Number of processors: 1

07:40:37.0375 1336 Page size: 0x1000

07:40:37.0375 1336 Boot type: Normal boot

07:40:37.0375 1336 ============================================================

07:41:09.0796 1336 Initialize success

07:41:19.0890 3412 ============================================================

07:41:19.0890 3412 Scan started

07:41:19.0890 3412 Mode: Manual;

07:41:19.0890 3412 ============================================================

07:41:41.0109 3412 Abiosdsk - ok

07:41:42.0984 3412 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

07:41:43.0171 3412 abp480n5 - ok

07:41:44.0984 3412 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

07:41:45.0468 3412 ACPI - ok

07:41:46.0937 3412 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

07:41:47.0046 3412 ACPIEC - ok

07:41:48.0828 3412 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

07:41:49.0140 3412 adpu160m - ok

07:41:50.0968 3412 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

07:41:51.0375 3412 aec - ok

07:41:53.0015 3412 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys

07:41:53.0046 3412 Afc - ok

07:41:54.0796 3412 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys

07:41:55.0093 3412 AFD - ok

07:41:56.0859 3412 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

07:41:57.0000 3412 agp440 - ok

07:41:58.0703 3412 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

07:41:58.0781 3412 agpCPQ - ok

07:42:00.0484 3412 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

07:42:00.0593 3412 Aha154x - ok

07:42:02.0156 3412 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

07:42:02.0406 3412 aic78u2 - ok

07:42:04.0078 3412 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

07:42:04.0203 3412 aic78xx - ok

07:42:05.0765 3412 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

07:42:05.0921 3412 AliIde - ok

07:42:07.0343 3412 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

07:42:07.0531 3412 alim1541 - ok

07:42:09.0250 3412 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

07:42:09.0375 3412 amdagp - ok

07:42:11.0031 3412 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

07:42:11.0125 3412 amsint - ok

07:42:15.0453 3412 APL531 (1fc8a7e5c3aed31f00940c6ab2fd9b49) C:\WINDOWS\system32\Drivers\ov550i.sys

07:42:16.0718 3412 APL531 - ok

07:42:18.0843 3412 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

07:42:19.0062 3412 asc - ok

07:42:20.0687 3412 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

07:42:20.0843 3412 asc3350p - ok

07:42:22.0359 3412 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

07:42:22.0375 3412 asc3550 - ok

07:42:23.0703 3412 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

07:42:23.0796 3412 ASCTRM - ok

07:42:25.0281 3412 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

07:42:25.0390 3412 AsyncMac - ok

07:42:26.0875 3412 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

07:42:26.0875 3412 atapi - ok

07:42:29.0078 3412 Atdisk - ok

07:42:34.0109 3412 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

07:42:34.0203 3412 Atmarpc - ok

07:42:36.0687 3412 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

07:42:36.0953 3412 audstub - ok

07:42:40.0453 3412 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

07:42:40.0703 3412 Beep - ok

07:42:42.0375 3412 bvrp_pci - ok

07:42:44.0156 3412 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

07:42:44.0390 3412 cbidf - ok

07:42:46.0062 3412 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

07:42:46.0062 3412 cbidf2k - ok

07:42:47.0609 3412 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

07:42:47.0796 3412 CCDECODE - ok

07:42:49.0234 3412 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

07:42:49.0453 3412 cd20xrnt - ok

07:42:52.0359 3412 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

07:42:52.0484 3412 Cdaudio - ok

07:42:55.0515 3412 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

07:42:55.0656 3412 Cdfs - ok

07:42:57.0843 3412 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

07:42:58.0000 3412 Cdrom - ok

07:42:59.0312 3412 Changer - ok

07:43:01.0250 3412 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

07:43:01.0468 3412 CmdIde - ok

07:43:04.0984 3412 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

07:43:05.0062 3412 Cpqarray - ok

07:43:09.0218 3412 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

07:43:09.0609 3412 dac2w2k - ok

07:43:11.0296 3412 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

07:43:11.0390 3412 dac960nt - ok

07:43:12.0593 3412 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

07:43:12.0718 3412 Disk - ok

07:43:15.0312 3412 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

07:43:16.0609 3412 dmboot - ok

07:43:17.0640 3412 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

07:43:17.0953 3412 dmio - ok

07:43:19.0625 3412 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

07:43:19.0718 3412 dmload - ok

07:43:21.0062 3412 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

07:43:21.0218 3412 DMusic - ok

07:43:23.0000 3412 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

07:43:23.0093 3412 dpti2o - ok

07:43:24.0359 3412 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

07:43:24.0437 3412 drmkaud - ok

07:43:26.0140 3412 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys

07:43:26.0343 3412 drvmcdb - ok

07:43:27.0656 3412 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys

07:43:27.0687 3412 drvnddm - ok

07:43:28.0750 3412 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

07:43:28.0859 3412 DSproct - ok

07:43:30.0000 3412 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys

07:43:30.0093 3412 dsunidrv - ok

07:43:32.0218 3412 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys

07:43:32.0500 3412 E100B - ok

07:43:34.0156 3412 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

07:43:34.0500 3412 Fastfat - ok

07:43:35.0171 3412 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

07:43:35.0281 3412 Fdc - ok

07:43:35.0953 3412 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

07:43:36.0125 3412 Fips - ok

07:43:37.0031 3412 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

07:43:37.0109 3412 Flpydisk - ok

07:43:37.0890 3412 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

07:43:38.0156 3412 FltMgr - ok

07:43:39.0437 3412 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

07:43:39.0484 3412 Fs_Rec - ok

07:43:42.0234 3412 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

07:43:42.0437 3412 Ftdisk - ok

07:43:46.0531 3412 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

07:43:46.0687 3412 GEARAspiWDM - ok

07:43:48.0296 3412 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

07:43:48.0437 3412 Gpc - ok

07:43:50.0187 3412 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

07:43:50.0281 3412 HidUsb - ok

07:43:51.0906 3412 HPFECP12 (17e53c5a710b0d47f86a86f22b04f682) C:\WINDOWS\System32\drivers\HPFECP12.SYS

07:43:51.0968 3412 HPFECP12 - ok

07:43:53.0812 3412 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

07:43:53.0906 3412 hpn - ok

07:43:56.0062 3412 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

07:43:56.0734 3412 HSFHWBS2 - ok

07:43:59.0281 3412 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

07:44:00.0593 3412 HSF_DP - ok

07:44:02.0671 3412 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

07:44:03.0031 3412 HTTP - ok

07:44:04.0265 3412 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

07:44:04.0296 3412 i2omgmt - ok

07:44:05.0515 3412 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

07:44:05.0640 3412 i2omp - ok

07:44:07.0984 3412 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

07:44:08.0078 3412 i8042prt - ok

07:44:09.0562 3412 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

07:44:12.0531 3412 ialm - ok

07:44:13.0578 3412 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

07:44:13.0609 3412 Imapi - ok

07:44:15.0171 3412 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

07:44:15.0265 3412 ini910u - ok

07:44:16.0656 3412 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

07:44:16.0703 3412 IntelIde - ok

07:44:17.0687 3412 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

07:44:17.0750 3412 intelppm - ok

07:44:19.0203 3412 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

07:44:19.0375 3412 Ip6Fw - ok

07:44:20.0937 3412 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

07:44:21.0125 3412 IpFilterDriver - ok

07:44:23.0093 3412 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

07:44:23.0140 3412 IpInIp - ok

07:44:24.0265 3412 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

07:44:24.0343 3412 IpNat - ok

07:44:25.0453 3412 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

07:44:25.0531 3412 IPSec - ok

07:44:26.0593 3412 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

07:44:26.0640 3412 IRENUM - ok

07:44:27.0859 3412 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

07:44:28.0093 3412 isapnp - ok

07:44:31.0015 3412 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

07:44:32.0828 3412 Kbdclass - ok

07:44:34.0406 3412 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

07:44:34.0625 3412 kbdhid - ok

07:44:35.0812 3412 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

07:44:35.0906 3412 kmixer - ok

07:44:37.0234 3412 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

07:44:37.0406 3412 KSecDD - ok

07:44:38.0312 3412 lbrtfdc - ok

07:44:39.0468 3412 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

07:44:39.0500 3412 mdmxsdk - ok

07:44:40.0421 3412 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

07:44:40.0531 3412 mnmdd - ok

07:44:41.0390 3412 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

07:44:41.0421 3412 Modem - ok

07:44:42.0171 3412 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

07:44:42.0203 3412 MODEMCSA - ok

07:44:43.0437 3412 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

07:44:43.0484 3412 Mouclass - ok

07:44:45.0265 3412 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

07:44:45.0343 3412 MountMgr - ok

07:44:46.0468 3412 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

07:44:46.0687 3412 MpFilter - ok

07:44:47.0406 3412 MpKsl07d5673d - ok

07:44:47.0937 3412 MpKsl12d948c9 - ok

07:44:48.0843 3412 MpKsl20aabb81 - ok

07:44:49.0375 3412 MpKsl421cd748 - ok

07:44:50.0078 3412 MpKsl5972f8a4 - ok

07:44:50.0796 3412 MpKsl63233f3d (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsl63233f3d.sys

07:44:51.0046 3412 MpKsl63233f3d - ok

07:44:51.0843 3412 MpKsl6eaf2a50 - ok

07:44:52.0468 3412 MpKsl8364c35f - ok

07:44:53.0187 3412 MpKsl8f49281a - ok

07:44:54.0062 3412 MpKsl95cd5031 - ok

07:44:54.0796 3412 MpKsla98db9d8 - ok

07:44:55.0484 3412 MpKslba1d1f4a - ok

07:44:56.0734 3412 MpKslc2e1e80a - ok

07:44:57.0406 3412 MpKslc585ef58 - ok

07:44:58.0078 3412 MpKsldbd3fc6e - ok

07:44:58.0406 3412 MpKslded52ce6 - ok

07:44:58.0796 3412 MpKsle34509d4 - ok

07:45:00.0812 3412 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

07:45:00.0984 3412 mraid35x - ok

07:45:03.0843 3412 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

07:45:04.0171 3412 MRxDAV - ok

07:45:07.0625 3412 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

07:45:08.0812 3412 MRxSmb - ok

07:45:10.0296 3412 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

07:45:10.0312 3412 Msfs - ok

07:45:11.0468 3412 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

07:45:11.0500 3412 MSKSSRV - ok

07:45:12.0750 3412 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

07:45:12.0812 3412 MSPCLOCK - ok

07:45:14.0000 3412 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

07:45:14.0046 3412 MSPQM - ok

07:45:15.0187 3412 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

07:45:15.0281 3412 mssmbios - ok

07:45:16.0171 3412 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

07:45:16.0187 3412 MSTEE - ok

07:45:17.0843 3412 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

07:45:18.0406 3412 Mup - ok

07:45:23.0375 3412 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

07:45:23.0812 3412 NABTSFEC - ok

07:45:25.0937 3412 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

07:45:26.0156 3412 NDIS - ok

07:45:27.0218 3412 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

07:45:27.0265 3412 NdisIP - ok

07:45:28.0343 3412 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

07:45:28.0437 3412 NdisTapi - ok

07:45:29.0531 3412 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

07:45:29.0609 3412 Ndisuio - ok

07:45:32.0015 3412 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

07:45:32.0500 3412 NdisWan - ok

07:45:35.0593 3412 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

07:45:35.0921 3412 NDProxy - ok

07:45:36.0984 3412 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

07:45:37.0015 3412 NetBIOS - ok

07:45:38.0218 3412 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

07:45:38.0406 3412 NetBT - ok

07:45:39.0625 3412 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

07:45:39.0687 3412 Npfs - ok

07:45:41.0343 3412 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

07:45:41.0765 3412 Ntfs - ok

07:45:43.0203 3412 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

07:45:43.0234 3412 Null - ok

07:45:46.0437 3412 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

07:45:48.0250 3412 nv - ok

07:45:49.0203 3412 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

07:45:49.0500 3412 NwlnkFlt - ok

07:45:50.0859 3412 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

07:45:50.0875 3412 NwlnkFwd - ok

07:45:51.0906 3412 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

07:45:52.0031 3412 Parport - ok

07:45:53.0187 3412 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

07:45:53.0218 3412 PartMgr - ok

07:45:54.0359 3412 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

07:45:54.0484 3412 ParVdm - ok

07:45:55.0515 3412 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

07:45:55.0593 3412 PCI - ok

07:45:56.0687 3412 PCIDump - ok

07:45:58.0031 3412 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

07:45:58.0046 3412 PCIIde - ok

07:46:00.0687 3412 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

07:46:01.0312 3412 Pcmcia - ok

07:46:03.0390 3412 PDCOMP - ok

07:46:04.0906 3412 PDFRAME - ok

07:46:05.0656 3412 PDRELI - ok

07:46:07.0093 3412 PDRELI - ok

07:46:08.0250 3412 PDRFRAME - ok

07:46:10.0156 3412 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

07:46:10.0187 3412 perc2 - ok

07:46:13.0078 3412 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

07:46:13.0265 3412 perc2hib - ok

07:46:15.0062 3412 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

07:46:15.0203 3412 PptpMiniport - ok

07:46:16.0281 3412 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

07:46:16.0453 3412 PSched - ok

07:46:17.0265 3412 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

07:46:17.0343 3412 Ptilink - ok

07:46:18.0046 3412 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys

07:46:18.0156 3412 PxHelp20 - ok

07:46:19.0062 3412 PzWDM (36cf3653d367cbc72a38625543f3d4d1) C:\WINDOWS\system32\Drivers\PzWDM.sys

07:46:19.0156 3412 PzWDM - ok

07:46:20.0140 3412 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

07:46:20.0937 3412 ql1080 - ok

07:46:22.0781 3412 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

07:46:22.0843 3412 Ql10wnt - ok

07:46:25.0781 3412 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

07:46:25.0953 3412 ql12160 - ok

07:46:27.0484 3412 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

07:46:27.0578 3412 ql1240 - ok

07:46:28.0781 3412 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

07:46:28.0812 3412 ql1280 - ok

07:46:29.0812 3412 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

07:46:29.0890 3412 RasAcd - ok

07:46:30.0937 3412 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

07:46:31.0093 3412 Rasl2tp - ok

07:46:32.0015 3412 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

07:46:32.0171 3412 RasPppoe - ok

07:46:32.0843 3412 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

07:46:32.0875 3412 Raspti - ok

07:46:33.0765 3412 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

07:46:34.0218 3412 Rdbss - ok

07:46:35.0125 3412 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

07:46:35.0140 3412 RDPCDD - ok

07:46:36.0015 3412 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

07:46:36.0078 3412 rdpdr - ok

07:46:37.0187 3412 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

07:46:37.0390 3412 RDPWD - ok

07:46:38.0531 3412 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

07:46:38.0625 3412 redbook - ok

07:46:39.0781 3412 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

07:46:39.0890 3412 Secdrv - ok

07:46:41.0093 3412 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

07:46:41.0953 3412 senfilt - ok

07:46:42.0796 3412 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

07:46:42.0875 3412 serenum - ok

07:46:43.0781 3412 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

07:46:43.0828 3412 Serial - ok

07:46:45.0328 3412 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

07:46:45.0500 3412 Sfloppy - ok

07:46:46.0156 3412 Simbad - ok

07:46:47.0015 3412 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

07:46:47.0171 3412 sisagp - ok

07:46:47.0984 3412 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

07:46:48.0046 3412 SLIP - ok

07:46:49.0078 3412 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys

07:46:49.0531 3412 smwdm - ok

07:46:50.0531 3412 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

07:46:50.0671 3412 Sparrow - ok

07:46:51.0343 3412 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

07:46:51.0406 3412 splitter - ok

07:46:52.0171 3412 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

07:46:52.0343 3412 sr - ok

07:46:53.0343 3412 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

07:46:53.0593 3412 Srv - ok

07:46:55.0187 3412 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys

07:46:55.0281 3412 sscdbhk5 - ok

07:46:56.0453 3412 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys

07:46:56.0484 3412 ssrtln - ok

07:46:57.0484 3412 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

07:46:57.0625 3412 streamip - ok

07:46:59.0687 3412 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

07:46:59.0703 3412 swenum - ok

07:47:02.0671 3412 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

07:47:02.0734 3412 swmidi - ok

07:47:04.0515 3412 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

07:47:04.0796 3412 symc810 - ok

07:47:07.0093 3412 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

07:47:07.0171 3412 symc8xx - ok

07:47:08.0468 3412 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

07:47:08.0625 3412 sym_hi - ok

07:47:09.0656 3412 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

07:47:09.0734 3412 sym_u3 - ok

07:47:12.0000 3412 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

07:47:12.0125 3412 sysaudio - ok

07:47:15.0671 3412 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

07:47:16.0406 3412 Tcpip - ok

07:47:18.0890 3412 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

07:47:18.0953 3412 TDPIPE - ok

07:47:19.0640 3412 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

07:47:19.0750 3412 TDTCP - ok

07:47:20.0812 3412 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

07:47:20.0921 3412 TermDD - ok

07:47:21.0718 3412 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys

07:47:21.0859 3412 tfsnboio - ok

07:47:23.0125 3412 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys

07:47:23.0203 3412 tfsncofs - ok

07:47:24.0062 3412 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys

07:47:24.0078 3412 tfsndrct - ok

07:47:26.0187 3412 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys

07:47:26.0203 3412 tfsndres - ok

07:47:27.0109 3412 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys

07:47:27.0203 3412 tfsnifs - ok

07:47:28.0031 3412 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys

07:47:28.0078 3412 tfsnopio - ok

07:47:28.0968 3412 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys

07:47:29.0000 3412 tfsnpool - ok

07:47:30.0968 3412 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys

07:47:31.0109 3412 tfsnudf - ok

07:47:33.0437 3412 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys

07:47:33.0656 3412 tfsnudfa - ok

07:47:34.0500 3412 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

07:47:34.0531 3412 TosIde - ok

07:47:35.0375 3412 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

07:47:35.0515 3412 Udfs - ok

07:47:36.0296 3412 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

07:47:36.0328 3412 ultra - ok

07:47:37.0609 3412 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

07:47:37.0953 3412 Update - ok

07:47:39.0328 3412 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

07:47:39.0593 3412 usbccgp - ok

07:47:40.0687 3412 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

07:47:40.0765 3412 usbehci - ok

07:47:41.0750 3412 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

07:47:41.0843 3412 usbhub - ok

07:47:42.0718 3412 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

07:47:42.0781 3412 usbprint - ok

07:47:43.0968 3412 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

07:47:44.0015 3412 usbscan - ok

07:47:46.0281 3412 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

07:47:46.0312 3412 USBSTOR - ok

07:47:47.0859 3412 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

07:47:47.0937 3412 usbuhci - ok

07:47:49.0296 3412 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

07:47:49.0312 3412 VgaSave - ok

07:47:50.0625 3412 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

07:47:50.0687 3412 ViaIde - ok

07:47:51.0718 3412 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

07:47:51.0984 3412 VolSnap - ok

07:47:53.0562 3412 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

07:47:53.0671 3412 Wanarp - ok

07:47:55.0718 3412 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys

07:47:55.0750 3412 wanatw - ok

07:47:57.0109 3412 WDICA - ok

07:48:00.0421 3412 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

07:48:00.0500 3412 wdmaud - ok

07:48:02.0281 3412 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

07:48:02.0875 3412 winachsf - ok

07:48:04.0453 3412 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

07:48:04.0625 3412 WSTCODEC - ok

07:48:04.0734 3412 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0

07:48:04.0796 3412 \Device\Harddisk0\DR0 - ok

07:48:04.0843 3412 Boot (0x1200) (d25647e6cfaa361407e23272a3debffd) \Device\Harddisk0\DR0\Partition0

07:48:04.0937 3412 \Device\Harddisk0\DR0\Partition0 - ok

07:48:04.0937 3412 ============================================================

07:48:04.0937 3412 Scan finished

07:48:04.0937 3412 ============================================================

07:48:05.0015 1512 Detected object count: 0

07:48:05.0015 1512 Actual detected object count: 0

07:56:39.0890 3192 Deinitialize success

Link to post
Share on other sites

I dont know if it matters but I had Explorer.exe quit working do you want to send a report to Microsoft happen twice during this scan.

Here is my ComboFix log

ComboFix 11-10-10.04 - James Dean 10/10/2011 19:47:16.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.223 [GMT -5:00]

Running from: c:\documents and settings\James Dean\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\SPL883.tmp

c:\documents and settings\All Users\SPLA1.tmp

c:\documents and settings\All Users\SPLD3.tmp

c:\documents and settings\Bill Dean\Application Data\alot

c:\documents and settings\James Dean\Application Data\alot

c:\documents and settings\James Dean\Application Data\alot\BrowserSearch\BrowserSearch.xml

c:\documents and settings\James Dean\Application Data\alot\BrowserSearch\BrowserSearch.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_0\Button_0.xml

c:\documents and settings\James Dean\Application Data\alot\Button_0\Button_0.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_1\Button_1.xml

c:\documents and settings\James Dean\Application Data\alot\Button_1\Button_1.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_2\Button_2.xml

c:\documents and settings\James Dean\Application Data\alot\Button_2\Button_2.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_3\Button_3.xml

c:\documents and settings\James Dean\Application Data\alot\Button_3\Button_3.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_4\Button_4.xml

c:\documents and settings\James Dean\Application Data\alot\Button_4\Button_4.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_5\Button_5.xml

c:\documents and settings\James Dean\Application Data\alot\Button_5\Button_5.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_6\Button_6.xml

c:\documents and settings\James Dean\Application Data\alot\Button_6\Button_6.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_7\Button_7.xml

c:\documents and settings\James Dean\Application Data\alot\Button_7\Button_7.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_8\Button_8.xml

c:\documents and settings\James Dean\Application Data\alot\Button_8\Button_8.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Button_9\Button_9.xml

c:\documents and settings\James Dean\Application Data\alot\Button_9\Button_9.xml.backup

c:\documents and settings\James Dean\Application Data\alot\configurator\configurator.xml

c:\documents and settings\James Dean\Application Data\alot\configurator\configurator.xml.backup

c:\documents and settings\James Dean\Application Data\alot\contextMenu\contextMenu.xml

c:\documents and settings\James Dean\Application Data\alot\contextMenu\contextMenu.xml.backup

c:\documents and settings\James Dean\Application Data\alot\ErrorSearch\ErrorSearch.xml

c:\documents and settings\James Dean\Application Data\alot\ErrorSearch\ErrorSearch.xml.backup

c:\documents and settings\James Dean\Application Data\alot\postInstallLayout\postInstallLayout.xml

c:\documents and settings\James Dean\Application Data\alot\postInstallLayout\postInstallLayout.xml.backup

c:\documents and settings\James Dean\Application Data\alot\preferencesLayout\preferencesLayout.xml

c:\documents and settings\James Dean\Application Data\alot\preferencesLayout\preferencesLayout.xml.backup

c:\documents and settings\James Dean\Application Data\alot\products\products.xml

c:\documents and settings\James Dean\Application Data\alot\products\products.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html

c:\documents and settings\James Dean\Application Data\alot\Resources\BrowserSearch\images\favicon.ico

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_0\images\alot_logo_button.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_image_search.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_image_search.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_news_search.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_news_search.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_search_button.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_shop_search.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_shop_search.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_videos_search.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_videos_search.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_web_search.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_1\images\alot_web_search.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_2\images\alot_configure.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_2\images\alot_configure.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_3\images\default_1008_alot_map_widget_default.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_3\images\default_1008_alot_map_widget_default.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_4\images\1011_icon.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_4\images\1011_icon.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_5\images\default_1870_mrkt_traffic.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_5\images\default_1870_mrkt_traffic.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\alert-icon.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\clear.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\cloudy.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\default_1007_alot_weather_widget.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\default_1007_alot_weather_widget.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\mcloud.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\nclear.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\nmcloud.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\pcloud.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\rain.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\shower.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_6\images\tstorm.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_7\images\default_2254_email.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_7\images\default_2254_email.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_7\images\icon_configure.JPG

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_8\images\2775_icon.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_8\images\2775_icon.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_9\images\4712_icon.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Button_9\images\4712_icon.png

c:\documents and settings\James Dean\Application Data\alot\Resources\contextMenu\images\alot_icon.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\contextMenu\images\alot_icon.png

c:\documents and settings\James Dean\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\domains.dat

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\alot_brand.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\alot_splitter.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\discover.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\intro_popup.png

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\spinner.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_bottom.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_btnconfig0.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_btnconfig1.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_btnrefresh0.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_btnrefresh1.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_caption.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_error_close.bmp

c:\documents and settings\James Dean\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp

c:\documents and settings\James Dean\Application Data\alot\TimerManager\TimerManager.xml

c:\documents and settings\James Dean\Application Data\alot\TimerManager\TimerManager.xml.backup

c:\documents and settings\James Dean\Application Data\alot\toolbar.xml

c:\documents and settings\James Dean\Application Data\alot\toolbar.xml.backup

c:\documents and settings\James Dean\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml

c:\documents and settings\James Dean\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml.backup

c:\documents and settings\James Dean\Application Data\alot\ToolbarSearch\ToolbarSearch.xml

c:\documents and settings\James Dean\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup

c:\documents and settings\James Dean\Application Data\alot\Updater\Updater.xml

c:\documents and settings\James Dean\Application Data\alot\Updater\Updater.xml.backup

c:\documents and settings\James Dean\WINDOWS

c:\windows\system32\_000005_.tmp.dll

c:\windows\system32\bszip.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-09-11 to 2011-10-11 )))))))))))))))))))))))))))))))

.

.

2011-10-11 00:01 . 2011-10-11 00:02 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{64585DC6-5F4A-4467-A0B1-50934309035C}\MpKsl770cbfff.sys

2011-10-10 23:52 . 2011-10-10 23:52 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{64585DC6-5F4A-4467-A0B1-50934309035C}\MpKsl3abd3ed7.sys

2011-10-10 23:47 . 2011-10-11 00:00 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{64585DC6-5F4A-4467-A0B1-50934309035C}\offreg.dll

2011-10-10 23:46 . 2011-09-12 23:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{64585DC6-5F4A-4467-A0B1-50934309035C}\mpengine.dll

2011-09-24 20:20 . 2011-09-24 20:20 -------- d-----w- c:\documents and settings\James Dean\Local Settings\Application Data\FixItCenter

2011-09-24 19:34 . 2011-09-24 19:34 -------- d-----w- c:\windows\MATS

2011-09-24 19:33 . 2011-09-24 19:35 -------- d-----w- c:\program files\Microsoft Fix it Center

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-09-12 23:14 . 2011-02-03 22:17 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-09-09 09:12 . 2004-08-10 17:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-08-31 22:00 . 2011-06-25 11:56 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-12 02:44 . 2011-08-23 08:02 7152464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll

2011-07-19 19:38 . 2007-07-01 19:16 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-07-19 19:38 . 2011-07-19 19:40 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-07-15 13:29 . 2005-10-13 14:56 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2004-07-30 15:56 . 2005-11-07 20:23 90112 ----a-w- c:\program files\Common Files\PCSBclean.exe

2004-07-26 21:30 . 2005-11-07 19:57 291840 ----a-w- c:\program files\Common Files\PCSBoff.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-14 68856]

"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]

"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2004-09-14 131072]

"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2004-09-14 53248]

"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-10-13 26112]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-10-13 98304]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]

"dlcdmon.exe"="c:\program files\Dell Photo AIO Printer 944\dlcdmon.exe" [2005-07-22 430080]

"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 944\memcard.exe" [2005-06-27 282624]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]

"MBBalloon"="c:\program files\HOTALBUMMyBOX\MBBalloon.exe" [2008-11-26 791392]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"DLCDCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll" [2005-06-07 69632]

"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-05-27 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-10-13 156784]

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-10-13 24576]

Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMremind.exe [2008-1-14 442368]

MediaChecker.lnk - c:\program files\HOTALBUMMyBOX\MediaChecker.exe [2007-2-13 917344]

Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]

QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=

"c:\\Program Files\\America Online 9.0\\waol.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

.

R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [3/20/2007 2:45 PM 15172]

R1 MpKsl3abd3ed7;MpKsl3abd3ed7;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{64585DC6-5F4A-4467-A0B1-50934309035C}\MpKsl3abd3ed7.sys [10/10/2011 6:52 PM 28752]

R1 MpKsl770cbfff;MpKsl770cbfff;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{64585DC6-5F4A-4467-A0B1-50934309035C}\MpKsl770cbfff.sys [10/10/2011 7:01 PM 28752]

R1 MpKsl7d72fc0f;MpKsl7d72fc0f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsl7d72fc0f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsl7d72fc0f.sys [?]

R1 MpKsld049f697;MpKsld049f697;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsld049f697.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsld049f697.sys [?]

R2 HPFECP12;HPFECP12;c:\windows\system32\drivers\HPFecp12.sys [10/19/1998 5:19 AM 52800]

S1 MpKsl07d5673d;MpKsl07d5673d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8CC29F7E-E807-40EE-98C2-F49133E1EDFF}\MpKsl07d5673d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8CC29F7E-E807-40EE-98C2-F49133E1EDFF}\MpKsl07d5673d.sys [?]

S1 MpKsl12d948c9;MpKsl12d948c9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{736465DF-7C4D-49BF-84B3-0E420C9222F0}\MpKsl12d948c9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{736465DF-7C4D-49BF-84B3-0E420C9222F0}\MpKsl12d948c9.sys [?]

S1 MpKsl20aabb81;MpKsl20aabb81;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{27066BCC-6916-49B9-838D-286BA653B910}\MpKsl20aabb81.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{27066BCC-6916-49B9-838D-286BA653B910}\MpKsl20aabb81.sys [?]

S1 MpKsl421cd748;MpKsl421cd748;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{410505E5-BE2E-44B6-8215-72D117DA82E4}\MpKsl421cd748.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{410505E5-BE2E-44B6-8215-72D117DA82E4}\MpKsl421cd748.sys [?]

S1 MpKsl5972f8a4;MpKsl5972f8a4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{48DDF77E-2577-4674-986E-AD3928CE2070}\MpKsl5972f8a4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{48DDF77E-2577-4674-986E-AD3928CE2070}\MpKsl5972f8a4.sys [?]

S1 MpKsl63233f3d;MpKsl63233f3d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsl63233f3d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{55E42509-3977-4CBA-B0C7-8CF779727A7B}\MpKsl63233f3d.sys [?]

S1 MpKsl6eaf2a50;MpKsl6eaf2a50;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{736465DF-7C4D-49BF-84B3-0E420C9222F0}\MpKsl6eaf2a50.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{736465DF-7C4D-49BF-84B3-0E420C9222F0}\MpKsl6eaf2a50.sys [?]

S1 MpKsl8364c35f;MpKsl8364c35f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B702766-A459-4691-A96A-2E2E030520A9}\MpKsl8364c35f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B702766-A459-4691-A96A-2E2E030520A9}\MpKsl8364c35f.sys [?]

S1 MpKsl8f49281a;MpKsl8f49281a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0EFF2FA7-DCC6-4787-BC12-2DAC21E766A3}\MpKsl8f49281a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0EFF2FA7-DCC6-4787-BC12-2DAC21E766A3}\MpKsl8f49281a.sys [?]

S1 MpKsl95cd5031;MpKsl95cd5031;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{736465DF-7C4D-49BF-84B3-0E420C9222F0}\MpKsl95cd5031.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{736465DF-7C4D-49BF-84B3-0E420C9222F0}\MpKsl95cd5031.sys [?]

S1 MpKsla98db9d8;MpKsla98db9d8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8CC29F7E-E807-40EE-98C2-F49133E1EDFF}\MpKsla98db9d8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8CC29F7E-E807-40EE-98C2-F49133E1EDFF}\MpKsla98db9d8.sys [?]

S1 MpKslba1d1f4a;MpKslba1d1f4a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{04015F3E-10BC-4392-9DCD-B84AEF628570}\MpKslba1d1f4a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{04015F3E-10BC-4392-9DCD-B84AEF628570}\MpKslba1d1f4a.sys [?]

S1 MpKslc2e1e80a;MpKslc2e1e80a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{46748694-BEF1-4654-A646-11C26FA420EE}\MpKslc2e1e80a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{46748694-BEF1-4654-A646-11C26FA420EE}\MpKslc2e1e80a.sys [?]

S1 MpKslc585ef58;MpKslc585ef58;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7DFEA5F9-1D42-470B-AC0C-DB0AB2D2766F}\MpKslc585ef58.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7DFEA5F9-1D42-470B-AC0C-DB0AB2D2766F}\MpKslc585ef58.sys [?]

S1 MpKsldbd3fc6e;MpKsldbd3fc6e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6576914-5675-4007-AF23-40F16E9D54A5}\MpKsldbd3fc6e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6576914-5675-4007-AF23-40F16E9D54A5}\MpKsldbd3fc6e.sys [?]

S1 MpKslded52ce6;MpKslded52ce6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{717B0574-E912-4046-A1B3-C45735E9450D}\MpKslded52ce6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{717B0574-E912-4046-A1B3-C45735E9450D}\MpKslded52ce6.sys [?]

S1 MpKsle34509d4;MpKsle34509d4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{410505E5-BE2E-44B6-8215-72D117DA82E4}\MpKsle34509d4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{410505E5-BE2E-44B6-8215-72D117DA82E4}\MpKsle34509d4.sys [?]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [7/31/2006 7:44 PM 580992]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL770CBFFF

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 20:25]

.

2011-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:02]

.

2011-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 16:02]

.

2011-10-11 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://forums.malwarebytes.org/index.php?app=core&module=search&do=user_activity&mid=63778

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

Trusted Zone: comcast.net\www

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-OVT Scanner - c:\windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner

AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-10-10 20:12

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

DLCDCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-4273664986-2362186299-283807526-1006\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

Completion time: 2011-10-10 20:20:20

ComboFix-quarantined-files.txt 2011-10-11 01:20

.

Pre-Run: 41,827,512,320 bytes free

Post-Run: 42,557,120,512 bytes free

.

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 149A535EF65F4C0BB5BA943425C26735

Here is my DDS report:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by James Dean at 20:21:36 on 2011-10-10

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.179 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\America Online 9.0\aoltray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\HOTALBUMMyBOX\MediaChecker.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\WINDOWS\system32\dlcdcoms.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://forums.malwarebytes.org/index.php?app=core&module=search&do=user_activity&mid=63778

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mURLSearchHooks: H - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe

mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe

mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [dlcdmon.exe] "c:\program files\dell photo aio printer 944\dlcdmon.exe"

mRun: [MemoryCardManager] c:\program files\dell photo aio printer 944\memcard.exe

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [MBBalloon] c:\program files\hotalbummybox\MBBalloon.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [DLCDCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCDtime.dll,_RunDLLEntry@16

mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\broderbund\printmaster\PMremind.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mediac~1.lnk - c:\program files\hotalbummybox\MediaChecker.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL

IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

Trusted Zone: comcast.net\www

DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} - hxxp://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{CDDA4564-75E9-4B7B-9132-C07332E415A0} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxdev.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [2007-3-20 15172]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 MpKsl3abd3ed7;MpKsl3abd3ed7;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{64585dc6-5f4a-4467-a0b1-50934309035c}\MpKsl3abd3ed7.sys [2011-10-10 28752]

R1 MpKsl770cbfff;MpKsl770cbfff;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{64585dc6-5f4a-4467-a0b1-50934309035c}\MpKsl770cbfff.sys [2011-10-10 28752]

R1 MpKsl7d72fc0f;MpKsl7d72fc0f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\mpksl7d72fc0f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsl7d72fc0f.sys [?]

R1 MpKsld049f697;MpKsld049f697;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\mpksld049f697.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsld049f697.sys [?]

R2 HPFECP12;HPFECP12;c:\windows\system32\drivers\HPFecp12.sys [1998-10-19 52800]

R3 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe -service --> c:\windows\system32\dlcdcoms.exe -service [?]

S1 MpKsl07d5673d;MpKsl07d5673d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8cc29f7e-e807-40ee-98c2-f49133e1edff}\mpksl07d5673d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8cc29f7e-e807-40ee-98c2-f49133e1edff}\MpKsl07d5673d.sys [?]

S1 MpKsl12d948c9;MpKsl12d948c9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{736465df-7c4d-49bf-84b3-0e420c9222f0}\mpksl12d948c9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{736465df-7c4d-49bf-84b3-0e420c9222f0}\MpKsl12d948c9.sys [?]

S1 MpKsl20aabb81;MpKsl20aabb81;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27066bcc-6916-49b9-838d-286ba653b910}\mpksl20aabb81.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27066bcc-6916-49b9-838d-286ba653b910}\MpKsl20aabb81.sys [?]

S1 MpKsl421cd748;MpKsl421cd748;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{410505e5-be2e-44b6-8215-72d117da82e4}\mpksl421cd748.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{410505e5-be2e-44b6-8215-72d117da82e4}\MpKsl421cd748.sys [?]

S1 MpKsl5972f8a4;MpKsl5972f8a4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{48ddf77e-2577-4674-986e-ad3928ce2070}\mpksl5972f8a4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{48ddf77e-2577-4674-986e-ad3928ce2070}\MpKsl5972f8a4.sys [?]

S1 MpKsl63233f3d;MpKsl63233f3d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\mpksl63233f3d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{55e42509-3977-4cba-b0c7-8cf779727a7b}\MpKsl63233f3d.sys [?]

S1 MpKsl6eaf2a50;MpKsl6eaf2a50;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{736465df-7c4d-49bf-84b3-0e420c9222f0}\mpksl6eaf2a50.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{736465df-7c4d-49bf-84b3-0e420c9222f0}\MpKsl6eaf2a50.sys [?]

S1 MpKsl8364c35f;MpKsl8364c35f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1b702766-a459-4691-a96a-2e2e030520a9}\mpksl8364c35f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1b702766-a459-4691-a96a-2e2e030520a9}\MpKsl8364c35f.sys [?]

S1 MpKsl8f49281a;MpKsl8f49281a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0eff2fa7-dcc6-4787-bc12-2dac21e766a3}\mpksl8f49281a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0eff2fa7-dcc6-4787-bc12-2dac21e766a3}\MpKsl8f49281a.sys [?]

S1 MpKsl95cd5031;MpKsl95cd5031;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{736465df-7c4d-49bf-84b3-0e420c9222f0}\mpksl95cd5031.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{736465df-7c4d-49bf-84b3-0e420c9222f0}\MpKsl95cd5031.sys [?]

S1 MpKsla98db9d8;MpKsla98db9d8;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8cc29f7e-e807-40ee-98c2-f49133e1edff}\mpksla98db9d8.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8cc29f7e-e807-40ee-98c2-f49133e1edff}\MpKsla98db9d8.sys [?]

S1 MpKslba1d1f4a;MpKslba1d1f4a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{04015f3e-10bc-4392-9dcd-b84aef628570}\mpkslba1d1f4a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{04015f3e-10bc-4392-9dcd-b84aef628570}\MpKslba1d1f4a.sys [?]

S1 MpKslc2e1e80a;MpKslc2e1e80a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{46748694-bef1-4654-a646-11c26fa420ee}\mpkslc2e1e80a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{46748694-bef1-4654-a646-11c26fa420ee}\MpKslc2e1e80a.sys [?]

S1 MpKslc585ef58;MpKslc585ef58;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7dfea5f9-1d42-470b-ac0c-db0ab2d2766f}\mpkslc585ef58.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7dfea5f9-1d42-470b-ac0c-db0ab2d2766f}\MpKslc585ef58.sys [?]

S1 MpKsldbd3fc6e;MpKsldbd3fc6e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d6576914-5675-4007-af23-40f16e9d54a5}\mpksldbd3fc6e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d6576914-5675-4007-af23-40f16e9d54a5}\MpKsldbd3fc6e.sys [?]

S1 MpKslded52ce6;MpKslded52ce6;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{717b0574-e912-4046-a1b3-c45735e9450d}\mpkslded52ce6.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{717b0574-e912-4046-a1b3-c45735e9450d}\MpKslded52ce6.sys [?]

S1 MpKsle34509d4;MpKsle34509d4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{410505e5-be2e-44b6-8215-72d117da82e4}\mpksle34509d4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{410505e5-be2e-44b6-8215-72d117da82e4}\MpKsle34509d4.sys [?]

S2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-8-18 2151640]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-29 135664]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [2006-7-31 580992]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-29 135664]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]

.

=============== Created Last 30 ================

.

2011-10-11 00:40:29 -------- d-sha-r- C:\cmdcons

2011-10-11 00:14:11 98816 ----a-w- c:\windows\sed.exe

2011-10-11 00:14:11 518144 ----a-w- c:\windows\SWREG.exe

2011-10-11 00:14:11 256000 ----a-w- c:\windows\PEV.exe

2011-10-11 00:14:11 208896 ----a-w- c:\windows\MBR.exe

2011-10-11 00:01:59 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{64585dc6-5f4a-4467-a0b1-50934309035c}\MpKsl770cbfff.sys

2011-10-10 23:52:55 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{64585dc6-5f4a-4467-a0b1-50934309035c}\MpKsl3abd3ed7.sys

2011-10-10 23:47:54 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{64585dc6-5f4a-4467-a0b1-50934309035c}\offreg.dll

2011-10-10 23:46:33 7269712 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{64585dc6-5f4a-4467-a0b1-50934309035c}\mpengine.dll

2011-09-24 20:20:02 -------- d-----w- c:\documents and settings\james dean\local settings\application data\FixItCenter

2011-09-24 19:34:20 -------- d-----w- c:\windows\MATS

2011-09-24 19:33:22 -------- d-----w- c:\program files\Microsoft Fix it Center

.

==================== Find3M ====================

.

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-08-31 22:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-19 19:38:48 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-07-19 19:38:46 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2004-07-30 15:56:22 90112 ----a-w- c:\program files\common files\PCSBclean.exe

2004-07-26 21:30:14 291840 ----a-w- c:\program files\common files\PCSBoff.exe

.

============= FINISH: 20:22:46.20 ===============

attach.zip

Link to post
Share on other sites

  • Staff

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Link to post
Share on other sites

Hi,

Finally found something I think.

Here are the results you requested.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=8b14228cf1c24d448e584995c7e2f78f

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-10-12 01:05:40

# local_time=2011-10-11 08:05:40 (-0600, Central Daylight Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=5891 16776869 42 87 0 14351779 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=103698

# found=2

# cleaned=2

# scan_time=6720

C:\Program Files\PConPoint\PConPoint.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP77\A0005653.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Results of screen317's Security Check version 0.99.24

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET Online Scanner v3

Microsoft Security Essentials

```````````````````````````````

Anti-malware/Other Utilities Check:

Ad-Aware

Malwarebytes' Anti-Malware

Java 6 Update 26

Java SE Runtime Environment 6 Update 1

Java 6 Update 7

Java 2 Runtime Environment, SE v1.4.2_03

Out of date Java installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Ad-Aware AAWService.exe is disabled!

Ad-Aware AAWTray.exe is disabled!

Microsoft Security Essentials msseces.exe

Microsoft Security Client Antimalware MsMpEng.exe

America Online 9.0 aoltray.exe

``````````End of Log````````````

I noticed that my Microsoft security essentials turned its self on so I tried to update it but its stuck on installing it and the computer is really slow right now, Will reboot and let you know how it is then.

Link to post
Share on other sites

Hello again,

Ok I had to hold the power button to shut down the computer it completely froze on me.

The Microsoft Security Essentials is turned off on reboot and it said my firewall is disabled.

Now it is as slow or slower (if possible) than it was, before we did anything to it.

It was running slow but it was workable before the ESET scan found those 2 items.

Link to post
Share on other sites

  • Staff

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program(s) (if present):

ESET Online Scanner v3

Java™ 6 Update 26

Java™ SE Runtime Environment 6 Update 1

Java™ 6 Update 7

Java 2 Runtime Environment, SE v1.4.2_03

Ad-Aware (if you don't update and use it regularly)

Restart your computer.

Get the latest version of Java.

Reboot.

Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

-screen317

Link to post
Share on other sites

  • Staff

Well this computer is incredibly old. Not surprising that it's slow.

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

Click Start --> Run, and type in msconfig.exe

Click the Startup tab, then click Disable all...

Click OK.

Restart your computer and use it normally for a bit. See if there is any improvement.

-screen317

Link to post
Share on other sites

  • 2 weeks later...

Hello screen317,

I'm Still here.

This computer ran really fast right after I ran TFC but has gotten slower as time goes by.

I know it is an old computer but I still think there is something going on with it.I guess its in the hardware if you havent seen anything going on with it.

It is running well enough to use it at least. Any other suggestions you might have for me to try? (buying a new one is out by the way) :)If not then let me know what I need to do to put it all back the way I need to.

Thank you for all your help by the way.

willd

Link to post
Share on other sites

  • Staff

Hi,

If you're unable to buy a new computer outright, buying memory (pretty cheap nowadays) could give you a significant boost.

You only have 512MB RAM currently. If you upgraded to 1 or 2GB, I think you'd notice a huge performance gain.

See here:

http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&N=100006650&IsNodeId=1&Description=DIMM%20SDRAM%202GB&bop=And&Order=PRICE&PageSize=20

Corsair, Patriot, and Kingston are generally pretty reliable. :)

Link to post
Share on other sites

Hi screen317,

Ill see what we can do as far as adding memory.

I assume that everything is clear (if there ever was a problem) Is there anything I should clean up, delete or turn back on? If not then I guess you can close this topic.

Again than you for all your help. I dont know where I would turn to for help if you all were not here.

Thank You,

willd

Link to post
Share on other sites

  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.