Credit Card Info Stolen

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > HijackThis Logs and Malware Removal

Forum Guidelines

Read this topic before posting a log.

DO NOT post a ComboFix log unless requested to.

Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

Credit Card Info Stolen, Hijack this log to make sure it's not a trojan etc

Options

AutomagRT666 View Member Profile	Jul 4 2008, 09:27 PM Post #1
New Member Group: Members Posts: 3 Joined: 4-July 08 Member No.: 220,511	Hey everyone, new member, and not my favorite kind of first post to make but... I just checked my bank account info and apparently someone from Seoul Korea has been making lovely charges on my account and I wanted to make sure I don't have some kind of spyware/malware/trojan running in the background, granted I haven't made any online purchases in a long time nor do I save my credit card info anywhere but, here's my HijackThis log, thanks in advance for all of your help. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:21:24 PM, on 7/4/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: E:\Program Files (x86)\Registry Clean Expert\RCHelper.exe E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Razer Barracuda AC-1 Gaming Audio Card\CustomAPP\RAZER BARRACUDA AC-1 GAMING AUDIO CARD.EXE C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe E:\Program Files (x86)\Trillian\trillian.exe E:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe E:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [avgnt] "E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [RegClean Expert Scheduler] "E:\Program Files (x86)\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CBD277E6-EA51-47F1-97D3-564331D6FD5F}: NameServer = 68.87.71.226,68.87.73.242 O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing) O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - E:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\Windows\system32\ZuneWlanCfgSvc.exe (file missing) --

thewall View Member Profile	Jul 5 2008, 06:53 AM Post #2
Forum Addict Group: HJT Senior Classmen Posts: 1,013 Joined: 19-June 07 From: North Fla. U.S.A. Member No.: 137,685	Hello AutomagRT666 Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you and will need some time to look over your log. Please advice me of any programs you have used to try and fix the problems you have encountered. I would also ask that you refrain from running any tools other than those we will ask you to while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Since all of our helpers are volunteers and we are really busy I may be a little slow getting back to you, but don't despair as I won't forget. In the meantime I will need you to perform the following: Please download Deckard's System Scanner (DSS) and save to your Desktop. alternate download site DSS will do the following: Create a new System Restore point in Windows XP and Vista. Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives. Check some important areas of your system and produce a report for an analyst to review. Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes. You must be logged onto an account with administrator privileges when using. Close all applications and windows. Double-click on dss.exe to run it and follow the prompts. If your anti-virus or firewall complains, please allow this script to run as it is not malicious. When the scan is complete, two text files will open in Notepad: main.txt <- this one will be maximized extra.txt <- this one will be minimized If not, they both can be found in the C:\Deckard\System Scanner folder. Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply. -- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do so. -- If you get a warning from your anti-virus while DSS is scanning, please allow DSS to continue as the scan is not harmful. Thanks, thewall This post has been edited by thewall: Jul 5 2008, 09:55 AM

AutomagRT666 View Member Profile	Jul 5 2008, 11:17 AM Post #3
New Member Group: Members Posts: 3 Joined: 4-July 08 Member No.: 220,511	Hi TheWall, I thank you in advance for your help, I have run just about every anti-spyware/malwar and anti-virus program available to me (I'm a Lab Support Engineer at EMC and I have lots of programs available to me and I don't believe there's anything in my computer since I went through myself and didn't find anything, but I just wanted a second opinion on the HijackThis log) and nothing popped up, not even tracking cookies (I'm very careful), I believe that my credit card info was stolen from Hannaford Grocery store since they had their database attacked and thousands of credit cards were stolen but I just wanted to be extra safe and make sure that nothing was running in the background that I missed. Thanks again! This post has been edited by Orange Blossom: Jul 6 2008, 04:40 PM Reason for edit: Delete unnecessary quote. ~ OB

thewall View Member Profile	Jul 5 2008, 12:07 PM Post #4
Forum Addict Group: HJT Senior Classmen Posts: 1,013 Joined: 19-June 07 From: North Fla. U.S.A. Member No.: 137,685	Hello again AutomagRT666, I understand what you are saying and of course it is your option as to what you want to do. However if you would still like us to check out your machine I will need the DSS logs I requested. There is one indication of something being present on it as it stands, but I need more info to go further.

AutomagRT666 View Member Profile	Jul 5 2008, 02:08 PM Post #5
New Member Group: Members Posts: 3 Joined: 4-July 08 Member No.: 220,511	Oh absolutely, here's the log Deckard's System Scanner v20071014.68 Run by Nick on 2008-07-05 15:05:43 Computer is in Normal Mode. -------------------------------------------------------------------------------- Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Nick.exe) ------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:07:29 PM, on 7/5/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: E:\Program Files (x86)\Registry Clean Expert\RCHelper.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Razer Barracuda AC-1 Gaming Audio Card\CustomAPP\RAZER BARRACUDA AC-1 GAMING AUDIO CARD.EXE E:\Program Files (x86)\Trillian\trillian.exe E:\Downloads\dss.exe E:\PROGRA~2\Trend Micro\HijackThis\Nick.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [avgnt] "E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [RegClean Expert Scheduler] "E:\Program Files (x86)\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: SetPointII.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CBD277E6-EA51-47F1-97D3-564331D6FD5F}: NameServer = 68.87.71.226,68.87.73.242 O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - E:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing) O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - E:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\Windows\system32\ZuneWlanCfgSvc.exe (file missing) -- End of file - 6434 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing) R0 atapi (IDE Channel) - c:\windows\system32\drivers\atapi.sys (file missing) R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing) R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing) R0 disk (Disk Driver) - c:\windows\system32\drivers\disk.sys (file missing) R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing) R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing) R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing) R0 fvevol (BitLocker Drive Encryption Filter Driver) - c:\windows\system32\drivers\fvevol.sys (file missing) R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing) R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing) R0 msisadrv (ISA/EISA Class Driver) - c:\windows\system32\drivers\msisadrv.sys (file missing) R0 Mup - c:\windows\system32\drivers\mup.sys (file missing) R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing) R0 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing) R0 nvstor64 - c:\windows\system32\drivers\nvstor64.sys (file missing) R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing) R0 pci (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys (file missing) R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing) R0 SI3132 (SiI-3132 SATALink Controller) - c:\windows\system32\drivers\si3132.sys (file missing) R0 Si3132r5 (SiI-3132 SoftRaid 5 Controller) - c:\windows\system32\drivers\si3132r5.sys (file missing) R0 SiFilter (SATALink driver accelerator) - c:\windows\system32\drivers\siwinacc.sys (file missing) R0 SiRemFil (SATALink External Device Filter) - c:\windows\system32\drivers\siremfil.sys (file missing) R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing) R0 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) R0 volmgr (Volume Manager Driver) - c:\windows\system32\drivers\volmgr.sys (file missing) R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing) R0 volsnap (Storage volumes) - c:\windows\system32\drivers\volsnap.sys (file missing) R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing) R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing) R1 cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys (file missing) R1 CSC (Offline Files Driver) - c:\windows\system32\drivers\csc.sys (file missing) R1 DfsC (DFS Namespace Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing) R1 kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing) R1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys (file missing) R1 mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing) R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing) R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing) R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing) R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing) R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing) R1 Null - c:\windows\system32\drivers\null.sys (file missing) R1 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\pacer.sys (file missing) R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing) R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing) R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing) R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing) R1 Smb (Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)) - c:\windows\system32\drivers\smb.sys (file missing) R1 tdx (NetIO Legacy TDI Support Driver) - c:\windows\system32\drivers\tdx.sys (file missing) R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing) R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing) R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing) R2 avgntflt - c:\windows\system32\drivers\avgntflt.sys (file missing) R2 irda (IrDA Protocol) - c:\windows\system32\drivers\irda.sys (file missing) R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing) R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing) R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing) R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing) R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing) R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing) R3 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing) R3 atikmdag - c:\windows\system32\drivers\atikmdag.sys (file missing) R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing) R3 cmudaxp (Razer Barracuda AC-1 Gaming Interface) - c:\windows\system32\drivers\cmudaxp.sys (file missing) R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing) R3 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing) R3 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing) R3 HdAudAddService (Microsoft 1.1 UAA Function Driver for High Definition Audio Service) - c:\windows\system32\drivers\hdaudio.sys (file missing) R3 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing) R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys (file missing) R3 HTTP - c:\windows\system32\drivers\http.sys (file missing) R3 iScsiPrt (iScsiPort Driver) - c:\windows\system32\drivers\msiscsi.sys (file missing) R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing) R3 LHidFilt (Logitech SetPoint KMDF HID Filter Driver) - c:\windows\system32\drivers\lhidfilt.sys (file missing) R3 LMouFilt (Logitech SetPoint KMDF Mouse Filter Driver) - c:\windows\system32\drivers\lmoufilt.sys (file missing) R3 monitor (Microsoft Monitor Class Function Driver Service) - c:\windows\system32\drivers\monitor.sys (file missing) R3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing) R3 mpsdrv (Windows Firewall Authorization Driver) - c:\windows\system32\drivers\mpsdrv.sys (file missing) R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing) R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing) R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing) R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing) R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing) R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys (file missing) R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys (file missing) R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing) R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing) R3 NVENETFD (NVIDIA nForce 10/100/1000 Mbps Ethernet ) - c:\windows\system32\drivers\nvmfdx64.sys (file missing) R3 ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing) R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing) R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing) R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys (file missing) R3 RasSstp (WAN Miniport (SSTP)) - c:\windows\system32\drivers\rassstp.sys (file missing) R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing) R3 srv - c:\windows\system32\drivers\srv.sys (file missing) R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing) R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing) R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing) R3 tunmp (Microsoft Tun Miniport Adapter Driver) - c:\windows\system32\drivers\tunmp.sys (file missing) R3 tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver) - c:\windows\system32\drivers\tunnel.sys (file missing) R3 umbus (UMBus Enumerator Driver) - c:\windows\system32\drivers\umbus.sys (file missing) R3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys (file missing) R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys (file missing) R3 usbhub (Microsoft USB Standard Hub Driver) - c:\windows\system32\drivers\usbhub.sys (file missing) R3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing) R3 WmBEnum (Logitech Virtual Bus Enumerator Driver) - c:\windows\system32\drivers\wmbenum.sys (file missing) R3 WmFilter (Logitech Gaming HID Filter Driver) - c:\windows\system32\drivers\wmfilter.sys (file missing) R3 WmVirHid (Logitech Virtual Hid Device Driver) - c:\windows\system32\drivers\wmvirhid.sys (file missing) R3 WmXlCore (Logitech Translation Layer Driver) - c:\windows\system32\drivers\wmxlcore.sys (file missing) R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing) S1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing) S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing) S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys (file missing) S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing) S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing) S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing) S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys (file missing) S3 E1G60 (Intel® PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing) S3 exfat (exFAT File System Driver) - c:\windows\system32\drivers\exfat.sys (file missing) S3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing) S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing) S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing) S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing) S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing) S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing) S3 irsir (Microsoft Serial Infrared Driver) - c:\windows\system32\drivers\irsir.sys (file missing) S3 Modem - c:\windows\system32\drivers\modem.sys (file missing) S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing) S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing) S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing) S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing) S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing) S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers\nwifi.sys (file missing) S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing) S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing) S3 QWAVEdrv (QWAVE driver) - c:\windows\system32\drivers\qwavedrv.sys (file missing) S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing) S3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing) S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing) S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing) S3 Tcpip6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing) S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing) S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing) S3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing) S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing) S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing) S3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys (file missing) S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing) S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing) S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys (file missing) S3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing) S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing) S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing) S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing) S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing) S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing) S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing) S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing) S4 arc - c:\windows\system32\drivers\arc.sys (file missing) S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing) S4 blbdrive - c:\windows\system32\drivers\blbdrive.sys (file missing) S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing) S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing) S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing) S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing) S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing) S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing) S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing) S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing) S4 ErrDev (Microsoft Hardware Error Device Driver) - c:\windows\system32\drivers\errdev.sys (file missing) S4 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing) S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing) S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing) S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing) S4 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing) S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing) S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing) S4 intelide - c:\windows\system32\drivers\intelide.sys (file missing) S4 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing) S4 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing) S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing) S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing) S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing) S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing) S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing) S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing) S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing) S4 MegaSR - c:\windows\system32\drivers\megasr.sys (file missing) S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing) S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing) S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing) S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing) S4 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing) S4 nvraid (NVIDIA nForce RAID Driver ) - c:\windows\system32\drivers\nvraid.sys (file missing) S4 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing) S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing) S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing) S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing) S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing) S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing) S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing) S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing) S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing) S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing) S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing) S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing) S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing) S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing) S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing) S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing) S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing) S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing) S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing) S4 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing) S4 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing) S4 viaide - c:\windows\system32\drivers\viaide.sys (file missing) S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing) S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing) S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing) S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing) S4 ws2ifsl (Winsock IFS driver) - c:\windows\system32\drivers\ws2ifsl.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "e:\program files (x86)\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 Ati External Event Utility - c:\windows\system32\ati2evxx.exe (file missing) R2 O&O Defrag - c:\windows\system32\oodag.exe (file missing) R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe (file missing) R2 slsvc (Software Licensing) - c:\windows\system32\slsvc.exe (file missing) R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe (file missing) R3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe (file missing) S3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe (file missing) S3 DFSR (DFS Replication) - c:\windows\system32\dfsr.exe (file missing) S3 Fax - c:\windows\system32\fxssvc.exe (file missing) S3 KeyIso (CNG Key Isolation) - c:\windows\system32\lsass.exe (file missing) S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing) S3 Netlogon - c:\windows\system32\lsass.exe (file missing) S3 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe (file missing) S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe (file missing) S3 SNMPTRAP (SNMP Trap) - c:\windows\system32\snmptrap.exe (file missing) S3 Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe /runasservice S3 UI0Detect (Interactive Services Detection) - c:\windows\system32\ui0detect.exe (file missing) S3 vds (Virtual Disk) - c:\windows\system32\vds.exe (file missing) S3 wbengine (Block Level Backup Engine Service) - "c:\windows\system32\wbengine.exe" (file missing) S3 wmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing) S3 ZuneWlanCfgSvc (Zune Wireless Configuration Service) - c:\windows\system32\zunewlancfgsvc.exe (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-06-05 and 2008-07-05 ----------------------------- 2008-07-04 22:16:33 0 d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-07-03 14:42:39 0 d-------- C:\Users\All Users\ATI 2008-07-03 14:39:17 0 d-------- C:\ATI 2008-07-02 14:45:33 21840 --a------ C:\Windows\system32\SIntfNT.dll 2008-07-02 14:45:33 17212 --a------ C:\Windows\system32\SIntf32.dll 2008-07-02 14:45:33 12067 --a------ C:\Windows\system32\SIntf16.dll 2008-07-01 20:09:02 0 d-------- C:\Program Files (x86)\Microsoft Works 2008-07-01 20:08:43 0 d-------- C:\Program Files (x86)\Microsoft.NET 2008-07-01 20:07:07 0 d-------- C:\Users\All Users\Microsoft Help 2008-06-30 20:38:42 0 d-------- C:\Program Files (x86)\Google 2008-06-30 16:02:33 0 d-------- C:\Windows\system32\directx 2008-06-29 03:19:42 0 d-------- C:\Users\All Users\Avira 2008-06-27 02:25:34 0 d-------- C:\Windows\PCHEALTH 2008-06-26 14:32:05 0 d-------- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2008-06-24 19:52:18 0 d-------- C:\Program Files (x86)\RivaTuner v2.09 2008-06-24 18:17:54 0 d-------- C:\Program Files (x86)\ATI Technologies 2008-06-24 15:58:44 110592 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL™ Library> 2008-06-24 15:33:11 0 d-------- C:\Windows\system32\Futuremark 2008-06-24 15:33:11 3972 --a------ C:\Windows\system32\drivers\PciBus.sys 2008-06-23 21:52:19 0 d--hs---- C:\found.000 2008-06-21 20:29:38 0 d-------- C:\Users\All Users\CyberLink 2008-06-21 20:29:10 0 d-------- C:\Program Files (x86)\Cyberlink 2008-06-20 19:44:11 0 d--hs---- C:\Windows\ftpcache 2008-06-20 19:40:19 0 d-------- C:\Program Files (x86)\Common Files\Steam 2008-06-20 19:06:12 0 d-------- C:\Users\All Users\Codemasters 2008-06-20 19:03:05 0 d-------- C:\Program Files (x86)\OpenAL 2008-06-20 17:12:46 0 d-------- C:\Windows\Panther 2008-06-20 17:12:30 0 d--hs---- C:\Boot 2008-06-20 16:14:55 0 d-------- C:\Windows\CSC 2008-06-20 16:13:27 0 d--hs---- C:\System Volume Information 2008-06-20 16:02:11 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information 2008-06-20 15:02:05 0 d-------- C:\Users\All Users\media center programs 2008-06-20 14:25:07 0 d-------- C:\Users\All Users\Funcom 2008-06-20 14:23:21 0 d-------- C:\Users\All Users\Logitech 2008-06-20 14:23:21 0 d-------- C:\Program Files (x86)\Logitech 2008-06-20 14:22:12 0 d-------- C:\Program Files (x86)\Common Files\LogiShrd 2008-06-20 14:21:57 0 d-------- C:\Users\All Users\LogiShrd 2008-06-20 13:58:06 65536 --a------ C:\Windows\VMix.dll 2008-06-20 13:55:12 0 --a------ C:\Windows\ativpsrm.bin 2008-06-20 13:53:09 0 d--hs---- C:\Windows\Installer 2008-06-20 13:46:24 0 d-------- C:\NVIDIA 2008-06-20 13:42:46 0 d-------- C:\Windows\system32\Macromed 2008-06-20 13:26:51 0 dr------- C:\Users\Nick\Searches 2008-06-20 13:26:42 0 dr------- C:\Users\Nick\Contacts 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\Templates 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\Start Menu 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\SendTo 2008-06-20 13:26:36 0 dr------- C:\Users\Nick\Saved Games 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\Recent 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\PrintHood 2008-06-20 13:26:36 2621440 --ahs---- C:\Users\Nick\NTUSER.DAT 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\NetHood 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\My Documents 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\Local Settings 2008-06-20 13:26:36 0 dr------- C:\Users\Nick\Links 2008-06-20 13:26:36 0 dr------- C:\Users\Nick\Favorites 2008-06-20 13:26:36 0 dr------- C:\Users\Nick\Desktop 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\Cookies 2008-06-20 13:26:36 0 d--hs---- C:\Users\Nick\Application Data 2008-06-20 13:26:36 0 d--h----- C:\Users\Nick\AppData 2008-06-20 13:23:47 171136 -rahs---- C:\grldr 2008-06-20 13:21:04 0 d-------- C:\Windows\Debug 2008-06-20 13:17:02 0 d-------- C:\Windows\SoftwareDistribution -- Find3M Report --------------------------------------------------------------- 2008-07-03 14:42:39 0 d-------- C:\Users\Nick\AppData\Roaming\ATI 2008-07-01 20:08:51 0 d-------- C:\Program Files (x86)\Common Files 2008-06-30 18:54:37 0 d-------- C:\Users\Nick\AppData\Roaming\DivX 2008-06-28 15:15:28 0 d-------- C:\Users\Nick\AppData\Roaming\U3 2008-06-27 15:06:25 0 d-------- C:\Users\Nick\AppData\Roaming\WinRAR 2008-06-27 13:20:46 0 d-------- C:\Users\Nick\AppData\Roaming\MusicNet 2008-06-26 14:35:52 0 d-------- C:\Users\Nick\AppData\Roaming\Ventrilo 2008-06-21 22:12:41 0 d-------- C:\Users\Nick\AppData\Roaming\atitray 2008-06-21 20:29:38 0 d-------- C:\Users\Nick\AppData\Roaming\CyberLink 2008-06-20 18:51:49 0 d-------- C:\Users\Nick\AppData\Roaming\DAEMON Tools 2008-06-20 16:17:06 0 d-------- C:\Users\Nick\AppData\Roaming\iExpert Software 2008-06-20 14:22:13 0 d-------- C:\Users\Nick\AppData\Roaming\Leadertech 2008-06-20 14:12:35 0 d-------- C:\Users\Nick\AppData\Roaming\Mozilla 2008-06-20 13:42:47 0 d-------- C:\Users\Nick\AppData\Roaming\Macromedia 2008-06-20 13:42:47 0 d-------- C:\Users\Nick\AppData\Roaming\Adobe 2008-06-20 13:32:23 0 d-------- C:\Program Files (x86)\Windows Mail 2008-06-20 13:26:43 0 d-------- C:\Users\Nick\AppData\Roaming\Identities 2008-05-30 19:22:48 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2008-05-30 19:22:48 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-30 19:22:48 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-30 19:22:46 815104 --a------ C:\Windows\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-30 19:22:46 683520 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-22 18:22:18 3596288 --a------ C:\Windows\system32\qt-dx331.dll 2008-05-22 18:19:46 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2008-05-22 18:19:46 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-05-22 18:18:54 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll -- Registry Dump --------------------------------------------------------------- -- Hosts ----------------------------------------------------------------------- 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 8772 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-07-05 15:08:04 ------------ Removed unnecessary quote. ~ OB This post has been edited by Orange Blossom: Jul 6 2008, 04:41 PM

thewall View Member Profile	Jul 6 2008, 04:34 PM Post #6
Forum Addict Group: HJT Senior Classmen Posts: 1,013 Joined: 19-June 07 From: North Fla. U.S.A. Member No.: 137,685	As you can see from the DSS log the program is not set up to read 64 bit systems and that is why all the "file missing" entries showed up in the log. I just didn't pick up on it. Your log appears to be clean although if you haven't already did so you may want to make a pass with an on-line scanner like Kaspersky just for general principles. Also wouldn't hurt clean-up the temporary files using cleanmgr if you have not done so lately. I wish you good luck with your stolen credit card and if you would reply and let me know I will give you some additional info we have put together to help with keeping your computer safe. Below is the Kaspersky link if you choose to run it. Please do an online scan with Kaspersky WebScanner Click on Kaspersky Online Scanner You will be prompted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected: Scan using the following Anti-Virus database: Extended (if available otherwise Standard) Scan Options: Scan Archives Scan Mail Bases Click OK Now under select a target to scan: Select My Computer This will program will start and scan your system. The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected. Now click on the Save as Text button: Save the file to your desktop. Copy and paste that information in your next post. Thanks, thewall

Blender View Member Profile	Jul 13 2008, 04:12 AM Post #7
I will eat your Malware Group: HJT Team Coach Posts: 2,269 Joined: 14-November 04 From: Ontario Member No.: 5,056	Hello, Due to inactivity this topic is now closed. If you need it re-opened please PM a member of the Moderating team with a link to your topic. Thank you & surf safe! Blender -------------------- I'll have an order of massive trojan attack please with a side order of rootkit and virus dip. Pre-course order of fresh spyware salad please with a side order of polymorphic dressing. And to drink...a nice tall glass of adware! For dessert; can I have a bowl of the freshest worms you have please?. Never Give Up! If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware

« Next Oldest · HijackThis Logs and Malware Removal · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 10th October 2008 - 02:21 PM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Malware Removal Guides