Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirects (Even in firefox?)


  • This topic is locked This topic is locked
8 replies to this topic

#1 dublion

dublion

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester
  • Local time:11:14 AM

Posted 18 June 2009 - 12:50 AM

I have been having problems after accidentaly download a video clip then downloaded a 'codec' which ended up filling my system up with spyware, i though i got rid of it all with malwarebyes (after renaming the file as it wouldnt run otherwise) anyway here are my logs. i can see a few things look a bit wrong but not sure exactly what to do. Thanks in advance

p.s the gmer file was a bit big for upload here so i had to rar it up, just rename the extention

Attached Files


Edited by dublion, 18 June 2009 - 12:55 AM.


BC AdBot (Login to Remove)

 


#2 dublion

dublion
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester
  • Local time:11:14 AM

Posted 21 June 2009 - 12:38 AM

its there anything i can do? this service is not loading up windows properly now. it just shows a black background & the mouse. im posting this using the asus splashtop browser... its getting worse & worse. sorry for the bump but im having bad trouble and i need the pc for work, many thanks in advance

edit: im back into windows after about 8 reboots... not going to shut it off any time soon but MSIVXdlmlkyrujkyxfenpkxlqpsboyljxjsan.sys seems to be the problem
===========

Hello

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

Thank you for understanding.

Orange Blossom ~ forum moderator

Edited by Orange Blossom, 22 June 2009 - 12:01 AM.


#3 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:02:14 AM

Posted 24 June 2009 - 02:18 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#4 dublion

dublion
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester
  • Local time:11:14 AM

Posted 24 June 2009 - 02:42 PM

Thank you for your reply... the problem is still not fixed sadly, i keep getting pop ups and redirects and my system is runing very slow using firefox... also sometimes my it does not boot up and just shows a black screen after loading windows. many thanks!

Attached Files



#5 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:02:14 AM

Posted 25 June 2009 - 01:55 AM

Hello dublion,

My name is Tokek and I will be helping you with your Malware problem.

There may be a delay in my response to your posts as I am still currently in training. I will be helping you with supervision of the teachers and they will approve every posts before I present them to you.

Please make no further changes or run any other tools unless instructed to. This may hinder the cleaning of your machine.

Please give me some time to look over your log, I will post the reply as soon as they are approved.

For future reference, please copy and paste the logs into your reply instead of uploading them as an attachment. That will allow me to go through the log more efficiently.
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#6 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:02:14 AM

Posted 25 June 2009 - 02:17 PM

Hello dublion,

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2
Link 3


**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new DDS log for further review.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


Please copy and paste the log results into your reply instead of uploading the txt files (except for attach.txt as that is an optional log).

Please reply with the ComboFix log, DDS log and your original GMER log (copy and paste) in your next reply.
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#7 dublion

dublion
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester
  • Local time:11:14 AM

Posted 25 June 2009 - 04:48 PM

DDS (Ver_09-05-14.01) - NTFSx86
Run by LuvDub at 20:38:54.15 on 24/06/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3327.2146 [GMT 1:00]

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
E:\Program Files\COMODO\Firewall\cmdagent.exe
E:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
E:\WINDOWS\system32\spoolsv.exe
e:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ASUS\Six Engine\SixEngine.exe
E:\Program Files\Eset\nod32kui.exe
E:\Program Files\COMODO\Firewall\cfp.exe
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
E:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Electronic Arts\EADM\Core.exe
E:\Program Files\Creative\SBAudigy2ZS\Entertainment Center\EAXLoadr.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
E:\WINDOWS\system32\CTsvcCDA.exe
E:\Program Files\FolderSize\FolderSizeSvc.exe
E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
E:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe -k imgsvc
E:\WINDOWS\System32\svchost.exe -k HTTPFilter
E:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe
E:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe
E:\Program Files\foobar2000\foobar2000.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\SNDVOL32.EXE
E:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Documents and Settings\LuvDub\Desktop\dds.scr
E:\Documents and Settings\LuvDub\Desktop\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - e:\program files\asksearch\bin\DefaultSearch.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - e:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - e:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - e:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {1e083b7b-9322-4eed-9be5-f801a8370d9a} - e:\windows\system32\geBtRijI.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - e:\program files\real\rpbrowserrecordplugin.dll
BHO: {39729901-b044-41e0-b4d7-352d518e0157} - e:\windows\system32\jkkJdbBq.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - e:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - e:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - e:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - e:\program files\megaupload\mega manager\MegaIEMn.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - e:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - e:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uRun: [MsnMsgr] "e:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] e:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "e:\program files\messenger\msmsgs.exe" /background
uRun: [EA Core] "e:\program files\electronic arts\eadm\Core.exe" -silent
mRun: [Six Engine] "e:\program files\asus\six engine\SixEngine.exe" -r
mRun: [SBDrvDet] e:\program files\creative\sb drive det\SBDrvDet.exe /r
mRun: [nod32kui] "e:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [COMODO Firewall Pro] "e:\program files\comodo\firewall\cfp.exe" -h
mRun: [QuickTime Task] "e:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "e:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [SunJavaUpdateSched] e:\program files\java\jre1.5.0_06\bin\jusched.exe
mRun: [TkBellExe] "e:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [LogitechCommunicationsManager] "e:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [COMODO Internet Security] "e:\program files\comodo\firewall\cfp.exe" -h
mRun: [PC Suite for Smartphones] "e:\program files\sony ericsson\mobile4\application launcher\Application Launcher.exe" /startoptions
mRun: [VolPanel] "e:\program files\creative\sbaudigy2zs\volume panel\VolPanlu.exe" /r
mRun: [CTDVDDET] "e:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"
mRun: [RCSystem] "e:\program files\creative\shared files\module loader\DLLML.exe" RCSystem * -Startup
mRun: [AudioDrvEmulator] "e:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "e:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [UpdReg] e:\windows\UpdReg.EXE
mRun: [ATIModeChange] Ati2mdxx.exe
mRun: [StartCCC] "e:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] e:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - e:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - e:\program files\paltalk messenger\Paltalk.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - e:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - e:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - e:\progra~1\spybot~1\SDHelper.dll
LSP: e:\windows\system32\imon.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxps://eu.webapps.halcrow.com/CitrixSessionInit/ICAWEB/icaweb.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - e:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - e:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - e:\docume~1\luvdub\applic~1\mozilla\firefox\profiles\p1gehssx.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: e:\program files\rapidsolution\tunebite\plugins\geckobased\tunebite-firefox-surf-and-catch-extension@audials.com\components\TB_WebRipFFPlugin.dll
FF - component: e:\program files\real\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: e:\program files\java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: e:\program files\rapidsolution\tunebite\plugins\geckobased\tunebite-firefox-surf-and-catch-extension@audials.com\plugins\np_TB_OgloPlugin.dll
FF - plugin: e:\program files\real\netscape6\nppl3260.dll
FF - plugin: e:\program files\real\netscape6\nprjplug.dll
FF - plugin: e:\program files\real\netscape6\nprpjplug.dll

============= SERVICES / DRIVERS ===============

R0 hotcore3;hotcore3;e:\windows\system32\drivers\hotcore3.sys [2008-10-8 39472]
R0 mv61xx;mv61xx;e:\windows\system32\drivers\mv61xx.sys [2008-10-8 150568]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;e:\windows\system32\drivers\cmdguard.sys [2008-10-9 110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;e:\windows\system32\drivers\cmdhlp.sys [2008-10-9 24336]
R1 nod32drv;nod32drv;e:\windows\system32\drivers\nod32drv.sys [2008-10-9 15424]
R2 cmdAgent;COMODO Internet Security Helper Service;e:\program files\comodo\firewall\cmdagent.exe [2008-10-9 700152]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;e:\program files\common files\nero\nero backitup 4\NBService.exe [2008-9-29 935208]
R2 NOD32krn;NOD32 Kernel Service;e:\program files\eset\nod32krn.exe [2008-10-9 552064]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;e:\windows\system32\drivers\AtiHdmi.sys [2008-10-8 89600]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM);e:\windows\system32\drivers\zebrceb.sys [2009-3-5 63360]
S0 hcihsor;hcihsor;e:\windows\system32\drivers\ntigxvl.sys --> e:\windows\system32\drivers\ntigxvl.sys [?]
S0 ihdc;ihdc;e:\windows\system32\drivers\rruut.sys --> e:\windows\system32\drivers\rruut.sys [?]
S3 COMMONFX;COMMONFX;e:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
S3 CTAUDFX;CTAUDFX;e:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
S3 CTERFXFX;CTERFXFX;e:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTSBLFX;CTSBLFX;e:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;e:\windows\system32\drivers\rt2870.sys [2008-10-8 517632]
S3 zebrbus;Sony Ericsson Composite Device driver;e:\windows\system32\drivers\zebrbus.sys [2009-3-5 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter;e:\windows\system32\drivers\zebrmdfl.sys [2009-3-5 14848]
S3 zebrmdm;Sony Ericsson Port (WDM);e:\windows\system32\drivers\zebrmdm.sys [2009-3-5 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM);e:\windows\system32\drivers\zebrmdmc.sys [2009-3-5 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port;e:\windows\system32\drivers\zebrsce.sys [2009-3-5 91264]

=============== Created Last 30 ================

2009-06-23 07:26 <DIR> --d----- E:\Dubconductor Dubplates
2009-06-23 07:24 <DIR> --d----- E:\++++++++++++++
2009-06-23 07:15 <DIR> --d----- E:\Various - Yabba U Presenting New Roots Reggae (Yabby Rec. LP)
2009-06-22 23:48 <DIR> --d----- E:\VA-Old_To_The_New_Steelie_And_Clevie_(Deluxe_Edition)-2CD-2008-YARD
2009-06-22 23:48 <DIR> --d----- E:\Twinkle_Brothers-Devil_Worshippers-(7_Inch-NG187)-Vinyl-2001-GMG
2009-06-22 23:48 <DIR> --d----- E:\Tomaski-Shaka_Zulu_Livication_(LC10002)-Vinyl-2008-RAC
2009-06-22 23:48 <DIR> --d----- E:\The_Heptones-Everyday_Life-(7_Inch_Reissue_1977-Observer)-Vinyl-2005-GMG
2009-06-22 21:11 <DIR> --d----- E:\VA-Singles_Series_Volume_1-WEB-2008-JAH
2009-06-22 21:11 <DIR> --d----- E:\VA-Ska_Riddim-Vinyl-2008-211
2009-06-22 21:10 <DIR> --d----- E:\VA-Sufferah_Riddim-Promo-2008-JAH
2009-06-22 21:10 <DIR> --d----- E:\Whitelabel-Unknown_Artist_vs_MJ_Cole_vs_Bjork-NAUGHTY01-BOOTLEG-VINYL-2008-sour
2009-06-22 21:10 <DIR> --d----- E:\VA-VP_Reggae-(Sampler)-2009-H3X
2009-06-22 18:33 <DIR> --d----- E:\Sane_Kry_riddim-promo_cd-2006-r2r
2009-06-22 00:54 <DIR> --d----- E:\Dub_Terror-Dub_Terror-2009-SPLiFF
2009-06-22 00:54 <DIR> --d----- E:\VA-Pow_Pow_Productions-Respond-2009-SPLiFF
2009-06-22 00:54 <DIR> --d----- E:\Tarrus_Riley-Young_Heart_Reminiscing-VLS-2009-YARD
2009-06-22 00:54 <DIR> --d----- E:\VA-Love_I_Can_Feel-A_Groove_For_The_Cure-2009-SPLiFF
2009-06-21 15:01 <DIR> --d----- E:\The_Dub_Machinist-Worldwide_Dub_(Control_Tower)-CD-2009-RAC
2009-06-20 12:49 <DIR> --d----- E:\VA-The_Mission_Riddim_(Baby_G_Productions)-Promo_CD-2008-Gully_iNT
2009-06-20 12:49 <DIR> --d----- E:\VA-The_Mission_Riddim-Promo_CD-(More)-2008-nG
2009-06-18 21:41 <DIR> --d----- E:\Terror.at.Blood.Fart.Lake.2009.STV.DVDRip.XviD-FHW
2009-06-16 21:59 <DIR> --d----- E:\Kama.Sutra.The.Sensual.Art.Of.Lovemaking.Touch.And.The.Ultimate.Kiss.2002.DVDRip.XviD-GiQ
2009-06-16 07:33 <DIR> --d----- E:\Seven.Pounds.DVDRip.XViD-PUKKA
2009-06-16 06:56 <DIR> --d----- E:\Earl_Sixteen_And_Disciples_Riddim_Section-Rise_UP_(RYR1007)-Vinyl-2009-RAC
2009-06-15 18:35 <DIR> --d----- E:\Night at the Museum 2 Battle Of The Smithsonian ENG R5 - Lynks
2009-06-15 18:35 <DIR> --d----- E:\Night.At.The.Museum.2.R5.LiNE.XviD-KAMERA
2009-06-15 06:50 <DIR> --d----- E:\Pete Philly & Perquisite
2009-06-15 06:46 <DIR> --d----- E:\N.A.S.A.-The_Spirit_Of_Apollo-2009-CR
2009-06-15 06:43 <DIR> --d----- E:\Spin_Doctor-You_Know_What_Love_Is_(A_J-Dilla_Tribute)-2CD-Bootleg-2009-FTD
2009-06-15 06:42 <DIR> --d----- E:\Q-Tip - The Renaissance
2009-06-14 20:37 40,160 a------- e:\windows\system32\drivers\mbamswissarmy.sys
2009-06-14 20:37 19,096 a------- e:\windows\system32\drivers\mbam.sys
2009-06-14 20:37 <DIR> --d----- e:\program files\Malwarebytes' Anti-Malware
2009-06-14 20:31 1,289,851 a------- E:\PowerISO v4.4 Latest + Serials REZMAN1984.7z
2009-06-14 12:16 <DIR> --d----- E:\VA-Inner_Resort__Relaxin_Voyage_(XNSS10131)-CD-2008-BF
2009-06-14 12:16 <DIR> --d----- E:\VA-Heigher_Heights-Culture_Mix_Warm_Up_Vol.9-Bootleg_CD-2008-RAS
2009-06-14 12:16 <DIR> --d----- E:\VA-Meditative_Sounds_(10_Inch_MRS10001)-VLS-2005-RAC
2009-06-14 11:47 <DIR> --d----- E:\VA-Watch_The_Ride_Mixed_By_Skream-(HURTCD079)-2008-pyt
2009-06-14 11:46 <DIR> --d----- E:\[1999] - You Got Me CDS
2009-06-14 11:36 <DIR> --d----- E:\Audrey Hollander Learns Kelly Wells What Assfisting Is
2009-06-14 11:32 <DIR> --d----- E:\VA-The_Biggest_Reggae_One-Drop_Anthems_2008-(GRELCD317)-CD-2008-RACEME
2009-06-14 11:32 <DIR> --d----- E:\Izyah_Davis_Meets_King_Earthquake-(LP-KELP003)-Vinyl-2009-GMG
2009-06-14 11:31 <DIR> --d----- E:\Powder.Blue.2009.NTSC.DVDR-DPiMP
2009-06-14 11:22 <DIR> --d----- E:\VA-Bobby_Babylon_Riddim_(Cronick_Music)-VLS-2005-YARD
2009-06-14 11:21 <DIR> --d----- E:\VA-Reggae_Redemption_Songs_II-2008-SPLiFF
2009-06-14 11:19 <DIR> --d----- E:\1991 - Unite The World (Log)
2009-06-14 10:50 <DIR> --d----- E:\VA-Bentley_International-Easy_Mix_Volume_17_Haile_Selassie-Bootleg_CD-2008-RACEME
2009-06-14 10:50 <DIR> --d----- E:\2000 - Rockers Allstars (Log)
2009-06-14 10:50 <DIR> --d----- E:\VA_-_Global_Dub_Feeders-2008-PsyCZ
2009-06-14 10:49 <DIR> --d----- E:\VA-Flames_presents_La_La_Bella-Remastered_CD-2006-RAS
2009-06-14 09:52 <DIR> --d----- E:\[subsol002] - rusko - babylon volume 1-2007
2009-06-14 09:33 <DIR> --d----- E:\[ARILP 009 - 1983] Tony Benjamin & The Sane Inmates - Reggae Rebel
2009-06-14 09:33 <DIR> --d----- E:\VA-Hadravision_-_A_Chillout_Exploration-CD-2008-knk
2009-06-13 17:38 <DIR> --d----- E:\TROJAN - TJHTE009 - Dennis Brown - Concentration - 10inch
2009-06-13 17:36 <DIR> --d----- E:\Latin_Dub_Sound_System-Latin_Dub_Sound_System-(EP)-2008-H3X
2009-06-13 17:22 <DIR> --d----- E:\Horace_Andy_And_Ashley_Beedle-Inspiration_Information-Promo-2009-YARD
2009-06-13 04:56 <DIR> --d----- E:\AUDREY HOLLANDER ASSFENSIVE-SO SEXY REDHEAD
2009-06-13 04:55 <DIR> --d----- E:\Andrew Weil, M.D - Breathing The Master Key to Self Healing
2009-06-13 04:54 <DIR> --d----- E:\bleepedandbound 2009-02-20 Audrey Hollander-Otto Bauer (0425)
2009-06-13 04:54 <DIR> --d----- E:\Afrikan Simba - Salvation for The New Generation 2001
2009-06-13 04:50 270,462,976 a------- E:\Audrey Hollander - Hustler XXX 30.avi
2009-06-13 04:48 <DIR> --d----- E:\Crazy redhead Audrey Hollander gets two dicks up her ass
2009-06-13 04:33 139,801,346 a------- E:\Audrey Hollander - The Bang Van 6 - scene 1.wmv
2009-06-13 03:00 <DIR> --d----- E:\VA-Essential_Underground_Hip_Hop_Vol._3-2007-WRE
2009-06-13 02:42 <DIR> --d----- E:\Tor.Ma_in_Dub_-_Big_Blue_Story-2008-PsyCZ
2009-06-13 02:41 <DIR> --d----- E:\Alborosie - Soul Pirate (European Tour 2008 Limited Edition)
2009-06-13 02:24 <DIR> --d----- E:\Accapella
2009-06-13 01:28 <DIR> --d----- E:\Lesbian.Vampire.Killers.DVDSCR.XviD-DoNE
2009-06-13 01:26 <DIR> --d----- E:\VA-J_Dilla-Dillanthology_1-2009-BbH
2009-06-13 01:26 <DIR> --d----- E:\J_Dilla-Jay_Stay_Paid-2009-WHOA
2009-06-13 01:03 <DIR> --d----- E:\[ape]Bill Laswell - Sacred System Chapter One - Book Of Entrance
2009-06-13 00:36 <DIR> --d----- E:\[ape]Bill Laswell - ROIR Dub Sessions
2009-06-12 17:46 <DIR> --d----- E:\~~~~~~~BIG DANCES~~~ U.O.D
2009-06-12 16:44 <DIR> --d----- E:\VA - New World Dub 01 (2006)
2009-06-10 23:14 <DIR> --d----- E:\VA-Natty_Dread_55-(Mag)-2009-H5N1
2009-06-04 21:51 <DIR> --d----- E:\Cat Power - You Are Free (2003) [FLAC] {150 gram vinyl}
2009-06-04 21:50 <DIR> --d----- E:\Various Artists - La Maison De L'Elephant, Ibiza (2002) [FLAC]
2009-06-04 21:11 <DIR> --d----- E:\Cat Power - Moon Pix (1998) [FLAC]
2009-06-04 21:10 <DIR> --d----- E:\Cat Power - Jukebox(2008)[FLAC](Deluxe Edn)
2009-06-04 20:41 <DIR> --d----- E:\Music from Powder Blue
2009-05-31 20:30 <DIR> --d----- E:\VA-Promo_Only_Caribbean_Series_July-2009-XXL
2009-05-31 19:10 <DIR> --d----- E:\Bronson TC XVID - STG
2009-05-31 17:46 <DIR> --d----- E:\Junior Delgado - Raggamuffin Year (1986) [vinyl]
2009-05-31 15:22 <DIR> --d----- E:\Hornsman Coyote - What Next [2008]
2009-05-31 15:22 <DIR> --d----- E:\From Oakland to Shaolin
2009-05-31 05:45 <DIR> --d----- E:\MF_Burrowes-We_Are_At_The_Crossroads_-_12_Disciples_With_Jah-2008-YARD
2009-05-30 01:50 <DIR> --d----- E:\@@@@@david judah
2009-05-29 20:39 <DIR> --d----- E:\Bob_Marley_And_The_Wailers-Roots_Rock_Remixed_(Incl._Bonustracks)-2008-WRE
2009-05-29 20:20 <DIR> --d----- E:\VA-Tropical_Thunder-2008-EON
2009-05-29 20:20 <DIR> --d----- E:\El Michels Affair (2006) Shaolin Series Vol. 2_ Duel Of The Iron Mic & Bring The Ruckus 7_
2009-05-29 20:04 <DIR> --d----- E:\[1978] - Satisfy My Soul - Smile Jamaica (Island GER 7')
2009-05-29 19:32 <DIR> --d----- E:\VA-Shaolin_Soul-1998-CHR
2009-05-29 19:32 <DIR> --d----- E:\VA-Shaolin_Soul-Episode_2-2001-FM_INT
2009-05-29 19:32 <DIR> --d----- E:\Benjamin Zepheniah - Rasta Workes Playtime
2009-05-29 19:32 <DIR> --d----- E:\Benjamin Zephaniah - Rasta
2009-05-29 19:32 <DIR> --d----- E:\Benjamin Zephaniah - Naked
2009-05-29 19:32 <DIR> --d----- E:\Benjamin Zephaniah - Back To Roots
2009-05-29 19:32 <DIR> --d----- E:\Benjamin Zephaniah - 1990 - Us An Dem
2009-05-28 21:54 <DIR> --d----- E:\Bad_Company_UK-Bullet_Time_(Spor_and_The_Upbeats_Remixes)-BT003-VINYL-2009-sour
2009-05-28 21:54 <DIR> --d----- E:\Katharsys_Vs_Dub_Elements-Mute_Remix__El_Momento-(FS003)-Vinyl-2009-hM
2009-05-28 21:54 <DIR> --d----- E:\Whitelabel-Unknown_Artist_vs_Burial_vs_Dizzee_Rascal-PH001-BOOTLEG-VINYL-2009-sour
2009-05-28 21:49 <DIR> --d----- E:\V.A. - Aquarius Dub [Herman Chin Loy Productions] 1973 (vinyl)
2009-05-28 07:58 <DIR> --d----- E:\Sounding Out The City
2009-05-28 07:58 <DIR> --d----- E:\Tribal Dervish
2009-05-27 00:53 447,752 a----r-- e:\windows\system32\vp6vfw.dll
2009-05-27 00:53 <DIR> --d----- e:\program files\Microsoft WSE
2009-05-26 07:04 <DIR> --d----- E:\Coraline.2009.DVDRip.X264-TDM
2009-05-26 06:30 <DIR> --d----- E:\VA - A Magical Journey (2005)
2009-05-26 00:29 <DIR> --d----- E:\DJ APR SINGLES PART 1
2009-05-25 23:03 <DIR> --d----- E:\Native.Instruments.Traktor.v3.4-UNION
2009-05-25 23:02 <DIR> --d----- E:\Thievery Corporation - 2005 - The Cosmic Game
2009-05-25 22:25 <DIR> --d----- E:\Collie_Buddz-On_the_Rock-2009

==================== Find3M ====================

2009-05-07 22:13 155,384 a------- e:\windows\system32\guard32.dll
2009-05-07 22:13 110,992 a------- e:\windows\system32\drivers\cmdguard.sys
2009-05-07 16:32 345,600 a------- e:\windows\system32\localspl.dll
2009-05-05 22:48 73,216 a------- e:\windows\ST6UNST.EXE
2009-05-05 22:48 249,856 -------- e:\windows\Setup1.exe
2009-04-29 05:46 666,624 a------- e:\windows\system32\wininet.dll
2009-04-29 05:46 81,920 a------- e:\windows\system32\ieencode.dll
2009-04-17 13:26 1,847,168 a------- e:\windows\system32\win32k.sys
2009-04-15 15:51 585,216 a------- e:\windows\system32\rpcrt4.dll
2008-11-08 12:54 22,328 a------- e:\docume~1\luvdub\applic~1\PnkBstrK.sys
2008-11-08 12:50 107,832 a------- e:\docume~1\luvdub\applic~1\PnkBstrB.exe
2006-06-23 07:48 32,768 a----r-- e:\windows\inf\UpdateUSB.exe

============= FINISH: 20:39:13.62 ===============


ComboFix 09-06-25.01 - LuvDub 25/06/2009 22:30.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3327.2866 [GMT 1:00]
Running from: e:\documents and settings\LuvDub\Desktop\ComboFixd.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\windows\system32\drivers\MSIVXdlmlkyrujkyxfenpkxlqpsboyljxjsan.sys
e:\windows\system32\MSIVXcount
e:\windows\system32\MSIVXesrtfthkdlicjdiaojgadmcjktqjerhu.dll
e:\windows\system32\MSIVXxmqlhyijnomhxhavfgmifrqasjbocila.dll
e:\windows\system32\msvcsv60.dll
M:\autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSIVXserv.sys


((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))))
.

2009-10-05 19:39 . 2009-10-05 19:39 -------- d-----w- e:\program files\id Software
2009-06-23 06:26 . 2009-06-23 06:26 -------- d-----w- E:\Dubconductor Dubplates
2009-06-23 06:24 . 2009-06-23 06:24 -------- d-----w- E:\++++++++++++++
2009-06-23 06:15 . 2009-06-23 18:08 -------- d-----w- E:\Various - Yabba U Presenting New Roots Reggae (Yabby Rec. LP)
2009-06-22 22:48 . 2009-06-22 22:49 -------- d-----w- E:\VA-Old_To_The_New_Steelie_And_Clevie_(Deluxe_Edition)-2CD-2008-YARD
2009-06-22 22:48 . 2009-06-22 22:48 -------- d-----w- E:\Twinkle_Brothers-Devil_Worshippers-(7_Inch-NG187)-Vinyl-2001-GMG
2009-06-22 22:48 . 2009-06-22 22:48 -------- d-----w- E:\Tomaski-Shaka_Zulu_Livication_(LC10002)-Vinyl-2008-RAC
2009-06-22 22:48 . 2009-06-22 22:48 -------- d-----w- E:\The_Heptones-Everyday_Life-(7_Inch_Reissue_1977-Observer)-Vinyl-2005-GMG
2009-06-22 20:11 . 2009-06-22 20:11 -------- d-----w- E:\VA-Singles_Series_Volume_1-WEB-2008-JAH
2009-06-22 20:11 . 2009-06-22 20:11 -------- d-----w- E:\VA-Ska_Riddim-Vinyl-2008-211
2009-06-22 20:10 . 2009-06-22 20:11 -------- d-----w- E:\VA-Sufferah_Riddim-Promo-2008-JAH
2009-06-22 20:10 . 2009-06-22 20:10 -------- d-----w- E:\VA-VP_Reggae-(Sampler)-2009-H3X
2009-06-22 20:10 . 2009-06-22 20:10 -------- d-----w- E:\Whitelabel-Unknown_Artist_vs_MJ_Cole_vs_Bjork-NAUGHTY01-BOOTLEG-VINYL-2008-sour
2009-06-22 17:33 . 2009-06-22 17:33 -------- d-----w- E:\Sane_Kry_riddim-promo_cd-2006-r2r
2009-06-21 23:54 . 2009-06-21 23:58 -------- d-----w- E:\Dub_Terror-Dub_Terror-2009-SPLiFF
2009-06-21 23:54 . 2009-06-22 00:01 -------- d-----w- E:\VA-Pow_Pow_Productions-Respond-2009-SPLiFF
2009-06-21 23:54 . 2009-06-21 23:54 -------- d-----w- E:\Tarrus_Riley-Young_Heart_Reminiscing-VLS-2009-YARD
2009-06-21 23:54 . 2009-06-22 00:02 -------- d-----w- E:\VA-Love_I_Can_Feel-A_Groove_For_The_Cure-2009-SPLiFF
2009-06-21 14:01 . 2009-06-21 14:02 -------- d-----w- E:\The_Dub_Machinist-Worldwide_Dub_(Control_Tower)-CD-2009-RAC
2009-06-20 11:49 . 2009-06-20 11:49 -------- d-----w- E:\VA-The_Mission_Riddim_(Baby_G_Productions)-Promo_CD-2008-Gully_iNT
2009-06-20 11:49 . 2009-06-20 11:49 -------- d-----w- E:\VA-The_Mission_Riddim-Promo_CD-(More)-2008-nG
2009-06-18 20:41 . 2009-06-18 21:03 -------- d-----w- E:\Terror.at.Blood.Fart.Lake.2009.STV.DVDRip.XviD-FHW
2009-06-16 20:59 . 2009-06-16 20:59 -------- d-----w- E:\Kama.Sutra.The.Sensual.Art.Of.Lovemaking.Touch.And.The.Ultimate.Kiss.2002.DVDRip.XviD-GiQ
2009-06-16 06:33 . 2009-06-16 06:34 -------- d-----w- E:\Seven.Pounds.DVDRip.XViD-PUKKA
2009-06-16 05:56 . 2009-06-16 05:56 -------- d-----w- E:\Earl_Sixteen_And_Disciples_Riddim_Section-Rise_UP_(RYR1007)-Vinyl-2009-RAC
2009-06-15 17:35 . 2009-06-15 17:35 -------- d-----w- E:\Night at the Museum 2 Battle Of The Smithsonian ENG R5 - Lynks
2009-06-15 17:35 . 2009-06-15 17:51 -------- d-----w- E:\Night.At.The.Museum.2.R5.LiNE.XviD-KAMERA
2009-06-15 05:50 . 2009-06-15 05:54 -------- d-----w- E:\Pete Philly & Perquisite
2009-06-15 05:46 . 2009-06-15 05:46 -------- d-----w- E:\N.A.S.A.-The_Spirit_Of_Apollo-2009-CR
2009-06-15 05:43 . 2009-06-15 06:04 -------- d-----w- E:\Spin_Doctor-You_Know_What_Love_Is_(A_J-Dilla_Tribute)-2CD-Bootleg-2009-FTD
2009-06-15 05:42 . 2009-06-15 05:43 -------- d-----w- E:\Q-Tip - The Renaissance
2009-06-14 19:37 . 2009-05-26 12:20 40160 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys
2009-06-14 19:37 . 2009-06-14 19:38 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2009-06-14 19:37 . 2009-05-26 12:19 19096 ----a-w- e:\windows\system32\drivers\mbam.sys
2009-06-14 11:16 . 2009-06-14 11:17 -------- d-----w- E:\VA-Inner_Resort__Relaxin_Voyage_(XNSS10131)-CD-2008-BF
2009-06-14 11:16 . 2009-06-14 11:16 -------- d-----w- E:\VA-Heigher_Heights-Culture_Mix_Warm_Up_Vol.9-Bootleg_CD-2008-RAS
2009-06-14 11:16 . 2009-06-14 11:16 -------- d-----w- E:\VA-Meditative_Sounds_(10_Inch_MRS10001)-VLS-2005-RAC
2009-06-14 10:47 . 2009-06-14 10:47 -------- d-----w- E:\VA-Watch_The_Ride_Mixed_By_Skream-(HURTCD079)-2008-pyt
2009-06-14 10:46 . 2009-06-14 10:46 -------- d-----w- E:\[1999] - You Got Me CDS
2009-06-14 10:36 . 2009-06-14 17:01 -------- d-----w- E:\Audrey Hollander Learns Kelly Wells What Assfisting Is
2009-06-14 10:32 . 2009-06-14 10:33 -------- d-----w- E:\VA-The_Biggest_Reggae_One-Drop_Anthems_2008-(GRELCD317)-CD-2008-RACEME
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- E:\Izyah_Davis_Meets_King_Earthquake-(LP-KELP003)-Vinyl-2009-GMG
2009-06-14 10:31 . 2009-06-14 10:42 -------- d-----w- E:\Powder.Blue.2009.NTSC.DVDR-DPiMP
2009-06-14 10:22 . 2009-06-14 10:22 -------- d-----w- E:\VA-Bobby_Babylon_Riddim_(Cronick_Music)-VLS-2005-YARD
2009-06-14 10:21 . 2009-06-14 10:21 -------- d-----w- E:\VA-Reggae_Redemption_Songs_II-2008-SPLiFF
2009-06-14 10:19 . 2009-06-14 10:19 -------- d-----w- E:\1991 - Unite The World (Log)
2009-06-14 09:50 . 2009-06-14 09:51 -------- d-----w- E:\VA-Bentley_International-Easy_Mix_Volume_17_Haile_Selassie-Bootleg_CD-2008-RACEME
2009-06-14 09:50 . 2009-06-14 09:51 -------- d-----w- E:\2000 - Rockers Allstars (Log)
2009-06-14 09:50 . 2009-06-14 09:50 -------- d-----w- E:\VA_-_Global_Dub_Feeders-2008-PsyCZ
2009-06-14 09:49 . 2009-06-14 09:50 -------- d-----w- E:\VA-Flames_presents_La_La_Bella-Remastered_CD-2006-RAS
2009-06-14 08:52 . 2009-06-14 08:52 -------- d-----w- E:\[subsol002] - rusko - babylon volume 1-2007
2009-06-14 08:33 . 2009-06-14 08:33 -------- d-----w- E:\[ARILP 009 - 1983] Tony Benjamin & The Sane Inmates - Reggae Rebel
2009-06-14 08:33 . 2009-06-14 08:33 -------- d-----w- E:\VA-Hadravision_-_A_Chillout_Exploration-CD-2008-knk
2009-06-13 16:38 . 2009-06-13 16:38 -------- d-----w- E:\TROJAN - TJHTE009 - Dennis Brown - Concentration - 10inch
2009-06-13 16:36 . 2009-06-13 16:36 -------- d-----w- E:\Latin_Dub_Sound_System-Latin_Dub_Sound_System-(EP)-2008-H3X
2009-06-13 16:22 . 2009-06-13 16:22 -------- d-----w- E:\Horace_Andy_And_Ashley_Beedle-Inspiration_Information-Promo-2009-YARD
2009-06-13 03:56 . 2009-06-13 04:01 -------- d-----w- E:\AUDREY HOLLANDER ASSFENSIVE-SO SEXY REDHEAD
2009-06-13 03:55 . 2009-06-13 03:55 -------- d-----w- E:\Andrew Weil, M.D - Breathing The Master Key to Self Healing
2009-06-13 03:54 . 2009-06-13 04:24 -------- d-----w- E:\bleepedandbound 2009-02-20 Audrey Hollander-Otto Bauer (0425)
2009-06-13 03:54 . 2009-06-13 03:55 -------- d-----w- E:\Afrikan Simba - Salvation for The New Generation 2001
2009-06-13 03:48 . 2009-06-13 04:53 -------- d-----w- E:\Crazy redhead Audrey Hollander gets two dicks up her ass
2009-06-13 02:00 . 2009-06-13 02:00 -------- d-----w- E:\VA-Essential_Underground_Hip_Hop_Vol._3-2007-WRE
2009-06-13 01:42 . 2009-06-13 01:42 -------- d-----w- E:\Tor.Ma_in_Dub_-_Big_Blue_Story-2008-PsyCZ
2009-06-13 01:41 . 2009-06-13 01:41 -------- d-----w- E:\Alborosie - Soul Pirate (European Tour 2008 Limited Edition)
2009-06-13 01:24 . 2009-06-19 21:38 -------- d-----w- E:\Accapella
2009-06-13 00:28 . 2009-06-13 00:33 -------- d-----w- E:\Lesbian.Vampire.Killers.DVDSCR.XviD-DoNE
2009-06-13 00:26 . 2009-06-13 00:47 -------- d-----w- E:\VA-J_Dilla-Dillanthology_1-2009-BbH
2009-06-13 00:26 . 2009-06-13 00:27 -------- d-----w- E:\J_Dilla-Jay_Stay_Paid-2009-WHOA
2009-06-13 00:03 . 2009-06-13 00:04 -------- d-----w- E:\[ape]Bill Laswell - Sacred System Chapter One - Book Of Entrance
2009-06-12 23:36 . 2009-06-12 23:37 -------- d-----w- E:\[ape]Bill Laswell - ROIR Dub Sessions
2009-06-12 16:46 . 2009-06-12 16:47 -------- d-----w- E:\~~~~~~~BIG DANCES~~~ U.O.D
2009-06-12 15:44 . 2009-06-12 15:44 -------- d-----w- E:\VA - New World Dub 01 (2006)
2009-06-10 22:14 . 2009-06-10 22:15 -------- d-----w- E:\VA-Natty_Dread_55-(Mag)-2009-H5N1
2009-06-04 20:51 . 2009-06-05 08:36 -------- d-----w- E:\Cat Power - You Are Free (2003) [FLAC] {150 gram vinyl}
2009-06-04 20:50 . 2009-06-04 21:15 -------- d-----w- E:\Various Artists - La Maison De L'Elephant, Ibiza (2002) [FLAC]
2009-06-04 20:11 . 2009-06-05 23:20 -------- d-----w- E:\Cat Power - Moon Pix (1998) [FLAC]
2009-06-04 20:10 . 2009-06-05 06:24 -------- d-----w- E:\Cat Power - Jukebox(2008)[FLAC](Deluxe Edn)
2009-06-04 19:41 . 2009-06-04 19:41 -------- d-----w- E:\Music from Powder Blue
2009-05-31 19:30 . 2009-05-31 19:32 -------- d-----w- E:\VA-Promo_Only_Caribbean_Series_July-2009-XXL
2009-05-31 18:10 . 2009-05-31 18:44 -------- d-----w- E:\Bronson TC XVID - STG
2009-05-31 16:46 . 2009-05-31 16:47 -------- d-----w- E:\Junior Delgado - Raggamuffin Year (1986) [vinyl]
2009-05-31 14:22 . 2009-05-31 14:22 -------- d-----w- E:\Hornsman Coyote - What Next [2008]
2009-05-31 14:22 . 2009-05-31 14:22 -------- d-----w- E:\From Oakland to Shaolin
2009-05-31 04:45 . 2009-05-31 04:47 -------- d-----w- E:\MF_Burrowes-We_Are_At_The_Crossroads_-_12_Disciples_With_Jah-2008-YARD
2009-05-30 00:50 . 2009-06-08 19:33 -------- d-----w- E:\@@@@@david judah
2009-05-29 19:39 . 2009-05-29 19:39 -------- d-----w- E:\Bob_Marley_And_The_Wailers-Roots_Rock_Remixed_(Incl._Bonustracks)-2008-WRE
2009-05-29 19:20 . 2009-05-29 19:20 -------- d-----w- E:\VA-Tropical_Thunder-2008-EON
2009-05-29 19:20 . 2009-05-31 14:22 -------- d-----w- E:\El Michels Affair (2006) Shaolin Series Vol. 2_ Duel Of The Iron Mic & Bring The Ruckus 7_
2009-05-29 19:04 . 2009-05-29 19:04 -------- d-----w- E:\[1978] - Satisfy My Soul - Smile Jamaica (Island GER 7')
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\VA-Shaolin_Soul-1998-CHR
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\VA-Shaolin_Soul-Episode_2-2001-FM_INT
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\Benjamin Zepheniah - Rasta Workes Playtime
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\Benjamin Zephaniah - Rasta
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\Benjamin Zephaniah - Naked
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\Benjamin Zephaniah - Back To Roots
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- E:\Benjamin Zephaniah - 1990 - Us An Dem
2009-05-28 20:54 . 2009-05-28 20:55 -------- d-----w- E:\Bad_Company_UK-Bullet_Time_(Spor_and_The_Upbeats_Remixes)-BT003-VINYL-2009-sour
2009-05-28 20:54 . 2009-05-28 20:56 -------- d-----w- E:\Katharsys_Vs_Dub_Elements-Mute_Remix__El_Momento-(FS003)-Vinyl-2009-hM
2009-05-28 20:54 . 2009-05-28 20:55 -------- d-----w- E:\Whitelabel-Unknown_Artist_vs_Burial_vs_Dizzee_Rascal-PH001-BOOTLEG-VINYL-2009-sour
2009-05-28 20:49 . 2009-05-28 20:49 -------- d-----w- E:\V.A. - Aquarius Dub [Herman Chin Loy Productions] 1973 (vinyl)
2009-05-28 06:58 . 2009-05-28 06:58 -------- d-----w- E:\Sounding Out The City
2009-05-28 06:58 . 2009-05-28 06:58 -------- d-----w- E:\Tribal Dervish
2009-05-26 23:53 . 2008-09-04 18:17 447752 ----a-r- e:\windows\system32\vp6vfw.dll
2009-05-26 23:53 . 2009-05-26 23:53 10134 ----a-r- e:\documents and settings\LuvDub\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-05-26 23:53 . 2009-05-26 23:53 -------- d-----w- e:\program files\Microsoft WSE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-25 21:24 . 2008-10-08 19:08 -------- d-----w- e:\documents and settings\LuvDub\Application Data\foobar2000
2009-06-25 21:17 . 2008-10-08 17:20 -------- d-----w- e:\documents and settings\LuvDub\Application Data\uTorrent
2009-06-25 07:15 . 2008-10-09 16:04 -------- d---a-w- e:\documents and settings\All Users\Application Data\TEMP
2009-06-24 20:41 . 2008-10-09 10:40 64 ----a-w- e:\windows\msocreg32.dat
2009-06-22 20:41 . 2008-10-09 20:37 -------- d-----w- e:\documents and settings\LuvDub\Application Data\Skype
2009-06-22 18:49 . 2008-10-09 20:38 -------- d-----w- e:\documents and settings\LuvDub\Application Data\skypePM
2009-06-17 23:10 . 2008-11-04 23:35 -------- d-----w- e:\program files\Spybot - Search & Destroy
2009-06-14 20:15 . 2008-10-20 20:05 -------- d-----w- e:\documents and settings\LuvDub\Application Data\mIRC
2009-06-14 20:11 . 2008-10-20 20:05 -------- d-----w- e:\program files\mIRC
2009-06-04 20:10 . 2008-10-10 10:03 -------- d-----w- e:\program files\Steam
2009-05-31 15:25 . 2009-05-05 21:48 -------- d-----w- e:\program files\Roots Knotty Roots
2009-05-27 19:14 . 2008-10-11 16:38 -------- d-----w- e:\documents and settings\All Users\Application Data\Soulseek
2009-05-27 05:55 . 2009-04-06 07:54 -------- d-----w- e:\documents and settings\All Users\Application Data\Electronic Arts
2009-05-26 23:42 . 2008-10-10 17:58 -------- d-----w- e:\program files\Electronic Arts
2009-05-26 23:42 . 2008-10-08 16:56 -------- d--h--w- e:\program files\InstallShield Installation Information
2009-05-25 18:43 . 2008-11-30 20:07 -------- d-----w- e:\program files\Soulseek
2009-05-20 21:55 . 2008-11-19 11:47 -------- d-----w- e:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-20 19:48 . 2008-10-08 19:04 44528 ----a-w- e:\documents and settings\LuvDub\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-20 18:12 . 2008-11-23 22:02 -------- d-----w- e:\program files\Left 4 Dead
2009-05-17 19:19 . 2009-05-17 19:19 -------- d-----w- e:\program files\Common Files\Windows Live
2009-05-09 18:16 . 2009-02-16 03:04 -------- d-----w- e:\documents and settings\LuvDub\Application Data\gtk-2.0
2009-05-07 21:13 . 2008-10-09 20:35 155384 ----a-w- e:\windows\system32\guard32.dll
2009-05-07 21:13 . 2008-10-09 20:35 80400 ----a-w- e:\windows\system32\drivers\inspect.sys
2009-05-07 21:13 . 2008-10-09 20:35 110992 ----a-w- e:\windows\system32\drivers\cmdguard.sys
2009-05-07 15:32 . 2004-08-03 22:56 345600 ----a-w- e:\windows\system32\localspl.dll
2009-05-05 21:48 . 2009-04-16 16:21 249856 ------w- e:\windows\Setup1.exe
2009-05-05 21:48 . 2009-04-16 16:21 73216 ----a-w- e:\windows\ST6UNST.EXE
2009-04-29 04:46 . 2004-08-03 22:56 666624 ----a-w- e:\windows\system32\wininet.dll
2009-04-29 04:46 . 2004-08-03 22:56 81920 ----a-w- e:\windows\system32\ieencode.dll
2009-04-17 12:26 . 2004-08-03 21:17 1847168 ----a-w- e:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-03 22:56 585216 ----a-w- e:\windows\system32\rpcrt4.dll
2009-03-30 23:14 . 2009-03-30 23:14 278984 ----a-w- e:\windows\system32\drivers\atksgt.sys
2009-03-30 23:14 . 2009-03-30 23:14 25416 ----a-w- e:\windows\system32\drivers\lirsgt.sys
2009-03-30 22:57 . 2008-10-26 06:27 717296 ----a-w- e:\windows\system32\drivers\sptd.sys
.

------- Sigcheck -------

[7] 2004-08-03 22:56 14336 8F078AE4ED187AAABC0A305146DE6716 e:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 e:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 e:\windows\system32\svchost.exe

[7] 2004-08-03 22:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 e:\windows\$NtServicePackUninstall$\user32.dll
[7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B e:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B e:\windows\system32\user32.dll

[7] 2004-08-03 22:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 e:\windows\$NtServicePackUninstall$\ws2_32.dll
[7] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A e:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A e:\windows\system32\ws2_32.dll

[7] 2008-08-20 05:33 667648 C91E3A6EF094202F6B5CA8960DFCF243 e:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll
[7] 2008-08-20 05:30 666112 9AF5F25124FBDC36E2B510729CBA2674 e:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
[7] 2008-08-20 04:58 666624 94418F53D2612C26DBADC04DAFBC197C e:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
[7] 2008-10-16 01:04 667136 E8FCE58A470999350F64C591557F9E42 e:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[7] 2009-02-20 07:50 667648 711FEABED387B29FF7ED61BC6806A06C e:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[7] 2009-04-29 04:21 668160 04BCB4F87B35502568F6CF33433543A5 e:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[7] 2008-08-20 05:38 659456 87E694D09893978F22024FEEEDF35342 e:\windows\$NtServicePackUninstall$\wininet.dll
[7] 2008-04-14 00:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD e:\windows\$NtUninstallKB956390$\wininet.dll
[7] 2004-08-03 22:56 656384 C0823FC5469663BA63E7DB88F9919D70 e:\windows\$NtUninstallKB956390_0$\wininet.dll
[7] 2008-08-20 05:30 666112 9AF5F25124FBDC36E2B510729CBA2674 e:\windows\$NtUninstallKB958215$\wininet.dll
[7] 2008-10-16 01:00 666112 1576318BF08D28CC61D1278114AD8D5B e:\windows\$NtUninstallKB963027$\wininet.dll
[7] 2009-02-20 08:10 666112 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E e:\windows\$NtUninstallKB969897$\wininet.dll
[7] 2008-04-14 00:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD e:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-08-26 07:24 826368 EF8EBA98145BFA44E80D17A3B3453300 e:\windows\SoftwareDistribution\Download\5d9d48823dca01f9929a959c29f5edc4\SP2GDR\wininet.dll
[-] 2008-08-26 09:08 827904 77C192FE56A70D7FA0247BA0A6201C32 e:\windows\SoftwareDistribution\Download\5d9d48823dca01f9929a959c29f5edc4\SP2QFE\wininet.dll
[-] 2008-06-23 16:57 826368 8C13D4A7479FA0A026EDA8ABCE82C0ED e:\windows\SoftwareDistribution\Download\b4e75dba041bc21ee94fbcfa88cb49de\SP2GDR\wininet.dll
[-] 2008-06-23 16:01 827904 C66402A06B83B036C195242C0C8CF83C e:\windows\SoftwareDistribution\Download\b4e75dba041bc21ee94fbcfa88cb49de\SP2QFE\wininet.dll
[7] 2009-04-29 04:46 666624 6002073519FA478BF89977369CDFD156 e:\windows\system32\wininet.dll
[7] 2009-04-29 04:46 666624 6002073519FA478BF89977369CDFD156 e:\windows\system32\dllcache\wininet.dll

[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E e:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2004-08-03 21:14 359040 9F4B36614A0FC234525BA224957DE55C e:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 e:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 e:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D e:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D e:\windows\system32\drivers\tcpip.sys

[7] 2004-08-03 22:56 502272 01C3346C241652F43AED8E2149881BFE e:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E e:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E e:\windows\system32\winlogon.exe

[7] 2004-08-03 21:14 182912 558635D3AF1C7546D26067D5D9B6959E e:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D e:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D e:\windows\system32\drivers\ndis.sys

[7] 2004-08-03 21:00 29056 4448006B6BC60E6C027932CFC38D6855 e:\windows\$NtServicePackUninstall$\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 e:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 e:\windows\system32\drivers\ip6fw.sys

[7] 2009-02-06 10:30 2066176 607352B9CB3D708C67F6039097801B5A e:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 09:18 2062976 63EC865DFF6CCFC7BEF94B5C50297CAD e:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[7] 2008-08-14 09:33 2066048 4AC58F03EB94A72809949D757FC39D80 e:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[7] 2008-08-14 15:39 2066048 A25E9B86EFFB2AF33BF51E676B68BFB0 e:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 09:22 2015744 DC097A896A03B8277457D228FD12D4E6 e:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2008-08-14 09:33 2023936 8206B5F94A6A9450E934029420C1693F e:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-13 18:31 2023936 7F653A89F6E89E3AE0D49830EECE35D4 e:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[7] 2004-08-03 23:05 2015232 FB142B7007CA2EEA76966C6C5CC12150 e:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
[7] 2009-02-07 18:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A e:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2008-04-13 18:31 2065792 109F8E3E3C82E337BB71B6BC9B895D61 e:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2009-02-06 10:32 2023936 65D4220799E6FC2CB079070A6393CC0E e:\windows\system32\ntkrnlpa.exe
[7] 2009-02-07 18:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A e:\windows\system32\dllcache\ntkrnlpa.exe

[7] 2009-02-07 18:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 e:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 09:57 2185984 CE69DBD54221F2D40E49FF6DB77C6507 e:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[7] 2008-08-14 10:11 2189184 EEAF32F8E15A24F62BECB1BD403BB5C5 e:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[7] 2008-08-14 16:11 2189184 31914172342BFF330063F343AC6958FE e:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 09:58 2136064 DD31AB4B91C2605601A3C108AF57A0C9 e:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2008-08-14 10:09 2145280 F6F8245B3A2E9CA834DD318E7AE0C6D0 e:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2008-04-13 19:24 2145280 40F8880122A030A7E9E1FEDEA833B33D e:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[7] 2004-08-03 21:18 2148352 626309040459C3915997EF98EC1C8D40 e:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
[7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B e:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2008-04-13 19:27 2188928 0C89243C7C3EE199B96FCC16990E0679 e:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2009-02-06 11:06 2145280 0CBA44D0938D57F334C0862424148B70 e:\windows\system32\ntoskrnl.exe
[7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B e:\windows\system32\dllcache\ntoskrnl.exe

[7] 2008-04-14 00:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 e:\windows\explorer.exe
[7] 2004-08-03 22:56 1032192 A0732187050030AE399B241436565E64 e:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2008-04-14 00:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 e:\windows\ServicePackFiles\i386\explorer.exe

[7] 2009-02-06 11:06 110592 020CEAAEDC8EB655B6506B8C70D53BB6 e:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2004-08-03 22:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 e:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 00:12 108544 0E776ED5F7CC9F94299E70461B7B8185 e:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 00:12 108544 0E776ED5F7CC9F94299E70461B7B8185 e:\windows\ServicePackFiles\i386\services.exe
[7] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 e:\windows\system32\services.exe
[7] 2009-02-06 11:11 110592 65DF52F5B8B6E9BBD183505225C37315 e:\windows\system32\dllcache\services.exe

[7] 2004-08-03 22:56 13312 84885F9B82F4D55C6146EBF6065D75D2 e:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2008-04-14 00:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 e:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 00:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 e:\windows\system32\lsass.exe

[7] 2004-08-03 22:56 15360 24232996A38C0B0CF151C2140AE29FC8 e:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2008-04-14 00:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 e:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 00:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 e:\windows\system32\ctfmon.exe

[7] 2004-08-03 22:56 57856 7435B108B935E42EA92CA94F59C8E717 e:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2008-04-14 00:12 57856 D8E14A61ACC1D4A6CD0D38AEBAC7FA3B e:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2008-04-14 00:12 57856 D8E14A61ACC1D4A6CD0D38AEBAC7FA3B e:\windows\system32\spoolsv.exe

[7] 2008-04-14 00:12 111104 ED7262E52C31CF1625B65039102BC16C e:\windows\ServicePackFiles\i386\wuauclt.exe
[7] 2008-10-16 14:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 e:\windows\system32\wuauclt.exe
[7] 2008-10-16 14:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 e:\windows\system32\dllcache\wuauclt.exe

[7] 2004-08-03 22:56 24576 39B1FFB03C2296323832ACBAE50D2AFF e:\windows\$NtServicePackUninstall$\userinit.exe
[7] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 e:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 00:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 e:\windows\system32\userinit.exe

[7] 2004-08-03 22:56 295424 B60C877D16D9C880B952FDA04ADF16E6 e:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F e:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 00:12 295424 FF3477C03BE7201C294C35F684B3479F e:\windows\system32\termsrv.dll

[7] 2009-03-21 13:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC e:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2004-08-03 22:56 983552 888190E31455FAD793312F8D087146EB e:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2008-04-14 00:11 989696 C24B983D211C34DA8FCC1AC38477971D e:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 00:11 989696 C24B983D211C34DA8FCC1AC38477971D e:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 e:\windows\system32\kernel32.dll
[7] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 e:\windows\system32\dllcache\kernel32.dll

[7] 2004-08-03 22:56 17408 1B5F6923ABB450692E9FE0672C897AED e:\windows\$NtServicePackUninstall$\powrprof.dll
[7] 2008-04-14 00:12 17408 50A166237A0FA771261275A405646CC0 e:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 00:12 17408 50A166237A0FA771261275A405646CC0 e:\windows\system32\powrprof.dll

[7] 2004-08-03 22:56 110080 87CA7CE6469577F059297B9D6556D66D e:\windows\$NtServicePackUninstall$\imm32.dll
[7] 2008-04-14 00:11 110080 0DA85218E92526972A821587E6A8BF8F e:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 00:11 110080 0DA85218E92526972A821587E6A8BF8F e:\windows\system32\imm32.dll

[7] 2004-08-03 22:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 e:\windows\$NtServicePackUninstall$\sfcfiles.dll
[7] 2008-04-14 00:12 1614848 9DD07AF82244867CA36681EA2D29CE79 e:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 00:12 1614848 9DD07AF82244867CA36681EA2D29CE79 e:\windows\system32\sfcfiles.dll

[7] 2004-08-03 22:56 167936 9C3C12975C97119412802B181FBEEFFE e:\windows\$NtServicePackUninstall$\appmgmts.dll
[7] 2008-04-14 00:11 167936 D8849F77C0B66226335A59D26CB4EDC6 e:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 00:11 167936 D8849F77C0B66226335A59D26CB4EDC6 e:\windows\system32\appmgmts.dll

[7] 2004-08-03 20:58 24576 EBDEE8A2EE5393890A1ACEE971C4C246 e:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2008-04-13 18:39 24576 463C1EC80CD17420A542B7F36A36F128 e:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-13 18:39 24576 463C1EC80CD17420A542B7F36A36F128 e:\windows\system32\drivers\kbdclass.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="e:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-10-08 5724184]
"ctfmon.exe"="e:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="e:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"EA Core"="e:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="e:\windows\system32\dumprep 0 -u" [X]
"Six Engine"="e:\program files\ASUS\Six Engine\SixEngine.exe" [2008-09-30 5970944]
"nod32kui"="e:\program files\Eset\nod32kui.exe" [2008-10-09 949376]
"COMODO Firewall Pro"="e:\program files\COMODO\Firewall\cfp.exe" [2009-05-07 1851128]
"QuickTime Task"="e:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="e:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"TkBellExe"="e:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-02 185872]
"LogitechCommunicationsManager"="e:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 488984]
"COMODO Internet Security"="e:\program files\COMODO\Firewall\cfp.exe" [2009-05-07 1851128]
"PC Suite for Smartphones"="e:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-12-25 548864]
"VolPanel"="e:\program files\Creative\SBAudigy2ZS\Volume Panel\VolPanlu.exe" [2006-12-06 180224]
"CTDVDDET"="e:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"RCSystem"="e:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344]
"AudioDrvEmulator"="e:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2006-11-22 57344]
"UpdReg"="e:\windows\UpdReg.EXE" [2000-05-11 90112]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]
"CTHelper"="CTHELPER.EXE" - e:\windows\system32\CtHelper.exe [2007-04-09 19456]
"CTxfiHlp"="CTXFIHLP.EXE" - e:\windows\system32\Ctxfihlp.exe [2007-04-09 19968]
"ATIModeChange"="Ati2mdxx.exe" - e:\windows\system32\Ati2mdxx.exe [2009-02-25 26112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\Program Files\\Electronic Arts\\Battlefield 2142 Deluxe Edition\\BF2142.exe"=
"e:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"e:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"e:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"e:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 hotcore3;hotcore3;e:\windows\system32\drivers\hotcore3.sys [08/10/2008 20:27 39472]
R0 mv61xx;mv61xx;e:\windows\system32\drivers\mv61xx.sys [08/10/2008 18:02 150568]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;e:\windows\system32\drivers\cmdguard.sys [09/10/2008 21:35 110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;e:\windows\system32\drivers\cmdhlp.sys [09/10/2008 21:35 24336]
R1 nod32drv;nod32drv;e:\windows\system32\drivers\nod32drv.sys [09/10/2008 11:20 15424]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;e:\windows\system32\drivers\AtiHdmi.sys [08/10/2008 18:16 89600]
S0 hcihsor;hcihsor;e:\windows\system32\drivers\ntigxvl.sys --> e:\windows\system32\drivers\ntigxvl.sys [?]
S0 ihdc;ihdc;e:\windows\system32\drivers\rruut.sys --> e:\windows\system32\drivers\rruut.sys [?]
S3 COMMONFX;COMMONFX;e:\windows\system32\drivers\COMMONFX.sys [27/06/2008 19:21 99352]
S3 CTAUDFX;CTAUDFX;e:\windows\system32\drivers\CTAUDFX.sys [27/06/2008 19:21 555032]
S3 CTERFXFX;CTERFXFX;e:\windows\system32\drivers\CTERFXFX.sys [27/06/2008 19:21 100888]
S3 CTSBLFX;CTSBLFX;e:\windows\system32\drivers\CTSBLFX.sys [27/06/2008 19:21 566296]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;e:\windows\system32\drivers\rt2870.sys [08/10/2008 18:06 517632]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
e:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
- - - - ORPHANS REMOVED - - - -

BHO-{1E083B7B-9322-4EED-9BE5-F801A8370D9A} - e:\windows\system32\geBtRijI.dll
BHO-{39729901-B044-41E0-B4D7-352D518E0157} - e:\windows\system32\jkkJdbBq.dll
HKLM-Run-SBDrvDet - e:\program files\Creative\SB Drive Det\SBDrvDet.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
IE: E&xport to Microsoft Excel - e:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: e:\windows\system32\imon.dll
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-25 22:39
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1935655697-1383384898-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d6,91,99,ef,23,28,f7,1d,9b,2a,c8,fd,b5,db,c0,05,02,df,82,c5,2d,78,30,
f1,0c,9f,7d,78,28,98,0e,43,36,24,a9,c3,3c,14,64,1e,00,27,d3,77,00,67,d0,6a,\
"??"=hex:3f,eb,b2,a8,d5,51,4b,c2,1b,01,ec,08,0f,18,11,95

[HKEY_USERS\S-1-5-21-1935655697-1383384898-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:95,d9,70,45,9e,7e,d3,a3,94,26,74,c3,2d,1d,05,d0,f5,3d,7b,00,e6,
94,ee,f4,a1,e8,4e,57,67,58,7c,92,96,d1,80,20,a0,c2,2b,21,30,34,15,ad,76,46,\
"rkeysecu"=hex:21,45,2d,e9,08,a4,17,55,89,16,27,37,ed,0d,12,42

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\||A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(764)
e:\windows\system32\guard32.dll
e:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(824)
e:\windows\system32\guard32.dll
e:\windows\system32\imon.dll
.
Completion time: 2009-06-25 22:42
ComboFix-quarantined-files.txt 2009-06-25 21:42

Pre-Run: 8,737,857,536 bytes free
Post-Run: 9,499,045,888 bytes free

399 --- E O F --- 2009-06-10 22:19


Thank you, seems to be working alot better!

#8 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:02:14 AM

Posted 26 June 2009 - 02:58 AM

Hello Dublion,

I'm going to ask you to re-run ComboFix again, but this time, please follow the on screen instruction to install the Recovery Console.

If you still have your copy of ComboFix, you can run that, otherwise, please re-download them.

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2
Link 3


**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new DDS log for further review.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


Please reply with the ComboFix log and a new DDS log in your next reply.

Edited by Tokek, 26 June 2009 - 11:50 AM.

If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#9 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:14 PM

Posted 02 July 2009 - 11:01 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Microsoft MVP Consumer Security
Posted Image

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users