Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

EvdoServer,sofatnet,wiwow64,dvdpaly


  • This topic is locked This topic is locked
24 replies to this topic

#1 hatinmyPC

hatinmyPC

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 07 September 2009 - 01:45 AM

my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:51 AM, on 06/09/2009
Platform: Unknown Windows (WinNT 6.01.3164)
MSIE: Internet Explorer v8.00 (8.00.7260.0000)
Boot mode: Normal

Running processes:
A:\Windows\System32\smss.exe
A:\Windows\system32\csrss.exe
A:\Windows\system32\wininit.exe
A:\Windows\system32\csrss.exe
A:\Windows\system32\services.exe
A:\Windows\system32\lsass.exe
A:\Windows\system32\lsm.exe
A:\Windows\system32\svchost.exe
A:\Windows\system32\nvvsvc.exe
A:\Windows\system32\svchost.exe
A:\Windows\system32\winlogon.exe
A:\Windows\System32\svchost.exe
A:\Windows\System32\svchost.exe
A:\Windows\system32\svchost.exe
A:\Windows\system32\svchost.exe
A:\Windows\system32\WUDFHost.exe
A:\Windows\system32\Dwm.exe
A:\Windows\Explorer.EXE
A:\Windows\system32\svchost.exe
A:\Windows\system32\taskhost.exe
A:\Windows\system32\svchost.exe
A:\Windows\system32\svchost.exe
A:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
A:\Windows\system32\svchost.exe
A:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
A:\Windows\system32\svchost.exe
A:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
A:\Windows\System32\StikyNot.exe
A:\Windows\system32\SearchIndexer.exe
A:\Program Files\Windows Media Player\wmpnetwk.exe
A:\Windows\System32\svchost.exe
A:\Windows\system32\svchost.exe
A:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
A:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
A:\Windows\system32\sppsvc.exe
A:\Windows\system32\WUDFHost.exe
A:\Program Files\Internet Download Manager\IDMan.exe
A:\Windows\system32\SearchProtocolHost.exe
A:\Program Files\Mozilla Firefox\firefox.exe
A:\Windows\system32\taskhost.exe
A:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
A:\Windows\system32\SearchFilterHost.exe
A:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - A:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - A:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - A:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "A:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "A:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] A:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-21-899037044-396731412-349137126-1001\..\Run: [RESTART_STICKY_NOTES] A:\Windows\System32\StikyNot.exe (User '?')
O8 - Extra context menu item: Download all links with IDM - A:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - A:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - A:\Program Files\Internet Download Manager\IEExt.htm
O13 - Gopher Prefix:
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - https://employees.cpr.ca/vdesk/cachecleaner...,2008,0212,2003
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://employees.cpr.ca/vdesk/terminal/InstallerControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - A:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - A:\Windows\System32\DreamScene.dll
O23 - Service: Google Update Service (gupdate1ca16133877e5) (gupdate1ca16133877e5) - Google Inc. - A:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - A:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - A:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - A:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: sofatnet Service (sofatnet) - Unknown owner - A:\Windows\system32\sofatnet.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - A:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - A:\Windows\System32\TUProgSt.exe




I've removed those files I mentioned in the description multiple times with Malwarebytes,Superantispyware and TrojanRemover,but they keep coming back.Makes my Firefox hang-up constantly,and my machine is painfully slow at times.
Rootrepeal and dds aren't compatible with 7 unfortunately(or this infection isn't letting them run) .Any help would be greatly appreciated.Thanks in advance.

I know nobody has asked for this,but this is an example of my Malwarebytes scan that I keep deleting,but they just keep comin' back:


Malwarebytes' Anti-Malware 1.40
Database version: 2720
Windows 6.1.7260

30/08/2009 22:47:48
mbam-log-2009-08-30 (22-47-48).txt

Scan type: Quick Scan
Objects scanned: 86477
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 7
Registry Values Infected: 11
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 6

Memory Processes Infected:
A:\Windows\System32\sofatnet.exe (Backdoor.Bot) -> Unloaded process successfully.

Memory Modules Infected:
a:\Windows\System32\evdoserver.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\evdoserver (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\evdoserver (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\evdoserver (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sofatnet (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sofatnet (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sofatnet (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\FirstInstallFlag (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mEv (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
A:\Program Files\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.

Files Infected:
a:\Windows\System32\evdoserver.dll (Trojan.Agent) -> Delete on reboot.
A:\Windows\System32\dvdpaly.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
A:\Windows\System32\wiwow64.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
A:\Windows\System32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
A:\Windows\System32\sofatnet.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
A:\Windows\sc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 10 September 2009 - 12:06 PM

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.

During the download, rename Combofix to Combo-Fix as follows:

Posted Image

Posted Image


It is important you rename Combofix during the download, but not after.

**NOTE: If you are using Firefox, make sure that your download settings are as follows:
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".

After that, double-click and run Combo-Fix. Let it finish its job and post the log here

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 10 September 2009 - 11:29 PM

Get this error trying to run Combo-Fix:

Windows cannot find 'NircmdB.exe'.Make sure you typed the name correctly,and then try again.

I shut down all my anti-virus,malware with Task Manager first.

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 September 2009 - 12:06 AM

Delete your version of ComboFix.. Download it again >> rename it to kfc >> run it and post the log here

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 11 September 2009 - 01:30 AM

*sigh* Same error message...

#6 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 September 2009 - 06:01 AM

Please download RSIT by random/random and save it to your Desktop.
  • Double click on RSIT.exe to run RSIT
  • Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.


NEXT


Please download GMER and unzip it to your Desktop. <<mirror>>
Please rename the random filename or GMER into GAMERS
  • Open the renamed program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.
IMPORTANT: Do NOT run any program while you are doing these scans as it may interfere with the output results



Post me these logs in your next reply.. Post each log in separate post..

1. RSIT log.txt
2. RSIT info.txt
3. Attach GAMERS result..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#7 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 11 September 2009 - 10:15 AM

RSIT wouldn't complete it's scan without an error message but these are the GMER results:

Attached Files



#8 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 September 2009 - 10:37 AM

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.

During the download, rename Combofix to Combo-Fix as follows:

Posted Image

Posted Image


It is important you rename Combofix during the download, but not after.

**NOTE: If you are using Firefox, make sure that your download settings are as follows:
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".

After that, double-click and run Combo-Fix. Let it finish its job and post the log here

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#9 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 11 September 2009 - 11:23 AM

Combo-Fix still won't run

#10 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 September 2009 - 11:31 AM

Download OTL by OldTimer and save it to your desktop.

Don't change any setting... Just click on the Run Scan button.. Let it scan till finish..

Then a log will pop-up at your Desktop. Post the content of the log here

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#11 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 11 September 2009 - 12:42 PM

OTL logfile created on: 9/11/2009 10:37:50 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = A:\Users\Manfred\Desktop
Ultimate Edition (Version = 6.1.7260) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7260.0)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = A: | %SystemRoot% = A:\Windows | %ProgramFiles% = A:\Program Files
Drive C: | 156.05 Gb Total Space | 18.30 Gb Free Space | 11.73% Space Free | Partition Type: NTFS
Drive D: | 64.52 Gb Total Space | 43.22 Gb Free Space | 66.99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 33.85 Gb Total Space | 6.87 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MY_LAPPY
Current User Name: Manfred
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/02/27 01:21:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) -- A:\Windows\System32\nvvsvc.exe
PRC - [2009/06/13 02:16:19 | 00,195,584 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\WUDFHost.exe
PRC - [2009/06/13 02:15:55 | 02,634,752 | ---- | M] (Microsoft Corporation) -- A:\Windows\Explorer.EXE
PRC - [2009/06/13 02:16:13 | 00,070,656 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\taskhost.exe
PRC - [2009/08/05 14:32:25 | 00,133,104 | ---- | M] (Google Inc.) -- A:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PRC - [2009/06/13 02:16:29 | 00,115,712 | ---- | M] (Sigma Designs Inc) -- A:\Windows\System32\sofatnet.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- A:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/05/26 15:31:29 | 00,085,160 | ---- | M] (Elaborate Bytes AG) -- A:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/06/13 02:16:18 | 01,142,784 | ---- | M] (Microsoft Corporation) -- A:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- A:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/06/13 02:16:05 | 03,179,520 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\sppsvc.exe
PRC - [2009/09/10 14:54:00 | 00,420,176 | ---- | M] (Malwarebytes Corporation) -- A:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/07/30 04:26:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- A:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/10 21:38:39 | 03,114,416 | ---- | M] (Tonec Inc.) -- A:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2009/09/11 10:37:30 | 00,536,064 | ---- | M] (OldTimer Tools) -- A:\Users\Manfred\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/06/13 02:16:21 | 00,027,648 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\appidsvc.dll -- (AppIDSvc [On_Demand | Stopped])
SRV - [2009/06/13 02:16:23 | 00,088,064 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\AxInstSV.dll -- (AxInstSV [On_Demand | Stopped])
SRV - [2009/06/13 02:16:23 | 00,076,800 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\bdesvc.dll -- (BDESVC [Unknown | Stopped])
SRV - [2009/06/10 14:23:09 | 00,066,384 | ---- | M] (Microsoft Corporation) -- A:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/06/13 02:16:33 | 00,218,624 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\defragsvc.dll -- (defragsvc [On_Demand | Stopped])
SRV - [2009/06/13 02:16:33 | 00,253,440 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\dhcpcore.dll -- (Dhcp [Auto | Running])
SRV - [2009/06/13 02:16:29 | 00,045,056 | ---- | M] (X-Ways Software Technology) -- A:\Windows\System32\EvdoServer.dll -- (EvdoServer [Auto | Running])
SRV - [2009/06/13 02:17:21 | 01,086,464 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\wevtsvc.dll -- (eventlog [Auto | Running])
SRV - [2009/06/13 02:16:45 | 00,797,696 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\FntCache.dll -- (FontCache [On_Demand | Stopped])
SRV - [2009/06/10 14:14:51 | 00,042,856 | ---- | M] (Microsoft Corporation) -- A:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/08/07 12:44:18 | 00,045,816 | ---- | M] (NOS Microsystems Ltd.) -- A:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2009/08/05 14:23:32 | 00,133,104 | ---- | M] (Google Inc.) -- A:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca16133877e5 [Auto | Stopped])
SRV - [2009/06/13 02:16:54 | 00,194,560 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\ListSvc.dll -- (HomeGroupListener [On_Demand | Running])
SRV - [2009/06/13 02:17:16 | 00,164,864 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\provsvc.dll -- (HomeGroupProvider [On_Demand | Running])
SRV - [2009/06/10 14:14:02 | 00,878,416 | ---- | M] (Microsoft Corporation) -- A:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- A:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService [Auto | Running])
SRV - [2009/06/10 14:14:05 | 00,128,848 | ---- | M] (Microsoft Corporation) -- A:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/02/27 01:21:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) -- A:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2009/06/13 02:17:16 | 00,269,824 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\pnrpsvc.dll -- (p2pimsvc [On_Demand | Running])
SRV - [2009/06/13 02:17:16 | 01,004,032 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\peerdistsvc.dll -- (PeerDistSvc [On_Demand | Stopped])
SRV - [2009/06/13 02:17:16 | 00,020,480 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg [On_Demand | Stopped])
SRV - [2009/06/13 02:17:16 | 00,269,824 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\pnrpsvc.dll -- (PNRPsvc [On_Demand | Running])
SRV - [2009/06/13 02:17:20 | 00,119,808 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\umpo.dll -- (Power [Auto | Running])
SRV - File not found -- -- (RelevantKnowledge [Auto | Stopped])
SRV - [2009/06/13 02:17:17 | 00,043,520 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper [Unknown | Running])
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- A:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running])
SRV - [2009/06/13 02:17:17 | 00,025,088 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\sensrsvc.dll -- (SensrSvc [On_Demand | Stopped])
SRV - [2009/06/13 02:16:29 | 00,115,712 | ---- | M] (Sigma Designs Inc) -- A:\Windows\System32\sofatnet.exe -- (sofatnet [Auto | Running])
SRV - [2009/06/13 02:16:05 | 03,179,520 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\sppsvc.exe -- (sppsvc [Auto | Running])
SRV - [2009/06/13 02:17:18 | 00,053,760 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\sppuinotify.dll -- (sppuinotify [On_Demand | Stopped])
SRV - [2009/06/13 02:17:19 | 00,037,376 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\themeservice.dll -- (Themes [Auto | Running])
SRV - [2009/08/20 17:25:51 | 00,361,288 | ---- | M] (TuneUp Software) -- A:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2009/08/20 17:26:00 | 00,604,488 | ---- | M] (TuneUp Software) -- A:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Auto | Stopped])
SRV - [2009/07/15 11:48:20 | 00,029,000 | ---- | M] (TuneUp Software) -- A:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Stopped])
SRV - [2009/06/13 02:17:20 | 00,151,552 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\wbiosrvc.dll -- (WbioSrvc [Auto | Stopped])
SRV - [2009/06/13 02:17:00 | 00,680,960 | ---- | M] (Microsoft Corporation) -- A:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [On_Demand | Stopped])
SRV - [2009/06/13 02:16:18 | 01,142,784 | ---- | M] (Microsoft Corporation) -- A:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2009/06/13 02:17:24 | 00,185,856 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\wwansvc.dll -- (WwanSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/06/13 01:02:31 | 00,163,328 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci [On_Demand | Stopped])
DRV - [2009/06/13 00:27:42 | 00,009,728 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi [On_Demand | Stopped])
DRV - [2009/06/13 02:29:11 | 00,422,976 | ---- | M] (Adaptec, Inc.) -- A:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx [On_Demand | Stopped])
DRV - [2009/06/13 02:29:08 | 00,297,552 | ---- | M] (Adaptec, Inc.) -- A:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci [On_Demand | Stopped])
DRV - [2009/06/13 02:29:02 | 00,146,496 | ---- | M] (Adaptec, Inc.) -- A:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320 [On_Demand | Stopped])
DRV - [2009/06/12 23:25:19 | 01,035,776 | ---- | M] (LSI Corp) -- A:\Windows\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2009/06/13 02:25:44 | 00,070,720 | ---- | M] (Adaptec, Inc.) -- A:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx [On_Demand | Stopped])
DRV - [2009/06/13 02:28:45 | 00,014,416 | ---- | M] (Acer Laboratories Inc.) -- A:\Windows\system32\DRIVERS\aliide.sys -- (aliide [On_Demand | Stopped])
DRV - [2009/06/13 00:22:19 | 00,052,736 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM [On_Demand | Stopped])
DRV - [2009/06/13 02:28:55 | 00,079,952 | ---- | M] (Advanced Micro Devices) -- A:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata [On_Demand | Stopped])
DRV - [2009/06/13 02:29:02 | 00,159,296 | ---- | M] (AMD Technologies Inc.) -- A:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs [On_Demand | Stopped])
DRV - [2009/06/13 02:28:45 | 00,023,616 | ---- | M] (Advanced Micro Devices) -- A:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata [Boot | Running])
DRV - [2009/06/13 00:47:45 | 00,050,176 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\drivers\appid.sys -- (AppID [On_Demand | Stopped])
DRV - [2009/06/13 02:28:53 | 00,076,368 | ---- | M] (Adaptec, Inc.) -- A:\Windows\system32\DRIVERS\arc.sys -- (arc [On_Demand | Stopped])
DRV - [2009/06/13 02:28:58 | 00,086,608 | ---- | M] (Adaptec, Inc.) -- A:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas [On_Demand | Stopped])
DRV - [2009/06/12 23:14:31 | 00,430,080 | ---- | M] (Broadcom Corporation) -- A:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv [On_Demand | Stopped])
DRV - [2009/06/12 23:14:32 | 00,229,888 | ---- | M] (Broadcom Corporation) -- A:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
DRV - [2009/06/13 00:04:26 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- A:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2009/06/13 00:04:26 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- A:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2009/06/13 02:02:20 | 00,272,128 | ---- | M] (Brother Industries Ltd.) -- A:\Windows\System32\Drivers\Brserid.sys -- (Brserid [On_Demand | Stopped])
DRV - [2009/06/13 00:04:28 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- A:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm [On_Demand | Stopped])
DRV - [2009/06/13 00:04:29 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- A:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm [On_Demand | Stopped])
DRV - [2009/06/13 00:04:29 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- A:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2009/06/13 02:28:45 | 00,015,936 | ---- | M] (CMD Technology, Inc.) -- A:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide [On_Demand | Stopped])
DRV - [2009/06/13 02:19:54 | 00,369,568 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\Drivers\cng.sys -- (CNG [Boot | Running])
DRV - [2009/06/13 00:56:06 | 00,031,232 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\CompositeBus.sys -- (CompositeBus [On_Demand | Running])
DRV - [2009/06/13 00:35:03 | 00,032,256 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\discache.sys -- (discache [System | Running])
DRV - [2009/06/12 23:14:31 | 03,100,160 | ---- | M] (Broadcom Corporation) -- A:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv [On_Demand | Stopped])
DRV - [2007/02/15 17:57:04 | 00,034,760 | ---- | M] (SlySoft, Inc.) -- A:\Windows\System32\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV - [2009/02/17 10:11:30 | 00,024,232 | ---- | M] (Elaborate Bytes AG) -- A:\Windows\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
DRV - [2009/06/13 02:25:58 | 00,453,696 | ---- | M] (Emulex) -- A:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor [On_Demand | Stopped])
DRV - [2009/06/13 02:25:41 | 00,046,160 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\FsDepends.sys -- (FsDepends [On_Demand | Stopped])
DRV - [2009/06/13 00:05:11 | 00,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) -- A:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir [On_Demand | Stopped])
DRV - [2009/06/13 00:30:23 | 00,021,504 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt [On_Demand | Stopped])
DRV - [2009/06/13 02:25:44 | 00,067,136 | ---- | M] (Hewlett-Packard Company) -- A:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD [On_Demand | Stopped])
DRV - [2009/06/13 02:25:31 | 00,013,888 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy [Boot | Running])
DRV - [2009/06/04 18:43:16 | 00,330,264 | ---- | M] (Intel Corporation) -- A:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2009/06/13 02:25:58 | 00,332,352 | ---- | M] (Intel Corporation) -- A:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV [On_Demand | Stopped])
DRV - [2009/06/13 02:25:40 | 00,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) -- A:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp [On_Demand | Stopped])
DRV - [2009/07/20 19:15:28 | 02,664,032 | ---- | M] (Realtek Semiconductor Corp.) -- A:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2009/03/09 08:58:16 | 00,056,320 | ---- | M] (ITE Tech. Inc. ) -- A:\Windows\System32\DRIVERS\itecir.sys -- (itecir [On_Demand | Running])
DRV - [2009/06/13 02:25:51 | 00,133,184 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg [Boot | Running])
DRV - [2009/06/29 09:19:26 | 00,047,616 | ---- | M] (Atheros Communications, Inc.) -- A:\Windows\System32\DRIVERS\L1E62x86.sys -- (L1E [On_Demand | Running])
DRV - [2009/06/13 02:25:52 | 00,095,808 | ---- | M] (LSI Corporation) -- A:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC [On_Demand | Stopped])
DRV - [2009/06/13 02:25:47 | 00,089,152 | ---- | M] (LSI Corporation) -- A:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS [On_Demand | Stopped])
DRV - [2009/06/13 02:25:44 | 00,054,864 | ---- | M] (LSI Corporation) -- A:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2 [On_Demand | Stopped])
DRV - [2009/06/13 02:25:50 | 00,096,832 | ---- | M] (LSI Corporation) -- A:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI [On_Demand | Stopped])
DRV - [2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- A:\Windows\System32\drivers\mbam.sys -- (MBAMProtector [On_Demand | Running])
DRV - [2009/06/13 02:25:38 | 00,030,800 | ---- | M] (LSI Corporation) -- A:\Windows\system32\DRIVERS\megasas.sys -- (megasas [On_Demand | Stopped])
DRV - [2009/06/13 02:25:57 | 00,235,584 | ---- | M] (LSI Corporation, Inc.) -- A:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR [On_Demand | Stopped])
DRV - [2009/06/13 01:01:44 | 00,004,096 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf [On_Demand | Stopped])
DRV - [2009/06/13 00:57:34 | 00,012,288 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig [On_Demand | Stopped])
DRV - [2009/06/13 01:03:19 | 00,027,136 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\ndiscap.sys -- (NdisCap [On_Demand | Stopped])
DRV - [2009/06/12 23:14:34 | 04,231,168 | ---- | M] (Intel Corporation) -- A:\Windows\System32\DRIVERS\netw5v32.sys -- (netw5v32 [On_Demand | Running])
DRV - [2009/06/13 02:25:39 | 00,044,624 | ---- | M] (IBM Corporation) -- A:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960 [On_Demand | Stopped])
DRV - [2009/05/27 16:04:00 | 09,850,240 | ---- | M] (NVIDIA Corporation) -- A:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2009/06/13 02:25:51 | 00,117,312 | ---- | M] (NVIDIA Corporation) -- A:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid [On_Demand | Stopped])
DRV - [2009/06/13 02:25:53 | 00,142,400 | ---- | M] (NVIDIA Corporation) -- A:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor [On_Demand | Stopped])
DRV - [2009/06/13 02:22:05 | 00,042,560 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\pcw.sys -- (pcw [Boot | Running])
DRV - [2007/03/07 16:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- A:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2009/06/13 02:22:14 | 01,383,488 | ---- | M] (QLogic Corporation) -- A:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300 [On_Demand | Stopped])
DRV - [2009/06/13 02:22:08 | 00,106,048 | ---- | M] (QLogic Corporation) -- A:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx [On_Demand | Stopped])
DRV - [2009/06/13 01:05:31 | 00,049,152 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\AgileVpn.sys -- (RasAgileVpn [On_Demand | Running])
DRV - [2009/06/13 01:13:12 | 00,018,432 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\rdpbus.sys -- (rdpbus [On_Demand | Running])
DRV - [2009/06/13 01:12:10 | 00,007,168 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\rdprefmp.sys -- (RDPREFMP [System | Running])
DRV - [2009/06/13 02:22:12 | 00,173,632 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\rdyboost.sys -- (rdyboost [Boot | Running])
DRV - [2009/06/13 00:39:40 | 00,005,632 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap [On_Demand | Stopped])
DRV - [2009/08/05 16:06:28 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- A:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/08/05 16:06:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- A:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/08/05 16:06:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- A:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2009/06/13 00:44:40 | 00,026,624 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\scfilter.sys -- (scfilter [Unknown | Stopped])
DRV - [2009/06/12 22:04:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- A:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2009/06/13 02:22:04 | 00,040,016 | ---- | M] (Silicon Integrated Systems Corp.) -- A:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2 [On_Demand | Stopped])
DRV - [2009/06/13 02:22:06 | 00,077,904 | ---- | M] (Silicon Integrated Systems) -- A:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4 [On_Demand | Stopped])
DRV - [2009/06/13 02:21:59 | 00,021,072 | ---- | M] (Promise Technology) -- A:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor [On_Demand | Stopped])
DRV - [2009/06/13 02:22:04 | 00,040,784 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt [Boot | Running])
DRV - [2009/06/13 02:21:59 | 00,028,240 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc [On_Demand | Stopped])
DRV - [2009/06/13 01:02:11 | 00,008,192 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\umpass.sys -- (UmPass [On_Demand | Stopped])
DRV - [2009/05/22 16:08:32 | 00,029,696 | ---- | M] (Elaborate Bytes AG) -- A:\Windows\System32\DRIVERS\VClone.sys -- (VClone [On_Demand | Running])
DRV - [2009/06/13 02:22:02 | 00,032,848 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot [Boot | Running])
DRV - [2009/06/13 02:22:13 | 00,159,808 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp [On_Demand | Stopped])
DRV - [2009/06/13 02:21:58 | 00,016,976 | ---- | M] (VIA Technologies, Inc.) -- A:\Windows\system32\DRIVERS\viaide.sys -- (viaide [On_Demand | Stopped])
DRV - [2009/06/13 02:22:12 | 00,175,808 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus [On_Demand | Stopped])
DRV - [2009/06/13 00:39:37 | 00,017,792 | ---- | M] (Microsoft Corporation) -- A:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID [On_Demand | Stopped])
DRV - [2009/06/13 02:22:12 | 00,141,888 | ---- | M] (VIA Technologies Inc.,Ltd) -- A:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid [On_Demand | Stopped])
DRV - [2009/06/13 01:02:38 | 00,019,968 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\vwifibus.sys -- (vwifibus [On_Demand | Stopped])
DRV - [2009/06/13 01:04:25 | 00,009,728 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\wfplwf.sys -- (WfpLwf [System | Running])
DRV - [2009/06/13 02:21:57 | 00,019,008 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\drivers\wimmount.sys -- (WIMMount [On_Demand | Stopped])
DRV - [2009/06/13 01:01:49 | 00,034,944 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\DRIVERS\WinUSB.sys -- (WinUsb [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = A:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = A:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://sympatico.msn.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 C4 6A 71 80 28 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 41
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.6
FF - prefs.js..extensions.enabledItems: {D249FD00-4DF9-11D9-9FDC-0080481ADA61}:1.1.23
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.2.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2


FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: A:\Program Files\Google\Google Gears\Firefox\ [2009/09/10 20:37:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: A:\Program Files\Mozilla Firefox\components [2009/08/30 01:08:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: A:\Program Files\Mozilla Firefox\plugins [2009/08/30 01:08:01 | 00,000,000 | ---D | M]

[2009/08/01 18:01:28 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Extensions
[2009/08/01 18:01:28 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/10 20:34:07 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions
[2009/08/02 08:29:37 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/02 08:29:37 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2009/08/12 17:56:46 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/08/02 08:29:37 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}
[2009/08/25 12:40:57 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/08/02 08:29:38 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/08/02 08:29:38 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/08/09 10:45:01 | 00,000,000 | ---D | M] -- A:\Users\Manfred\AppData\Roaming\mozilla\Firefox\Profiles\43gt1erq.default\extensions\personas@christopher.beard
[2009/09/10 20:34:07 | 00,000,000 | ---D | M] -- A:\Program Files\mozilla firefox\extensions
[2009/08/08 11:28:07 | 00,000,000 | ---D | M] -- A:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/07 22:30:27 | 00,000,000 | ---D | M] -- A:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/10 18:06:10 | 00,000,000 | ---D | M] -- A:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/07/30 04:26:53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- A:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/30 04:26:54 | 00,137,208 | ---- | M] (Mozilla Foundation) -- A:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/08/10 18:06:03 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- A:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/07/30 04:26:55 | 00,065,016 | ---- | M] (mozilla.org) -- A:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- A:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/09/10 12:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- A:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008/09/10 12:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- A:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/08/07 12:44:18 | 00,030,400 | ---- | M] (NOS Microsystems Ltd.) -- A:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/07/30 00:24:20 | 00,001,394 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 00:24:20 | 00,002,193 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/30 00:24:20 | 00,001,534 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 00:24:20 | 00,002,344 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 00:24:20 | 00,002,371 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/30 00:24:20 | 00,001,178 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/30 00:24:20 | 00,000,792 | ---- | M] () -- A:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (321585 bytes) - A:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 11015 more lines...
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - A:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - A:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - A:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - A:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] A:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VirtualCloneDrive] A:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Download all links with IDM - A:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - A:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - A:\Program Files\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - A:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - A:\Windows\System32\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} https://employees.cpr.ca/vdesk/cachecleaner...,2008,0212,2003 (F5 Networks CacheCleaner)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://employees.cpr.ca/vdesk/terminal/InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - A:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - A:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - A:\Program Files\SUPERAntiSpyware\SASWINLO.dll - A:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - A:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - A:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Security Packages - (pku2u) - A:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 14:42:20 | 00,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - A:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 A:\Windows\*.tmp files]
[2009/09/11 10:37:29 | 00,536,064 | ---- | C] (OldTimer Tools) -- A:\Users\Manfred\Desktop\OTL.exe
[2009/09/11 09:21:47 | 00,000,000 | ---D | C] -- A:\32788R22FWJFW
[2009/09/11 09:02:50 | 03,316,046 | ---- | C] () -- A:\Users\Manfred\Desktop\123.exe
[2009/09/11 07:58:13 | 00,313,344 | ---- | C] () -- A:\Users\Manfred\Desktop\GAMER.exe
[2009/09/11 07:56:33 | 00,000,000 | ---D | C] -- A:\rsit
[2009/09/11 07:55:31 | 00,781,909 | ---- | C] () -- A:\Users\Manfred\Desktop\RSIT.exe
[2009/09/10 21:17:13 | 00,301,568 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\cmd.execf
[2009/09/10 20:46:53 | 00,000,000 | ---D | C] -- A:\Users\Manfred\Desktop\Threat Signal-Vigilance
[2009/09/10 20:45:06 | 00,001,441 | ---- | C] () -- A:\Users\Manfred\Desktop\THE WIRE - Shortcut.lnk
[2009/09/10 20:02:48 | 00,000,716 | ---- | C] () -- A:\2557642.exe
[2009/09/09 02:52:58 | 00,210,352 | ---- | C] (Tonec Inc.) -- A:\Windows\System32\idmmbc.dll
[2009/09/08 14:28:46 | 00,000,000 | ---D | C] -- A:\Users\Manfred\Desktop\Drivers Backup
[2009/09/07 10:04:55 | 00,000,000 | -H-D | C] -- A:\Windows\PIF
[2009/09/06 20:30:42 | 00,061,440 | ---- | C] (USA) -- A:\Windows\System32\msxm192z.dll
[2009/09/06 11:10:34 | 00,002,044 | ---- | C] () -- A:\Users\Manfred\Desktop\HijackThis.lnk
[2009/09/06 11:10:34 | 00,000,000 | ---D | C] -- A:\Program Files\Trend Micro
[2009/09/06 10:55:16 | 00,000,015 | ---- | C] () -- A:\Users\Manfred\Desktop\settings.dat
[2009/09/06 10:54:41 | 00,495,104 | ---- | C] ( ) -- A:\Users\Manfred\Desktop\RootRepeal.exe
[2009/09/06 10:53:18 | 00,359,929 | ---- | C] () -- A:\Users\Manfred\Desktop\dds.exe
[2009/09/06 10:52:33 | 00,000,000 | ---D | C] -- A:\Users\Manfred\Desktop\9-6-2009
[2009/09/06 10:51:45 | 00,000,899 | ---- | C] () -- A:\Users\Manfred\Desktop\NTREGOPT.lnk
[2009/09/06 10:51:45 | 00,000,880 | ---- | C] () -- A:\Users\Manfred\Desktop\ERUNT.lnk
[2009/09/06 10:51:45 | 00,000,000 | ---D | C] -- A:\Program Files\ERUNT
[2009/09/05 19:11:55 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Local\Ares
[2009/09/05 16:34:35 | 00,000,000 | ---D | C] -- A:\Users\Manfred\Desktop\backups
[2009/09/05 15:53:24 | 00,054,709 | ---- | C] (SornSoft) -- A:\Program Files\Common Files\alg.exe
[2009/09/05 09:27:07 | 00,077,882 | ---- | C] () -- A:\Users\Manfred\Documents\cc_20090905_092702.reg
[2009/09/02 21:18:40 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\Media Player Classic
[2009/09/01 16:22:28 | 00,008,192 | ---- | C] () -- A:\Users\Manfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/30 23:29:39 | 00,000,500 | ---- | C] () -- A:\Windows\tasks\Malwarebytes' Scheduled Scan for Manfred.job
[2009/08/30 01:07:49 | 00,278,528 | ---- | C] (Real Networks, Inc) -- A:\Windows\System32\pncrt.dll
[2009/08/30 01:07:49 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- A:\Windows\System32\rmoc3260.dll
[2009/08/30 01:07:49 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- A:\Windows\System32\pndx5016.dll
[2009/08/30 01:07:49 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- A:\Windows\System32\pndx5032.dll
[2009/08/30 01:07:42 | 00,168,448 | ---- | C] () -- A:\Windows\System32\unrar.dll
[2009/08/30 01:07:39 | 00,000,038 | ---- | C] () -- A:\Windows\avisplitter.ini
[2009/08/30 01:07:32 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- A:\Windows\System32\lameACM.acm
[2009/08/30 01:07:32 | 00,000,414 | ---- | C] () -- A:\Windows\System32\lame_acm.xml
[2009/08/30 01:07:06 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- A:\Windows\System32\yv12vfw.dll
[2009/08/30 01:07:06 | 00,118,784 | ---- | C] (fccHandler) -- A:\Windows\System32\ac3acm.acm
[2009/08/30 01:07:04 | 03,596,288 | ---- | C] () -- A:\Windows\System32\qt-dx331.dll
[2009/08/30 01:07:04 | 00,881,664 | ---- | C] () -- A:\Windows\System32\xvidcore.dll
[2009/08/30 01:07:04 | 00,205,824 | ---- | C] () -- A:\Windows\System32\xvidvfw.dll
[2009/08/30 01:07:04 | 00,090,112 | ---- | C] (DivX, Inc.) -- A:\Windows\System32\dpl100.dll
[2009/08/30 01:07:03 | 00,685,056 | ---- | C] (DivX, Inc.) -- A:\Windows\System32\divx.dll
[2009/08/30 01:07:03 | 00,000,547 | ---- | C] () -- A:\Windows\System32\ff_vfw.dll.manifest
[2009/08/30 01:07:02 | 00,085,504 | ---- | C] () -- A:\Windows\System32\ff_vfw.dll
[2009/08/30 01:07:02 | 00,060,273 | ---- | C] (Open Source Software community project) -- A:\Windows\System32\pthreadGC2.dll
[2009/08/30 01:06:59 | 00,000,000 | ---D | C] -- A:\Program Files\K-Lite Codec Pack
[2009/08/30 00:40:16 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\avidemux
[2009/08/30 00:40:13 | 00,001,025 | ---- | C] () -- A:\Users\Public\Desktop\Avidemux 2.5.lnk
[2009/08/30 00:40:09 | 00,000,000 | ---D | C] -- A:\Program Files\Avidemux 2.5
[2009/08/29 23:34:15 | 00,000,000 | ---D | C] -- A:\Program Files\Viva Media
[2009/08/29 21:45:15 | 00,000,000 | ---D | C] -- A:\Program Files\Crazy Machines 2
[2009/08/29 21:37:03 | 00,000,000 | ---D | C] -- A:\Users\Manfred\Desktop\Elecard.Converter.Studio.AVC.HD.Edition.v3.1.90410.HAPPY.EASTER-TE
[2009/08/29 21:36:57 | 00,219,971 | ---- | C] () -- A:\Users\Manfred\Desktop\megan-fox-nude-3.jpg
[2009/08/29 21:36:53 | 00,032,335 | ---- | C] () -- A:\Users\Manfred\Desktop\megan-fox-nude15.jpg
[2009/08/29 21:12:05 | 13,965,903 | ---- | C] () -- A:\Users\Manfred\Desktop\P3Zine_30.pdf
[2009/08/26 20:03:41 | 00,002,012 | ---- | C] () -- A:\Users\Manfred\Desktop\Heavy Weapon Deluxe.lnk
[2009/08/26 19:22:24 | 00,000,017 | ---- | C] () -- A:\Windows\popcinfo.dat
[2009/08/26 19:20:51 | 00,000,000 | ---D | C] -- A:\Windows\Heavy Weapon Deluxe
[2009/08/26 19:20:51 | 00,000,000 | ---D | C] -- A:\Program Files\Heavy Weapon Deluxe
[2009/08/24 18:35:13 | 00,000,975 | ---- | C] () -- A:\Users\Manfred\Desktop\Temp - Shortcut.lnk
[2009/08/24 18:06:08 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\Atlus
[2009/08/24 17:46:08 | 00,413,696 | ---- | C] (Creative Labs) -- A:\Windows\System32\wrap_oal.dll
[2009/08/24 17:46:08 | 00,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- A:\Windows\System32\OpenAL32.dll
[2009/08/24 17:46:08 | 00,000,000 | ---D | C] -- A:\Program Files\OpenAL
[2009/08/24 15:51:29 | 04,178,264 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DX9_41.dll
[2009/08/24 15:51:29 | 01,846,632 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_41.dll
[2009/08/24 15:51:29 | 00,453,456 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_41.dll
[2009/08/24 15:51:28 | 00,517,448 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAudio2_4.dll
[2009/08/24 15:51:28 | 00,069,448 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAPOFX1_3.dll
[2009/08/24 15:51:27 | 04,379,984 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DX9_40.dll
[2009/08/24 15:51:27 | 02,036,576 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_40.dll
[2009/08/24 15:51:27 | 00,514,384 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAudio2_3.dll
[2009/08/24 15:51:27 | 00,452,440 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_40.dll
[2009/08/24 15:51:27 | 00,235,856 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine3_3.dll
[2009/08/24 15:51:27 | 00,235,352 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine3_4.dll
[2009/08/24 15:51:27 | 00,070,992 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAPOFX1_2.dll
[2009/08/24 15:51:27 | 00,023,376 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\X3DAudio1_5.dll
[2009/08/24 15:51:27 | 00,022,360 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\X3DAudio1_6.dll
[2009/08/24 15:51:26 | 01,493,528 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_39.dll
[2009/08/24 15:51:26 | 00,509,448 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAudio2_2.dll
[2009/08/24 15:51:26 | 00,467,984 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_39.dll
[2009/08/24 15:51:26 | 00,238,088 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine3_2.dll
[2009/08/24 15:51:26 | 00,068,616 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAPOFX1_1.dll
[2009/08/24 15:51:25 | 03,851,784 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DX9_39.dll
[2009/08/24 15:51:25 | 03,850,760 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DX9_38.dll
[2009/08/24 15:51:25 | 01,491,992 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_38.dll
[2009/08/24 15:51:25 | 00,507,400 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAudio2_1.dll
[2009/08/24 15:51:25 | 00,479,752 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAudio2_0.dll
[2009/08/24 15:51:25 | 00,467,984 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_38.dll
[2009/08/24 15:51:25 | 00,238,088 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine3_1.dll
[2009/08/24 15:51:25 | 00,065,032 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\XAPOFX1_0.dll
[2009/08/24 15:51:25 | 00,025,608 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\X3DAudio1_4.dll
[2009/08/24 15:51:24 | 03,786,760 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DX9_37.dll
[2009/08/24 15:51:24 | 01,420,824 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_37.dll
[2009/08/24 15:51:24 | 00,462,864 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_37.dll
[2009/08/24 15:51:24 | 00,267,272 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_10.dll
[2009/08/24 15:51:24 | 00,238,088 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine3_0.dll
[2009/08/24 15:51:24 | 00,025,608 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\X3DAudio1_3.dll
[2009/08/24 15:51:23 | 03,734,536 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_36.dll
[2009/08/24 15:51:23 | 03,727,720 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_35.dll
[2009/08/24 15:51:23 | 01,374,232 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_36.dll
[2009/08/24 15:51:23 | 01,358,192 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_35.dll
[2009/08/24 15:51:23 | 00,444,776 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_36.dll
[2009/08/24 15:51:23 | 00,444,776 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_35.dll
[2009/08/24 15:51:23 | 00,267,112 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_9.dll
[2009/08/24 15:51:23 | 00,266,088 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_8.dll
[2009/08/24 15:51:23 | 00,017,928 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\X3DAudio1_2.dll
[2009/08/24 15:51:22 | 03,497,832 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_34.dll
[2009/08/24 15:51:22 | 01,124,720 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_34.dll
[2009/08/24 15:51:22 | 01,123,696 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\D3DCompiler_33.dll
[2009/08/24 15:51:22 | 00,443,752 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_34.dll
[2009/08/24 15:51:22 | 00,443,752 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10_33.dll
[2009/08/24 15:51:22 | 00,261,480 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_7.dll
[2009/08/24 15:51:22 | 00,081,768 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xinput1_3.dll
[2009/08/24 15:51:21 | 03,495,784 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_33.dll
[2009/08/24 15:51:21 | 03,426,072 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_32.dll
[2009/08/24 15:51:21 | 02,414,360 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_31.dll
[2009/08/24 15:51:21 | 00,440,080 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx10.dll
[2009/08/24 15:51:21 | 00,255,848 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_6.dll
[2009/08/24 15:51:21 | 00,251,672 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_5.dll
[2009/08/24 15:51:21 | 00,237,848 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_4.dll
[2009/08/24 15:51:21 | 00,236,824 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_3.dll
[2009/08/24 15:51:21 | 00,015,128 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\x3daudio1_1.dll
[2009/08/24 15:51:20 | 00,230,168 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_2.dll
[2009/08/24 15:51:20 | 00,229,584 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_1.dll
[2009/08/24 15:51:20 | 00,062,744 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xinput1_2.dll
[2009/08/24 15:51:20 | 00,062,672 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xinput1_1.dll
[2009/08/24 15:51:16 | 02,388,176 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_30.dll
[2009/08/24 15:51:15 | 02,332,368 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_29.dll
[2009/08/24 15:51:15 | 02,323,664 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_28.dll
[2009/08/24 15:51:15 | 02,319,568 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_27.dll
[2009/08/24 15:51:15 | 00,230,096 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\xactengine2_0.dll
[2009/08/24 15:51:15 | 00,014,032 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\x3daudio1_0.dll
[2009/08/24 15:51:14 | 02,337,488 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_25.dll
[2009/08/24 15:51:14 | 02,297,552 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_26.dll
[2009/08/24 15:51:13 | 02,222,800 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\d3dx9_24.dll
[2009/08/24 15:50:46 | 00,001,069 | ---- | C] () -- A:\Users\Public\Desktop\Droplitz.lnk
[2009/08/24 15:50:03 | 00,000,000 | ---D | C] -- A:\Program Files\ATLUS
[2009/08/24 15:38:56 | 00,001,213 | ---- | C] () -- A:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2009/08/24 15:38:26 | 00,000,000 | ---D | C] -- A:\Program Files\Elaborate Bytes
[2009/08/21 22:12:44 | 00,001,072 | ---- | C] () -- A:\Users\Public\Desktop\Trojan Remover.lnk
[2009/08/21 22:12:43 | 00,162,304 | ---- | C] () -- A:\Windows\System32\ztvunrar36.dll
[2009/08/21 22:12:43 | 00,153,088 | ---- | C] () -- A:\Windows\System32\UNRAR3.dll
[2009/08/21 22:12:43 | 00,077,312 | ---- | C] () -- A:\Windows\System32\ztvunace26.dll
[2009/08/21 22:12:43 | 00,075,264 | ---- | C] () -- A:\Windows\System32\unacev2.dll
[2009/08/21 22:12:43 | 00,069,632 | ---- | C] (Microsoft Corporation) -- A:\Windows\System32\ztvcabinet.dll
[2009/08/21 22:12:42 | 00,000,000 | ---D | C] -- A:\Users\Manfred\Documents\Simply Super Software
[2009/08/21 22:12:42 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\Simply Super Software
[2009/08/21 22:12:42 | 00,000,000 | ---D | C] -- A:\ProgramData\Simply Super Software
[2009/08/21 22:12:42 | 00,000,000 | ---D | C] -- A:\Program Files\Trojan Remover
[2009/08/21 09:10:23 | 00,000,000 | -H-- | C] () -- A:\Windows\System32\drivers\Msft_User_wbvfs201_01_09_00.Wdf
[2009/08/21 09:10:18 | 00,000,000 | ---D | C] -- A:\Program Files\DigitalPersona
[2009/08/21 09:10:03 | 00,000,000 | ---D | C] -- A:\Program Files\Validity Sensors
[2009/08/20 17:26:00 | 00,604,488 | ---- | C] (TuneUp Software) -- A:\Windows\System32\TUProgSt.exe
[2009/08/20 17:25:58 | 00,029,000 | ---- | C] (TuneUp Software) -- A:\Windows\System32\uxtuneup.dll
[2009/08/20 17:25:51 | 00,361,288 | ---- | C] (TuneUp Software) -- A:\Windows\System32\TuneUpDefragService.exe
[2009/08/20 17:25:51 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\TuneUp Software
[2009/08/20 17:25:49 | 00,001,716 | ---- | C] () -- A:\Users\Public\Desktop\TuneUp Utilities 2009.lnk
[2009/08/20 17:25:34 | 00,000,000 | ---D | C] -- A:\ProgramData\TuneUp Software
[2009/08/20 17:25:34 | 00,000,000 | ---D | C] -- A:\Program Files\TuneUp Utilities 2009
[2009/08/20 17:24:37 | 00,000,000 | -HSD | C] -- A:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/08/19 12:32:18 | 00,000,000 | ---D | C] -- A:\Program Files\WinRAR
[2009/08/18 20:05:32 | 00,001,816 | ---- | C] () -- A:\Users\Public\Desktop\ImgBurn.lnk
[2009/08/18 19:26:12 | 00,011,130 | ---- | C] () -- A:\Users\Manfred\Documents\cc_20090818_192608.reg
[2009/08/18 18:46:07 | 00,000,000 | ---D | C] -- A:\ProgramData\TEMP
[2009/08/17 20:38:19 | 00,000,000 | ---D | C] -- A:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP
[2009/08/17 19:54:33 | 00,000,000 | ---D | C] -- A:\Program Files\ESET
[2009/08/17 19:31:56 | 00,000,000 | ---D | C] -- A:\ProgramData\RegCure
[2009/08/15 16:06:14 | 00,000,000 | ---D | C] -- A:\ProgramData\SUPERAntiSpyware.com
[2009/08/15 16:06:08 | 00,002,108 | ---- | C] () -- A:\Users\Manfred\Desktop\SUPERAntiSpyware Professional.lnk
[2009/08/15 16:06:07 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\SUPERAntiSpyware.com
[2009/08/15 16:06:07 | 00,000,000 | ---D | C] -- A:\Program Files\SUPERAntiSpyware
[2009/08/15 15:59:19 | 00,015,254 | ---- | C] () -- A:\Users\Manfred\Documents\cc_20090815_155916.reg
[2009/08/15 15:54:38 | 00,001,836 | ---- | C] () -- A:\Users\Manfred\Desktop\CCleaner.lnk
[2009/08/15 15:54:38 | 00,000,000 | ---D | C] -- A:\Program Files\CCleaner
[2009/08/15 09:47:43 | 00,000,486 | ---- | C] () -- A:\Windows\tasks\Malwarebytes' Scheduled Update for Manfred.job
[2009/08/14 08:46:09 | 00,000,000 | ---D | C] -- A:\Users\Manfred\AppData\Roaming\Malwarebytes
[2009/08/14 08:46:07 | 00,000,984 | ---- | C] () -- A:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/14 08:46:05 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- A:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/14 08:46:04 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- A:\Windows\System32\drivers\mbam.sys
[2009/08/14 08:46:04 | 00,000,000 | ---D | C] -- A:\ProgramData\Malwarebytes
[2009/08/14 08:46:04 | 00,000,000 | ---D | C] -- A:\Program Files\Malwarebytes' Anti-Malware
[2009/08/13 21:14:20 | 00,000,069 | ---- | C] () -- A:\Windows\NeroDigital.ini
[2009/08/12 21:42:24 | 00,000,244 | ---- | C] () -- A:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/08/12 21:42:17 | 00,000,270 | ---- | C] () -- A:\Windows\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
[2009/08/12 19:21:09 | 00,000,621 | ---- | C] () -- A:\Users\Manfred\Desktop\Elevated Command Prompt.lnk
[2009/08/12 18:02:10 | 00,001,251 | ---- | C] () -- A:\Users\Manfred\Desktop\Spybot - Search & Destroy.lnk
[2009/08/12 18:02:06 | 00,000,000 | ---D | C] -- A:\Program Files\Spybot - Search & Destroy
[2009/06/13 03:04:58 | 00,000,403 | ---- | C] () -- A:\Windows\win.ini
[2009/06/13 03:04:58 | 00,000,219 | ---- | C] () -- A:\Windows\system.ini
[2009/06/13 02:16:29 | 00,000,010 | ---- | C] () -- A:\Windows\System32\FInstall.sys
[2009/06/13 01:02:16 | 00,073,728 | ---- | C] () -- A:\Windows\System32\BthpanContextHandler.dll
[2009/06/13 00:52:52 | 00,064,000 | ---- | C] () -- A:\Windows\System32\BWContextHandler.dll
[2009/05/13 08:39:12 | 00,020,480 | ---- | C] () -- A:\Windows\System32\wbvfsinst.dll
[2007/12/02 13:28:14 | 00,053,248 | ---- | C] () -- A:\Windows\System32\PhysXLoader.dll
[2006/07/24 06:37:06 | 00,061,440 | ---- | C] () -- A:\Windows\System32\Tao.Platform.Windows.dll
[2006/07/24 06:36:26 | 02,441,216 | ---- | C] () -- A:\Windows\System32\Tao.OpenGl.dll
[2006/04/03 08:41:06 | 00,032,768 | ---- | C] () -- A:\Windows\System32\Zip.dll

========== Files - Modified Within 30 Days ==========

[1 A:\Windows\*.tmp files]
[2009/09/11 10:37:30 | 00,536,064 | ---- | M] (OldTimer Tools) -- A:\Users\Manfred\Desktop\OTL.exe
[2009/09/11 10:37:00 | 00,000,886 | ---- | M] () -- A:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/09/11 09:23:56 | 00,713,888 | ---- | M] () -- A:\Windows\System32\PerfStringBackup.INI
[2009/09/11 09:23:56 | 00,619,642 | ---- | M] () -- A:\Windows\System32\perfh009.dat
[2009/09/11 09:23:56 | 00,107,792 | ---- | M] () -- A:\Windows\System32\perfc009.dat
[2009/09/11 09:21:58 | 00,301,568 | ---- | M] (Microsoft Corporation) -- A:\Windows\System32\cmd.execf
[2009/09/11 09:19:42 | 00,000,882 | ---- | M] () -- A:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/09/11 09:19:35 | 00,000,006 | -H-- | M] () -- A:\Windows\tasks\SA.DAT
[2009/09/11 09:19:28 | 00,067,584 | --S- | M] () -- A:\Windows\bootstat.dat
[2009/09/11 09:19:21 | 24,146,78016 | -HS- | M] () -- A:\hiberfil.sys
[2009/09/11 09:05:51 | 00,013,216 | -H-- | M] () -- A:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/11 09:05:51 | 00,013,216 | -H-- | M] () -- A:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/11 09:02:54 | 03,316,046 | ---- | M] () -- A:\Users\Manfred\Desktop\123.exe
[2009/09/11 07:58:07 | 00,313,344 | ---- | M] () -- A:\Users\Manfred\Desktop\GAMER.exe
[2009/09/11 07:55:30 | 00,781,909 | ---- | M] () -- A:\Users\Manfred\Desktop\RSIT.exe
[2009/09/10 20:45:06 | 00,001,441 | ---- | M] () -- A:\Users\Manfred\Desktop\THE WIRE - Shortcut.lnk
[2009/09/10 20:44:37 | 00,000,069 | ---- | M] () -- A:\Windows\NeroDigital.ini
[2009/09/10 20:44:36 | 00,008,192 | ---- | M] () -- A:\Users\Manfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/10 20:12:11 | 00,000,500 | ---- | M] () -- A:\Windows\tasks\Malwarebytes' Scheduled Scan for Manfred.job
[2009/09/10 20:12:11 | 00,000,486 | ---- | M] () -- A:\Windows\tasks\Malwarebytes' Scheduled Update for Manfred.job
[2009/09/10 20:02:48 | 00,000,716 | ---- | M] () -- A:\2557642.exe
[2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- A:\Windows\System32\drivers\mbamswissarmy.sys
[2009/09/10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- A:\Windows\System32\drivers\mbam.sys
[2009/09/09 03:43:08 | 00,210,352 | ---- | M] (Tonec Inc.) -- A:\Windows\System32\idmmbc.dll
[2009/09/07 00:49:52 | 00,000,015 | ---- | M] () -- A:\Users\Manfred\Desktop\settings.dat
[2009/09/06 20:30:42 | 00,061,440 | ---- | M] (USA) -- A:\Windows\System32\msxm192z.dll
[2009/09/06 11:10:34 | 00,002,044 | ---- | M] () -- A:\Users\Manfred\Desktop\HijackThis.lnk
[2009/09/06 10:54:57 | 00,495,104 | ---- | M] ( ) -- A:\Users\Manfred\Desktop\RootRepeal.exe
[2009/09/06 10:53:25 | 00,359,929 | ---- | M] () -- A:\Users\Manfred\Desktop\dds.exe
[2009/09/06 10:51:45 | 00,000,899 | ---- | M] () -- A:\Users\Manfred\Desktop\NTREGOPT.lnk
[2009/09/06 10:51:45 | 00,000,880 | ---- | M] () -- A:\Users\Manfred\Desktop\ERUNT.lnk
[2009/09/05 15:53:24 | 00,054,709 | ---- | M] (SornSoft) -- A:\Program Files\Common Files\alg.exe
[2009/09/05 09:27:16 | 00,077,882 | ---- | M] () -- A:\Users\Manfred\Documents\cc_20090905_092702.reg
[2009/09/05 09:25:47 | 00,001,836 | ---- | M] () -- A:\Users\Manfred\Desktop\CCleaner.lnk
[2009/08/30 00:40:13 | 00,001,025 | ---- | M] () -- A:\Users\Public\Desktop\Avidemux 2.5.lnk
[2009/08/29 11:23:14 | 13,965,903 | ---- | M] () -- A:\Users\Manfred\Desktop\P3Zine_30.pdf
[2009/08/26 20:04:06 | 00,000,017 | ---- | M] () -- A:\Windows\popcinfo.dat
[2009/08/26 20:03:41 | 00,002,012 | ---- | M] () -- A:\Users\Manfred\Desktop\Heavy Weapon Deluxe.lnk
[2009/08/24 18:35:13 | 00,000,975 | ---- | M] () -- A:\Users\Manfred\Desktop\Temp - Shortcut.lnk
[2009/08/24 17:46:08 | 00,413,696 | ---- | M] (Creative Labs) -- A:\Windows\System32\wrap_oal.dll
[2009/08/24 17:46:08 | 00,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- A:\Windows\System32\OpenAL32.dll
[2009/08/24 15:50:46 | 00,001,069 | ---- | M] () -- A:\Users\Public\Desktop\Droplitz.lnk
[2009/08/24 15:38:56 | 00,001,213 | ---- | M] () -- A:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2009/08/21 22:12:44 | 00,001,072 | ---- | M] () -- A:\Users\Public\Desktop\Trojan Remover.lnk
[2009/08/21 09:10:23 | 00,000,000 | -H-- | M] () -- A:\Windows\System32\drivers\Msft_User_wbvfs201_01_09_00.Wdf
[2009/08/20 17:26:00 | 00,604,488 | ---- | M] (TuneUp Software) -- A:\Windows\System32\TUProgSt.exe
[2009/08/20 17:25:51 | 00,361,288 | ---- | M] (TuneUp Software) -- A:\Windows\System32\TuneUpDefragService.exe
[2009/08/20 17:25:49 | 00,001,716 | ---- | M] () -- A:\Users\Public\Desktop\TuneUp Utilities 2009.lnk
[2009/08/18 20:05:32 | 00,001,816 | ---- | M] () -- A:\Users\Public\Desktop\ImgBurn.lnk
[2009/08/18 19:26:16 | 00,011,130 | ---- | M] () -- A:\Users\Manfred\Documents\cc_20090818_192608.reg
[2009/08/18 19:16:41 | 00,000,621 | ---- | M] () -- A:\Users\Manfred\Desktop\Elevated Command Prompt.lnk
[2009/08/17 22:14:52 | 00,001,865 | ---- | M] () -- A:\Users\Manfred\Desktop\DVD Flick.lnk
[2009/08/17 20:55:42 | 00,000,998 | ---- | M] () -- A:\Users\Manfred\Desktop\KMPlayer.lnk
[2009/08/17 19:19:43 | 00,001,770 | ---- | M] () -- A:\Users\Manfred\Desktop\PlantsVsZombies.lnk
[2009/08/17 19:19:43 | 00,001,647 | ---- | M] () -- A:\Users\Manfred\Desktop\Peggle.lnk
[2009/08/15 16:06:08 | 00,002,108 | ---- | M] () -- A:\Users\Manfred\Desktop\SUPERAntiSpyware Professional.lnk
[2009/08/15 15:59:25 | 00,015,254 | ---- | M] () -- A:\Users\Manfred\Documents\cc_20090815_155916.reg
[2009/08/14 08:46:07 | 00,000,984 | ---- | M] () -- A:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/12 21:42:24 | 00,000,244 | ---- | M] () -- A:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/08/12 21:42:17 | 00,000,270 | ---- | M] () -- A:\Windows\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
[2009/08/12 20:39:19 | 00,001,251 | ---- | M] () -- A:\Users\Manfred\Desktop\Spybot - Search & Destroy.lnk
[2009/08/12 18:10:59 | 00,321,585 | R--- | M] () -- A:\Windows\System32\drivers\etc\hosts

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> A:\ProgramData\TEMP:CB0AACC9
< End of report >

Edited by hatinmyPC, 11 September 2009 - 12:45 PM.


#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 September 2009 - 12:49 PM

Tell me, what kind of Windows that you're using.. Is this your own computer or your company?.. Or you work on someone else computer here?

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#13 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 11 September 2009 - 12:51 PM

There was an Extras Logfile as well


OTL Extras logfile created on: 9/11/2009 10:37:50 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = A:\Users\Manfred\Desktop
Ultimate Edition (Version = 6.1.7260) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7260.0)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = A: | %SystemRoot% = A:\Windows | %ProgramFiles% = A:\Program Files
Drive C: | 156.05 Gb Total Space | 18.30 Gb Free Space | 11.73% Space Free | Partition Type: NTFS
Drive D: | 64.52 Gb Total Space | 43.22 Gb Free Space | 66.99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 33.85 Gb Total Space | 6.87 Gb Free Space | 20.28% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MY_LAPPY
Current User Name: Manfred
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- A:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- A:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- A:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- A:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{61FFBE12-E3AD-442A-B261-A086041DB37A}" = Validity WinBio DDK
"{961D35E8-D426-3E2E-8222-F4FFD9E104FD}" = Google Gears
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBF5B57A-3A78-4A46-855C-766EB333F989}" = DigitalPersona Enrollment 1.0.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{EB711BC7-0FDF-460C-A00C-DF8E5E996037}" = Twingly Screensaver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"2006A9BCFF469B427E245C637F4629519490F43E" = Windows Driver Package - NVIDIA (nvlddmkm) Display (02/26/2009 8.15.11.8171)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avidemux 2.5" = Avidemux 2.5
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"DFX for Winamp" = DFX for Winamp
"DFX for Windows Media Player" = DFX for Windows Media Player
"Driver Magician_is1" = Driver Magician 3.45
"Droplitz_is1" = Droplitz
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Heavy Weapon Deluxe" = Heavy Weapon Deluxe
"HijackThis" = HijackThis 2.0.2
"HyperSnap 6" = HyperSnap 6
"ImgBurn" = ImgBurn
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.0.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"Nero7Lite_is1" = Nero 7 Lite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Revo Uninstaller" = Revo Uninstaller 1.83
"Trojan Remover_is1" = Trojan Remover 6.8.1
"VirtualCloneDrive" = VirtualCloneDrive
"Winamp" = Winamp

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/7/2009 11:57:56 PM | Computer Name = MY_LAPPY | Source = System Restore | ID = 8210
Description =

Error - 9/7/2009 11:58:43 PM | Computer Name = MY_LAPPY | Source = SDWinSec.exe | ID = 0
Description =

Error - 9/7/2009 11:59:43 PM | Computer Name = MY_LAPPY | Source = SDWinSec.exe | ID = 0
Description =

Error - 9/8/2009 12:00:43 AM | Computer Name = MY_LAPPY | Source = SDWinSec.exe | ID = 0
Description =

Error - 9/8/2009 12:12:27 AM | Computer Name = MY_LAPPY | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2010-02-15T23:59:27Z.
Error Code: 0x80041321.

Error - 9/8/2009 5:25:40 PM | Computer Name = MY_LAPPY | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2010-02-15T23:59:40Z.
Error Code: 0x80041321.

Error - 9/10/2009 11:02:45 PM | Computer Name = MY_LAPPY | Source = Application Error | ID = 1000
Description = Faulting application name: VRT1822.tmp, version: 0.0.0.0, time stamp:
0x4a9278ee Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0xec0e4e8e Faulting process id: 0xf74 Faulting application
start time: 0x01ca328c54ed455d Faulting application path: A:\Windows\TEMP\VRT1822.tmp
Faulting
module path: unknown Report Id: 93a6cbbd-9e7f-11de-8150-00a0d1a73102

Error - 9/10/2009 11:09:07 PM | Computer Name = MY_LAPPY | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2010-02-15T23:59:07Z.
Error Code: 0x80041321.

Error - 9/10/2009 11:14:55 PM | Computer Name = MY_LAPPY | Source = Application Error | ID = 1000
Description = Faulting application name: mbamservice.exe, version: 1.0.4.0, time
stamp: 0x4aa9260e Faulting module name: mbamservice.exe, version: 1.0.4.0, time
stamp: 0x4aa9260e Exception code: 0xc0000005 Fault offset: 0x0002c223 Faulting process
id: 0x9d8 Faulting application start time: 0x01ca328dad512e43 Faulting application
path: A:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe Faulting module
path: A:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe Report Id: 47027a13-9e81-11de-816d-00a0d1a73102

Error - 9/10/2009 11:30:03 PM | Computer Name = MY_LAPPY | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2010-02-15T23:59:54Z.
Error Code: 0x80041321.

[ System Events ]
Error - 9/11/2009 12:18:14 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/11/2009 12:18:14 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/11/2009 12:18:14 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/11/2009 12:18:14 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/11/2009 12:18:14 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/11/2009 12:18:14 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/11/2009 12:18:17 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 9/11/2009 12:19:33 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%1153

Error - 9/11/2009 12:19:38 PM | Computer Name = MY_LAPPY | Source = Service Control Manager | ID = 7023
Description = The TuneUp Program Statistics Service service terminated with the
following error: %%1153

Error - 9/11/2009 12:19:49 PM | Computer Name = MY_LAPPY | Source = DCOM | ID = 10001
Description =


< End of report >

#14 hatinmyPC

hatinmyPC
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 11 September 2009 - 12:52 PM

I'm using Windows 7.It's my own personal pc-not for work

#15 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 11 September 2009 - 12:55 PM

Is this 32-bit or 64-bit Windows?

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users