Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Irritating Problem topic 2 with logs!


  • This topic is locked This topic is locked
29 replies to this topic

#1 manutdj28

manutdj28

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 21 August 2011 - 08:58 AM

I previously posted a topic on the description of the problem which can be located here > http://www.bleepingcomputer.com/forums/topic415376.html
, but after some help i was directed to make a couple of logs to post them here, and the results will follow...


.

DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_26
Run by Jamie at 14:28:07 on 2011-08-21
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1014.453 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\cidaemon.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar =
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\jamie\startm~1\programs\startup\shortc~1.lnk - c:\program files\alwil software\avast5\AvastUI.exe
uPolicies-explorer: NoRealMode = 0 (0x0)
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{234E8AEC-0D8C-44B8-9939-49D50C41E484} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli scecli
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\jamie\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\jamie\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-13 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-30 309848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-6-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-6-30 29400]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-30 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-30 42184]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-6-30 1793712]
R3 NETwLx32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2011-6-17 6609920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\wcmvcam.sys [2011-6-13 1066808]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2009-3-9 20160]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-5-21 1691480]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-6-16 13224]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-7-24 41272]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 NVIDIAHWAccess;NVIDIAHWAccess;\??\c:\documents and settings\jamie\application data\nvidia\hwaccess.sys --> c:\documents and settings\jamie\application data\nvidia\HWAccess.sys [?]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [2010-11-25 8576]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
chm.file=
JSEFile=NOTEPAD.EXE %1
regfile="regedit.exe "%1""
txtfile=c:\windows\NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-08-21 03:49:56 -------- d-----w- c:\documents and settings\jamie\application data\SUPERAntiSpyware.com
2011-08-21 03:48:46 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-21 03:46:21 709968 ----a-w- c:\windows\isRS-000.tmp
2011-08-21 01:57:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-17 20:19:39 5968087 ----a-w- c:\windows\system\mshtml.dll
2011-08-17 14:39:25 -------- d-----w- c:\documents and settings\jamie\application data\Registry Mechanic
2011-08-15 18:42:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-08-15 18:42:35 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-08-15 18:30:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-08-15 18:30:37 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-08-15 18:30:36 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-08-15 18:30:32 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-08-15 18:30:28 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-08-15 18:30:07 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2011-08-15 18:30:00 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2011-08-15 18:29:58 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2011-08-15 18:29:54 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2011-08-15 18:29:52 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2011-08-15 18:29:33 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2011-08-15 18:29:25 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2011-08-15 18:29:21 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2011-08-15 18:29:11 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2011-08-15 18:29:05 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2011-08-15 18:29:01 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2011-08-15 18:27:59 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2011-08-15 18:26:59 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2011-08-15 18:25:35 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2011-08-15 18:25:31 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2011-08-15 18:25:27 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2011-08-15 18:25:23 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2011-08-15 18:25:19 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2011-08-15 18:25:15 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2011-08-15 18:25:10 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2011-08-15 18:25:06 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2011-08-15 18:25:05 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2011-08-15 18:25:01 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2011-08-15 18:24:56 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys
2011-08-15 18:24:52 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2011-08-15 18:24:48 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2011-08-15 18:24:44 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2011-08-15 18:24:39 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2011-08-15 18:24:32 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2011-08-15 18:24:28 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2011-08-15 18:24:27 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2011-08-15 18:24:21 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2011-08-15 18:24:17 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2011-08-15 18:24:00 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2011-08-15 18:22:58 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-08-15 18:22:55 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-08-15 18:22:51 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2011-08-15 18:22:47 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2011-08-15 18:22:36 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-08-15 18:22:32 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2011-08-15 18:22:19 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2011-08-15 18:22:13 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2011-08-15 18:22:10 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2011-08-15 18:22:06 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys
2011-08-15 18:22:02 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2011-08-15 18:21:59 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2011-08-15 18:21:55 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2011-08-15 18:21:52 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2011-08-15 18:21:48 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2011-08-15 18:21:47 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2011-08-15 18:21:28 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2011-08-15 18:20:53 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2011-08-15 18:20:45 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2011-08-15 18:20:41 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2011-08-15 18:20:38 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2011-08-15 18:20:34 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-08-15 18:20:31 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2011-08-15 18:20:30 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2011-08-15 18:20:28 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2011-08-15 18:20:18 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2011-08-15 18:20:14 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2011-08-15 18:20:08 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2011-08-15 18:18:31 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2011-08-15 18:18:28 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2011-08-15 18:18:24 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2011-08-15 18:18:21 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2011-08-15 18:18:17 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2011-08-15 18:18:12 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-08-15 18:18:08 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2011-08-15 18:18:00 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2011-08-15 18:16:57 41216 -c--a-w- c:\windows\system32\dllcache\s3mt3d.sys
2011-08-15 18:15:44 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2011-08-15 18:15:39 714762 -c--a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2011-08-15 18:15:36 899146 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2011-08-15 18:15:32 41472 -c--a-w- c:\windows\system32\dllcache\qvusd.dll
2011-08-15 18:15:29 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys
2011-08-15 18:15:19 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys
2011-08-15 18:15:16 40448 -c--a-w- c:\windows\system32\dllcache\ql1240.sys
2011-08-15 18:15:12 45312 -c--a-w- c:\windows\system32\dllcache\ql12160.sys
2011-08-15 18:15:09 33152 -c--a-w- c:\windows\system32\dllcache\ql10wnt.sys
2011-08-15 18:15:05 40320 -c--a-w- c:\windows\system32\dllcache\ql1080.sys
2011-08-15 18:15:04 6016 -c--a-w- c:\windows\system32\dllcache\qic157.sys
2011-08-15 18:14:59 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys
2011-08-15 18:14:56 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys
2011-08-15 18:14:53 128286 -c--a-w- c:\windows\system32\dllcache\ptserli.sys
2011-08-15 18:14:52 159232 -c--a-w- c:\windows\system32\dllcache\ptpusd.dll
2011-08-15 18:14:48 5632 -c--a-w- c:\windows\system32\dllcache\ptpusb.dll
2011-08-15 18:14:43 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2011-08-15 18:14:42 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-08-15 18:14:39 16128 -c--a-w- c:\windows\system32\dllcache\pscr.sys
2011-08-15 18:14:12 17664 -c--a-w- c:\windows\system32\dllcache\ppa3.sys
2011-08-15 18:14:09 17792 -c--a-w- c:\windows\system32\dllcache\ppa.sys
2011-08-15 18:14:08 8832 -c--a-w- c:\windows\system32\dllcache\powerfil.sys
2011-08-15 18:14:04 7168 -c--a-w- c:\windows\system32\dllcache\pnrmc.sys
2011-08-15 18:12:59 30282 -c--a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2011-08-15 18:11:57 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2011-08-15 18:11:53 54528 -c--a-w- c:\windows\system32\dllcache\opl3sax.sys
2011-08-15 18:11:42 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2011-08-15 18:11:39 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2011-08-15 18:11:31 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-08-15 18:11:24 9344 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2011-08-15 18:11:21 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2011-08-15 18:11:20 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2011-08-15 18:11:15 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2011-08-15 18:11:12 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2011-08-15 18:11:07 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2011-08-15 18:11:04 132695 -c--a-w- c:\windows\system32\dllcache\netwlan5.sys
2011-08-15 18:09:55 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys
2011-08-15 18:09:42 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2011-08-15 18:09:36 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2011-08-15 18:09:27 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2011-08-15 18:09:25 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2011-08-15 18:09:11 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2011-08-15 18:09:08 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2011-08-15 18:09:07 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2011-08-15 18:08:58 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2011-08-15 18:08:53 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2011-08-15 18:08:48 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2011-08-15 18:08:41 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2011-08-15 18:08:27 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2011-08-15 18:08:24 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2011-08-15 18:08:04 26112 -c--a-w- c:\windows\system32\dllcache\memstpci.sys
2011-08-15 18:08:01 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2011-08-15 18:06:58 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2011-08-15 18:06:55 15744 -c--a-w- c:\windows\system32\dllcache\lit220p.sys
2011-08-15 18:06:54 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2011-08-15 18:06:51 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2011-08-15 18:06:48 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2011-08-15 18:06:42 37376 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2011-08-15 18:06:36 48640 -c--a-w- c:\windows\system32\dllcache\kdsui.dll
2011-08-15 18:06:36 253952 -c--a-w- c:\windows\system32\dllcache\kdsusd.dll
2011-08-15 18:04:10 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2011-08-15 18:04:07 18688 -c--a-w- c:\windows\system32\dllcache\irsir.sys
2011-08-15 18:04:06 28160 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2011-08-15 18:04:03 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2011-08-15 18:04:03 151552 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2011-08-15 18:04:02 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys
2011-08-15 18:03:56 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2011-08-15 18:03:53 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll
2011-08-15 18:03:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys
2011-08-15 18:03:49 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
2011-08-15 18:03:46 13056 -c--a-w- c:\windows\system32\dllcache\inport.sys
2011-08-15 18:03:44 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys
2011-08-15 18:00:44 488383 -c--a-w- c:\windows\system32\dllcache\hsf_v124.sys
2011-08-15 17:59:57 25952 -c--a-w- c:\windows\system32\dllcache\hpn.sys
2011-08-15 17:58:57 17408 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2011-08-15 17:58:55 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2011-08-15 17:58:54 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2011-08-15 17:58:52 322432 -c--a-w- c:\windows\system32\dllcache\g400m.sys
2011-08-15 17:58:50 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2011-08-15 17:58:47 320384 -c--a-w- c:\windows\system32\dllcache\g200m.sys
2011-08-15 17:58:45 470144 -c--a-w- c:\windows\system32\dllcache\g200d.dll
2011-08-15 17:58:43 454912 -c--a-w- c:\windows\system32\dllcache\fxusbase.sys
2011-08-15 17:57:39 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2011-08-15 17:57:37 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2011-08-15 17:57:35 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys
2011-08-15 17:57:25 442240 -c--a-w- c:\windows\system32\dllcache\fpnpbase.sys
2011-08-15 17:57:22 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2011-08-15 17:57:20 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2011-08-15 17:57:19 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2011-08-15 17:57:16 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2011-08-15 17:56:46 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2011-08-15 17:56:40 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2011-08-15 17:56:33 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2011-08-15 17:56:31 16074 -c--a-w- c:\windows\system32\dllcache\fa312nd5.sys
2011-08-15 17:56:29 11850 -c--a-w- c:\windows\system32\dllcache\f3ab18xj.sys
2011-08-15 17:56:27 12362 -c--a-w- c:\windows\system32\dllcache\f3ab18xi.sys
2011-08-15 17:56:24 7040 -c--a-w- c:\windows\system32\dllcache\exabyte2.sys
2011-08-15 17:56:22 16998 -c--a-w- c:\windows\system32\dllcache\ex10.sys
2011-08-15 17:56:14 45568 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2011-08-15 17:56:12 45568 -c--a-w- c:\windows\system32\dllcache\esuni.dll
2011-08-15 17:56:09 34816 -c--a-w- c:\windows\system32\dllcache\esuimg.dll
2011-08-15 17:54:59 69692 -c--a-w- c:\windows\system32\dllcache\el575nd5.sys
2011-08-15 17:53:59 131156 -c--a-w- c:\windows\system32\dllcache\digidbp.dll
2011-08-15 17:52:50 60970 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2011-08-15 17:51:52 49182 -c--a-w- c:\windows\system32\dllcache\cem56n5.sys
2011-08-15 17:46:18 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2011-08-15 17:45:59 2944 -c--a-w- c:\windows\system32\dllcache\brfilt.sys
2011-08-15 17:44:52 97354 -c--a-w- c:\windows\system32\dllcache\aspndis3.sys
2011-08-15 17:43:59 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys
2011-08-15 17:43:59 689216 -c--a-w- c:\windows\system32\dllcache\3dfxvs.dll
2011-08-15 17:43:59 148352 -c--a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2011-08-15 17:43:58 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys
2011-08-15 17:43:28 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2011-08-11 17:24:38 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-08-11 17:24:37 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-08-11 17:24:36 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-08-11 17:24:31 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-08-11 17:24:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-08-11 17:24:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-08-11 17:22:53 -------- d-----w- c:\program files\Cryptic Studios
2011-07-26 17:51:32 -------- d-----w- c:\documents and settings\jamie\local settings\application data\XboxMB
2011-07-26 17:50:50 -------- d-----w- c:\windows\XSxS
2011-07-26 17:50:50 -------- d-----w- c:\program files\Xenocode
2011-07-26 17:50:50 -------- d-----w- c:\documents and settings\jamie\local settings\application data\Xenocode
.
==================== Find3M ====================
.
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 18:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 18:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-30 08:38:14 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38:14 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38:12 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37:26 285256 ----a-w- c:\windows\system32\guard32.dll
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-17 21:54:25 720896 ----a-w- c:\windows\iun6002.exe
2011-06-13 20:05:10 1066808 ----a-w- c:\windows\system32\drivers\wcmvcam.sys
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 14:30:15.95 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:59 PM

Posted 26 August 2011 - 09:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/415425 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 27 August 2011 - 08:53 PM

I already have a previous topic to this, but for any new readers...

A few months back i experienced several of my applications including internet explorer,
windows live messenger and skype, all came up with the message, (Application name) has
encountered a problem and needs to close immediately after startup. After a while i
noticed that these programs only have this problem when a advertisement or something pops
up via the internet. E.g When the (welcome to windows live messenger) window popped up.
Recently this problem just randomly stopped!, i was so happy but now the problem i have
is i downloaded Adobe photoshop CS3 and the "adobe setup" had the same problem i gave
up trying to install it and one day i gave it another go, but now the problem has gone
but another one has been created.

Now when i open it instead of the (encounter a problem...)
message simply nothing happens after the sandtimer has flickerd a few times.

Now i don't know if this is any help but iv'e never been able to open my sound manger/
Control panel thing which is realtek for the same reason as it just doesnt open at all.


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:59 AM

Posted 27 August 2011 - 09:04 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

----------------------------------------------

The Gmer log in your last topic shows that you have been infected by a TDSS rootkit so we will try and remove that first.

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\


Now run aswMBR


Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#5 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 27 August 2011 - 10:31 PM

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_26
Run by Jamie at 2:54:41 on 2011-08-28
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1014.433 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar =
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\jamie\startm~1\programs\startup\shortc~1.lnk - c:\program files\alwil software\avast5\AvastUI.exe
uPolicies-explorer: NoRealMode = 0 (0x0)
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{234E8AEC-0D8C-44B8-9939-49D50C41E484} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli scecli
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\jamie\application data\electronic arts\game face\npGameFacePlugin.dll
FF - plugin: c:\documents and settings\jamie\application data\mozilla\firefox\profiles\q91jrw6m.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\jamie\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\jamie\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-13 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-30 309848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-6-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-6-30 29400]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-30 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-30 42184]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-6-30 1793712]
R3 NETwLx32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2011-6-17 6609920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\wcmvcam.sys [2011-6-13 1066808]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2009-3-9 20160]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-5-21 1691480]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-6-16 13224]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-7-24 41272]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 NVIDIAHWAccess;NVIDIAHWAccess;\??\c:\documents and settings\jamie\application data\nvidia\hwaccess.sys --> c:\documents and settings\jamie\application data\nvidia\HWAccess.sys [?]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [2010-11-25 8576]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
chm.file=
JSEFile=NOTEPAD.EXE %1
regfile="regedit.exe "%1""
txtfile=c:\windows\NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-08-24 23:54:34 -------- d-----w- c:\program files\Foxit Software
2011-08-24 19:18:19 -------- d-----w- c:\documents and settings\jamie\application data\Electronic Arts
2011-08-21 03:49:56 -------- d-----w- c:\documents and settings\jamie\application data\SUPERAntiSpyware.com
2011-08-21 03:48:46 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-21 01:57:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-17 20:19:39 5968087 ----a-w- c:\windows\system\mshtml.dll
2011-08-17 14:39:25 -------- d-----w- c:\documents and settings\jamie\application data\Registry Mechanic
2011-08-15 18:42:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-08-15 18:42:35 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-08-15 18:30:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-08-15 18:30:37 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-08-15 18:30:36 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-08-15 18:30:32 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-08-15 18:30:28 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-08-15 18:30:07 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2011-08-15 18:30:00 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2011-08-15 18:29:58 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2011-08-15 18:29:54 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2011-08-15 18:29:52 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2011-08-15 18:29:33 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2011-08-15 18:29:25 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2011-08-15 18:29:21 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2011-08-15 18:29:11 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2011-08-15 18:29:05 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2011-08-15 18:29:01 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2011-08-15 18:27:59 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2011-08-15 18:26:59 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2011-08-15 18:25:35 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2011-08-15 18:25:31 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2011-08-15 18:25:27 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2011-08-15 18:25:23 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2011-08-15 18:25:19 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2011-08-15 18:25:15 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2011-08-15 18:25:10 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2011-08-15 18:25:06 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2011-08-15 18:25:05 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2011-08-15 18:25:01 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2011-08-15 18:24:56 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys
2011-08-15 18:24:52 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2011-08-15 18:24:48 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2011-08-15 18:24:44 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2011-08-15 18:24:39 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2011-08-15 18:24:32 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2011-08-15 18:24:28 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2011-08-15 18:24:27 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2011-08-15 18:24:21 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2011-08-15 18:24:17 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2011-08-15 18:24:00 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2011-08-15 18:22:58 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-08-15 18:22:55 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-08-15 18:22:51 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2011-08-15 18:22:47 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2011-08-15 18:22:36 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-08-15 18:22:32 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2011-08-15 18:22:19 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2011-08-15 18:22:13 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2011-08-15 18:22:10 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2011-08-15 18:22:06 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys
2011-08-15 18:22:02 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2011-08-15 18:21:59 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2011-08-15 18:21:55 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2011-08-15 18:21:52 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2011-08-15 18:21:48 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2011-08-15 18:21:47 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2011-08-15 18:21:28 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2011-08-15 18:20:53 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2011-08-15 18:20:45 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2011-08-15 18:20:41 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2011-08-15 18:20:38 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2011-08-15 18:20:34 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-08-15 18:20:31 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2011-08-15 18:20:30 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2011-08-15 18:20:28 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2011-08-15 18:20:18 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2011-08-15 18:20:14 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2011-08-15 18:20:08 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2011-08-15 18:18:31 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2011-08-15 18:18:28 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2011-08-15 18:18:24 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2011-08-15 18:18:21 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2011-08-15 18:18:17 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2011-08-15 18:18:12 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-08-15 18:18:08 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2011-08-15 18:18:00 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2011-08-15 18:16:57 41216 -c--a-w- c:\windows\system32\dllcache\s3mt3d.sys
2011-08-15 18:15:44 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2011-08-15 18:15:39 714762 -c--a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2011-08-15 18:15:36 899146 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2011-08-15 18:15:32 41472 -c--a-w- c:\windows\system32\dllcache\qvusd.dll
2011-08-15 18:15:29 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys
2011-08-15 18:15:19 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys
2011-08-15 18:15:16 40448 -c--a-w- c:\windows\system32\dllcache\ql1240.sys
2011-08-15 18:15:12 45312 -c--a-w- c:\windows\system32\dllcache\ql12160.sys
2011-08-15 18:15:09 33152 -c--a-w- c:\windows\system32\dllcache\ql10wnt.sys
2011-08-15 18:15:05 40320 -c--a-w- c:\windows\system32\dllcache\ql1080.sys
2011-08-15 18:15:04 6016 -c--a-w- c:\windows\system32\dllcache\qic157.sys
2011-08-15 18:14:59 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys
2011-08-15 18:14:56 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys
2011-08-15 18:14:53 128286 -c--a-w- c:\windows\system32\dllcache\ptserli.sys
2011-08-15 18:14:52 159232 -c--a-w- c:\windows\system32\dllcache\ptpusd.dll
2011-08-15 18:14:48 5632 -c--a-w- c:\windows\system32\dllcache\ptpusb.dll
2011-08-15 18:14:43 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2011-08-15 18:14:42 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-08-15 18:14:39 16128 -c--a-w- c:\windows\system32\dllcache\pscr.sys
2011-08-15 18:14:12 17664 -c--a-w- c:\windows\system32\dllcache\ppa3.sys
2011-08-15 18:14:09 17792 -c--a-w- c:\windows\system32\dllcache\ppa.sys
2011-08-15 18:14:08 8832 -c--a-w- c:\windows\system32\dllcache\powerfil.sys
2011-08-15 18:14:04 7168 -c--a-w- c:\windows\system32\dllcache\pnrmc.sys
2011-08-15 18:12:59 30282 -c--a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2011-08-15 18:11:57 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2011-08-15 18:11:53 54528 -c--a-w- c:\windows\system32\dllcache\opl3sax.sys
2011-08-15 18:11:42 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2011-08-15 18:11:39 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2011-08-15 18:11:31 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-08-15 18:11:24 9344 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2011-08-15 18:11:21 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2011-08-15 18:11:20 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2011-08-15 18:11:15 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2011-08-15 18:11:12 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2011-08-15 18:11:07 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2011-08-15 18:11:04 132695 -c--a-w- c:\windows\system32\dllcache\netwlan5.sys
2011-08-15 18:09:55 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys
2011-08-15 18:09:42 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2011-08-15 18:09:36 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2011-08-15 18:09:27 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2011-08-15 18:09:25 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2011-08-15 18:09:11 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2011-08-15 18:09:08 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2011-08-15 18:09:07 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2011-08-15 18:08:58 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys
2011-08-15 18:08:53 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2011-08-15 18:08:48 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2011-08-15 18:08:41 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2011-08-15 18:08:27 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2011-08-15 18:08:24 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2011-08-15 18:08:04 26112 -c--a-w- c:\windows\system32\dllcache\memstpci.sys
2011-08-15 18:08:01 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2011-08-15 18:06:58 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2011-08-15 18:06:55 15744 -c--a-w- c:\windows\system32\dllcache\lit220p.sys
2011-08-15 18:06:54 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2011-08-15 18:06:51 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2011-08-15 18:06:48 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2011-08-15 18:06:42 37376 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2011-08-15 18:06:36 48640 -c--a-w- c:\windows\system32\dllcache\kdsui.dll
2011-08-15 18:06:36 253952 -c--a-w- c:\windows\system32\dllcache\kdsusd.dll
2011-08-15 18:04:10 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2011-08-15 18:04:07 18688 -c--a-w- c:\windows\system32\dllcache\irsir.sys
2011-08-15 18:04:06 28160 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2011-08-15 18:04:03 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2011-08-15 18:04:03 151552 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2011-08-15 18:04:02 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys
2011-08-15 18:03:56 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2011-08-15 18:03:53 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll
2011-08-15 18:03:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys
2011-08-15 18:03:49 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
2011-08-15 18:03:46 13056 -c--a-w- c:\windows\system32\dllcache\inport.sys
2011-08-15 18:03:44 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys
2011-08-15 18:00:44 488383 -c--a-w- c:\windows\system32\dllcache\hsf_v124.sys
2011-08-15 17:59:57 25952 -c--a-w- c:\windows\system32\dllcache\hpn.sys
2011-08-15 17:58:57 17408 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2011-08-15 17:58:55 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2011-08-15 17:58:54 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2011-08-15 17:58:52 322432 -c--a-w- c:\windows\system32\dllcache\g400m.sys
2011-08-15 17:58:50 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2011-08-15 17:58:47 320384 -c--a-w- c:\windows\system32\dllcache\g200m.sys
2011-08-15 17:58:45 470144 -c--a-w- c:\windows\system32\dllcache\g200d.dll
2011-08-15 17:58:43 454912 -c--a-w- c:\windows\system32\dllcache\fxusbase.sys
2011-08-15 17:57:39 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2011-08-15 17:57:37 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2011-08-15 17:57:35 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys
2011-08-15 17:57:25 442240 -c--a-w- c:\windows\system32\dllcache\fpnpbase.sys
2011-08-15 17:57:22 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2011-08-15 17:57:20 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2011-08-15 17:57:19 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2011-08-15 17:57:16 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2011-08-15 17:56:46 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2011-08-15 17:56:40 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2011-08-15 17:56:33 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2011-08-15 17:56:31 16074 -c--a-w- c:\windows\system32\dllcache\fa312nd5.sys
2011-08-15 17:56:29 11850 -c--a-w- c:\windows\system32\dllcache\f3ab18xj.sys
2011-08-15 17:56:27 12362 -c--a-w- c:\windows\system32\dllcache\f3ab18xi.sys
2011-08-15 17:56:24 7040 -c--a-w- c:\windows\system32\dllcache\exabyte2.sys
2011-08-15 17:56:22 16998 -c--a-w- c:\windows\system32\dllcache\ex10.sys
2011-08-15 17:56:14 45568 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2011-08-15 17:56:12 45568 -c--a-w- c:\windows\system32\dllcache\esuni.dll
2011-08-15 17:56:09 34816 -c--a-w- c:\windows\system32\dllcache\esuimg.dll
2011-08-15 17:54:59 69692 -c--a-w- c:\windows\system32\dllcache\el575nd5.sys
2011-08-15 17:53:59 131156 -c--a-w- c:\windows\system32\dllcache\digidbp.dll
2011-08-15 17:52:50 60970 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2011-08-15 17:51:52 49182 -c--a-w- c:\windows\system32\dllcache\cem56n5.sys
2011-08-15 17:46:18 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2011-08-15 17:45:59 2944 -c--a-w- c:\windows\system32\dllcache\brfilt.sys
2011-08-15 17:44:52 97354 -c--a-w- c:\windows\system32\dllcache\aspndis3.sys
2011-08-15 17:43:59 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys
2011-08-15 17:43:59 689216 -c--a-w- c:\windows\system32\dllcache\3dfxvs.dll
2011-08-15 17:43:59 148352 -c--a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2011-08-15 17:43:58 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys
2011-08-15 17:43:28 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2011-08-11 17:24:38 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-08-11 17:24:37 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-08-11 17:24:36 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-08-11 17:24:31 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-08-11 17:24:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-08-11 17:24:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-08-11 17:22:53 -------- d-----w- c:\program files\Cryptic Studios
.
==================== Find3M ====================
.
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 18:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 18:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-30 08:38:14 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38:14 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38:12 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37:26 285256 ----a-w- c:\windows\system32\guard32.dll
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-17 21:54:25 720896 ----a-w- c:\windows\iun6002.exe
2011-06-13 20:05:10 1066808 ----a-w- c:\windows\system32\drivers\wcmvcam.sys
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 2:56:42.04 ===============

Attached Files



#6 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 27 August 2011 - 10:38 PM

2011/08/28 04:36:09.0687 3236 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/28 04:36:09.0828 3236 ================================================================================
2011/08/28 04:36:09.0828 3236 SystemInfo:
2011/08/28 04:36:09.0828 3236
2011/08/28 04:36:09.0828 3236 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/28 04:36:09.0828 3236 Product type: Workstation
2011/08/28 04:36:09.0828 3236 ComputerName: USER-2C0EA6A532
2011/08/28 04:36:09.0828 3236 UserName: Jamie
2011/08/28 04:36:09.0828 3236 Windows directory: C:\WINDOWS
2011/08/28 04:36:09.0828 3236 System windows directory: C:\WINDOWS
2011/08/28 04:36:09.0828 3236 Processor architecture: Intel x86
2011/08/28 04:36:09.0828 3236 Number of processors: 1
2011/08/28 04:36:09.0828 3236 Page size: 0x1000
2011/08/28 04:36:09.0828 3236 Boot type: Normal boot
2011/08/28 04:36:09.0828 3236 ================================================================================
2011/08/28 04:36:11.0406 3236 Initialize success

#7 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 27 August 2011 - 10:51 PM

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-08-28 04:39:19
-----------------------------
04:39:19.578 OS Version: Windows 5.1.2600 Service Pack 3
04:39:19.578 Number of processors: 1 586 0x1601
04:39:19.578 ComputerName: USER-2C0EA6A532 UserName: Jamie
04:39:20.765 Initialize success
04:39:22.078 AVAST engine defs: 11082701
04:39:33.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
04:39:33.640 Disk 0 Vendor: TOSHIBA_MK8037GSX DL230M Size: 76319MB BusType: 3
04:39:35.750 Disk 0 MBR read successfully
04:39:35.750 Disk 0 MBR scan
04:39:35.765 Disk 0 Windows XP default MBR code
04:39:35.765 Disk 0 scanning sectors +156280320
04:39:35.906 Disk 0 scanning C:\WINDOWS\system32\drivers
04:40:28.750 Service scanning
04:40:29.937 Modules scanning
04:41:15.296 Disk 0 trace - called modules:
04:41:15.328 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
04:41:15.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87329ab8]
04:41:15.328 3 CLASSPNP.SYS[f782cfd7] -> nt!IofCallDriver -> \Device\00000085[0x872fb2a0]
04:41:15.500 5 ACPI.sys[f7783620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x87318940]
04:41:15.890 AVAST engine scan C:\WINDOWS
04:41:43.000 AVAST engine scan C:\WINDOWS\system32
04:44:21.921 AVAST engine scan C:\WINDOWS\system32\drivers
04:44:46.546 AVAST engine scan C:\Documents and Settings\Jamie
04:48:46.265 AVAST engine scan C:\Documents and Settings\All Users
04:49:07.406 Scan finished successfully
04:50:28.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jamie\Desktop\MBR.dat"
04:50:28.750 The log file has been saved successfully to "C:\Documents and Settings\Jamie\Desktop\aswMBR.txt"

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:59 AM

Posted 28 August 2011 - 09:37 AM

Can you run TDSSKiller again, the log didn't come out properly.
Posted Image
m0le is a proud member of UNITE

#9 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 28 August 2011 - 09:34 PM

2011/08/29 03:33:08.0674 1812 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/29 03:33:10.0674 1812 ================================================================================
2011/08/29 03:33:10.0674 1812 SystemInfo:
2011/08/29 03:33:10.0674 1812
2011/08/29 03:33:10.0674 1812 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/29 03:33:10.0674 1812 Product type: Workstation
2011/08/29 03:33:10.0674 1812 ComputerName: USER-2C0EA6A532
2011/08/29 03:33:10.0674 1812 UserName: Jamie
2011/08/29 03:33:10.0674 1812 Windows directory: C:\WINDOWS
2011/08/29 03:33:10.0674 1812 System windows directory: C:\WINDOWS
2011/08/29 03:33:10.0674 1812 Processor architecture: Intel x86
2011/08/29 03:33:10.0674 1812 Number of processors: 1
2011/08/29 03:33:10.0674 1812 Page size: 0x1000
2011/08/29 03:33:10.0674 1812 Boot type: Normal boot
2011/08/29 03:33:10.0674 1812 ================================================================================
2011/08/29 03:33:14.0768 1812 Initialize success
2011/08/29 03:33:18.0409 1804 ================================================================================
2011/08/29 03:33:18.0409 1804 Scan started
2011/08/29 03:33:18.0409 1804 Mode: Manual;
2011/08/29 03:33:18.0409 1804 ================================================================================
2011/08/29 03:33:19.0377 1804 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/29 03:33:19.0502 1804 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/29 03:33:19.0549 1804 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/08/29 03:33:19.0612 1804 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
2011/08/29 03:33:19.0768 1804 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/29 03:33:19.0831 1804 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/29 03:33:19.0940 1804 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/08/29 03:33:20.0268 1804 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/08/29 03:33:20.0471 1804 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/08/29 03:33:20.0627 1804 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/29 03:33:20.0659 1804 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/29 03:33:20.0690 1804 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/29 03:33:20.0768 1804 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/29 03:33:20.0893 1804 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/29 03:33:20.0971 1804 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/29 03:33:21.0034 1804 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/29 03:33:21.0081 1804 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/29 03:33:21.0221 1804 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/29 03:33:21.0299 1804 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/29 03:33:21.0362 1804 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/29 03:33:21.0424 1804 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
2011/08/29 03:33:21.0549 1804 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/29 03:33:21.0596 1804 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/29 03:33:21.0690 1804 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/29 03:33:21.0768 1804 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/29 03:33:21.0893 1804 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/29 03:33:21.0971 1804 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2011/08/29 03:33:22.0049 1804 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/08/29 03:33:22.0143 1804 cmdGuard (251f906328af49e7927a1ad12b543a2f) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
2011/08/29 03:33:22.0237 1804 cmdHlp (207f06d08afcdd3bbc801eab1a845cfb) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
2011/08/29 03:33:22.0299 1804 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/29 03:33:22.0456 1804 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/29 03:33:22.0534 1804 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/29 03:33:22.0627 1804 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/29 03:33:22.0674 1804 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/29 03:33:22.0737 1804 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/29 03:33:22.0815 1804 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/29 03:33:22.0909 1804 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/29 03:33:22.0987 1804 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/29 03:33:23.0018 1804 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/29 03:33:23.0049 1804 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/29 03:33:23.0112 1804 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/29 03:33:23.0190 1804 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/29 03:33:23.0237 1804 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/29 03:33:23.0299 1804 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
2011/08/29 03:33:23.0393 1804 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
2011/08/29 03:33:23.0471 1804 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/29 03:33:23.0549 1804 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/08/29 03:33:23.0627 1804 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/29 03:33:23.0752 1804 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/29 03:33:23.0862 1804 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/29 03:33:24.0002 1804 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/29 03:33:24.0284 1804 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/08/29 03:33:24.0674 1804 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/29 03:33:24.0784 1804 Inspect (c9953067b2c9e3d3dd44ec22d1e0815a) C:\WINDOWS\system32\DRIVERS\inspect.sys
2011/08/29 03:33:25.0034 1804 IntcAzAudAddService (8f924588c272fdaa28cf31a9bbc21a72) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/29 03:33:25.0346 1804 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/29 03:33:25.0409 1804 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/29 03:33:25.0456 1804 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/29 03:33:25.0502 1804 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/29 03:33:25.0565 1804 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/29 03:33:25.0690 1804 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/29 03:33:25.0737 1804 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/29 03:33:25.0784 1804 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/29 03:33:25.0815 1804 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/29 03:33:25.0893 1804 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/29 03:33:26.0034 1804 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/29 03:33:26.0112 1804 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/29 03:33:26.0221 1804 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/08/29 03:33:26.0284 1804 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/29 03:33:26.0424 1804 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/29 03:33:26.0534 1804 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/08/29 03:33:26.0612 1804 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/29 03:33:26.0737 1804 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/29 03:33:26.0799 1804 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/29 03:33:26.0877 1804 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/29 03:33:26.0971 1804 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/29 03:33:27.0081 1804 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/29 03:33:27.0143 1804 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/29 03:33:27.0190 1804 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/29 03:33:27.0221 1804 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/29 03:33:27.0284 1804 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/29 03:33:27.0331 1804 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/29 03:33:27.0393 1804 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/29 03:33:27.0518 1804 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/29 03:33:27.0581 1804 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/29 03:33:27.0643 1804 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/29 03:33:27.0690 1804 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/29 03:33:27.0799 1804 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/29 03:33:27.0831 1804 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/29 03:33:27.0893 1804 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/29 03:33:27.0956 1804 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/29 03:33:28.0002 1804 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/29 03:33:28.0174 1804 NETw4x32 (e0860951a0294826be9d1a64a42370b4) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
2011/08/29 03:33:28.0596 1804 NETwLx32 (72062b53186e4a3f5fcbc41ebb62b905) C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
2011/08/29 03:33:28.0971 1804 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/08/29 03:33:29.0018 1804 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/29 03:33:29.0096 1804 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
2011/08/29 03:33:29.0190 1804 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/29 03:33:29.0315 1804 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/29 03:33:29.0487 1804 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/29 03:33:29.0534 1804 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/29 03:33:29.0612 1804 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/08/29 03:33:29.0752 1804 PAEAFLT.sys (301e92ce7fb606f94f124a76d8145622) C:\WINDOWS\system32\DRIVERS\PAEAFLT.sys
2011/08/29 03:33:29.0815 1804 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/08/29 03:33:29.0846 1804 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/29 03:33:29.0909 1804 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/29 03:33:29.0940 1804 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/29 03:33:29.0987 1804 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/29 03:33:30.0018 1804 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/08/29 03:33:30.0252 1804 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/29 03:33:30.0440 1804 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/29 03:33:30.0456 1804 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/29 03:33:30.0518 1804 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/29 03:33:30.0706 1804 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/29 03:33:30.0799 1804 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/29 03:33:30.0846 1804 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/29 03:33:30.0940 1804 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/29 03:33:30.0987 1804 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/29 03:33:31.0049 1804 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/29 03:33:31.0096 1804 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/29 03:33:31.0190 1804 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/29 03:33:31.0284 1804 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/29 03:33:31.0440 1804 RPPKT (b7e136986bb3dac249a00e760281f0a9) C:\WINDOWS\system32\DRIVERS\rp_pkt32.sys
2011/08/29 03:33:31.0487 1804 RTLE8023xp (badabe0940c01619e8510b90fb314929) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/29 03:33:31.0627 1804 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/29 03:33:31.0643 1804 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/08/29 03:33:31.0799 1804 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/08/29 03:33:31.0862 1804 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/29 03:33:31.0940 1804 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/08/29 03:33:32.0002 1804 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/29 03:33:32.0174 1804 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/29 03:33:32.0268 1804 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/29 03:33:32.0331 1804 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/29 03:33:32.0424 1804 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/29 03:33:32.0487 1804 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/29 03:33:32.0627 1804 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/29 03:33:32.0659 1804 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/29 03:33:32.0815 1804 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/29 03:33:32.0909 1804 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/29 03:33:33.0002 1804 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/29 03:33:33.0081 1804 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/29 03:33:33.0127 1804 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/29 03:33:33.0206 1804 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
2011/08/29 03:33:33.0299 1804 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/29 03:33:33.0393 1804 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/29 03:33:33.0534 1804 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/29 03:33:33.0612 1804 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/29 03:33:33.0643 1804 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/29 03:33:33.0737 1804 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/29 03:33:33.0831 1804 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/29 03:33:33.0893 1804 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/29 03:33:33.0924 1804 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/29 03:33:33.0987 1804 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/29 03:33:34.0081 1804 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/29 03:33:34.0206 1804 WCMVCAM (fcf9f68f4bc8b9a4ac2055cf95a55352) C:\WINDOWS\system32\DRIVERS\wcmvcam.sys
2011/08/29 03:33:34.0346 1804 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/29 03:33:34.0440 1804 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/29 03:33:34.0565 1804 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/29 03:33:34.0643 1804 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/29 03:33:34.0768 1804 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/29 03:33:34.0831 1804 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/29 03:33:34.0909 1804 xusb21 (a640c90b007762939507c28a021be3b3) C:\WINDOWS\system32\DRIVERS\xusb21.sys
2011/08/29 03:33:34.0987 1804 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/29 03:33:35.0112 1804 Boot (0x1200) (48577a276f4da7c1c36f1c33efb7c07a) \Device\Harddisk0\DR0\Partition0
2011/08/29 03:33:35.0127 1804 ================================================================================
2011/08/29 03:33:35.0127 1804 Scan finished
2011/08/29 03:33:35.0127 1804 ================================================================================
2011/08/29 03:33:35.0143 1860 Detected object count: 0
2011/08/29 03:33:35.0143 1860 Actual detected object count: 0
2011/08/29 03:33:41.0393 1412 ================================================================================
2011/08/29 03:33:41.0393 1412 Scan started
2011/08/29 03:33:41.0393 1412 Mode: Manual;
2011/08/29 03:33:41.0393 1412 ================================================================================
2011/08/29 03:33:41.0706 1412 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/29 03:33:41.0815 1412 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/29 03:33:41.0862 1412 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/08/29 03:33:41.0924 1412 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
2011/08/29 03:33:42.0081 1412 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/29 03:33:42.0143 1412 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/29 03:33:42.0252 1412 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/08/29 03:33:42.0549 1412 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/08/29 03:33:42.0659 1412 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/08/29 03:33:42.0862 1412 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/29 03:33:42.0877 1412 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/29 03:33:42.0924 1412 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/29 03:33:43.0002 1412 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/29 03:33:43.0081 1412 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/29 03:33:43.0487 1412 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/29 03:33:43.0987 1412 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:59 AM

Posted 29 August 2011 - 06:06 PM

Sorry, that has once more not been pasted complete. Please rerun it again :)
Posted Image
m0le is a proud member of UNITE

#11 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 29 August 2011 - 10:48 PM

I'm sorry but i dont understand what else i can do, it finds no items to be removed its clean, when i press report that shows ??

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:59 AM

Posted 30 August 2011 - 12:06 PM

That means that the character count went over what is allowed for one post. Just copy and paste what did not come out of the log into a second post.
Posted Image
m0le is a proud member of UNITE

#13 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 30 August 2011 - 07:21 PM

2011/08/31 01:19:42.0468 3352 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/31 01:19:44.0468 3352 ================================================================================
2011/08/31 01:19:44.0468 3352 SystemInfo:
2011/08/31 01:19:44.0468 3352
2011/08/31 01:19:44.0468 3352 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/31 01:19:44.0468 3352 Product type: Workstation
2011/08/31 01:19:44.0468 3352 ComputerName: USER-2C0EA6A532
2011/08/31 01:19:44.0484 3352 UserName: Jamie
2011/08/31 01:19:44.0484 3352 Windows directory: C:\WINDOWS
2011/08/31 01:19:44.0484 3352 System windows directory: C:\WINDOWS
2011/08/31 01:19:44.0484 3352 Processor architecture: Intel x86
2011/08/31 01:19:44.0484 3352 Number of processors: 1
2011/08/31 01:19:44.0484 3352 Page size: 0x1000
2011/08/31 01:19:44.0484 3352 Boot type: Normal boot
2011/08/31 01:19:44.0484 3352 ================================================================================
2011/08/31 01:19:46.0796 3352 Initialize success
2011/08/31 01:19:48.0750 3348 ================================================================================
2011/08/31 01:19:48.0750 3348 Scan started
2011/08/31 01:19:48.0750 3348 Mode: Manual;
2011/08/31 01:19:48.0750 3348 ================================================================================
2011/08/31 01:19:49.0765 3348 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/31 01:19:49.0875 3348 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/31 01:19:49.0937 3348 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/08/31 01:19:49.0984 3348 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
2011/08/31 01:19:50.0125 3348 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/31 01:19:50.0218 3348 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/31 01:19:50.0328 3348 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/08/31 01:19:50.0609 3348 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/08/31 01:19:50.0734 3348 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/08/31 01:19:50.0953 3348 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/31 01:19:50.0968 3348 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/31 01:19:51.0015 3348 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/31 01:19:51.0093 3348 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/31 01:19:51.0171 3348 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/31 01:19:51.0281 3348 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/31 01:19:51.0359 3348 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/31 01:19:51.0390 3348 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/31 01:19:51.0453 3348 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/31 01:19:51.0515 3348 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/31 01:19:51.0609 3348 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/31 01:19:51.0921 3348 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
2011/08/31 01:19:52.0109 3348 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/31 01:19:52.0187 3348 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/31 01:19:52.0234 3348 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/31 01:19:52.0312 3348 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/31 01:19:52.0390 3348 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/31 01:19:52.0531 3348 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2011/08/31 01:19:52.0625 3348 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/08/31 01:19:52.0703 3348 cmdGuard (251f906328af49e7927a1ad12b543a2f) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
2011/08/31 01:19:52.0734 3348 cmdHlp (207f06d08afcdd3bbc801eab1a845cfb) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
2011/08/31 01:19:52.0796 3348 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/31 01:19:52.0968 3348 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/31 01:19:53.0046 3348 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/31 01:19:53.0109 3348 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/31 01:19:53.0156 3348 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/31 01:19:53.0218 3348 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/31 01:19:53.0343 3348 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/31 01:19:53.0421 3348 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/31 01:19:53.0468 3348 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/31 01:19:53.0500 3348 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/31 01:19:53.0531 3348 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/31 01:19:53.0609 3348 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/31 01:19:53.0718 3348 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/31 01:19:53.0765 3348 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/31 01:19:53.0828 3348 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
2011/08/31 01:19:53.0890 3348 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
2011/08/31 01:19:53.0953 3348 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/31 01:19:54.0093 3348 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/08/31 01:19:54.0171 3348 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/31 01:19:54.0250 3348 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/31 01:19:54.0343 3348 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/31 01:19:54.0546 3348 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/31 01:19:54.0828 3348 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/08/31 01:19:55.0187 3348 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/31 01:19:55.0281 3348 Inspect (c9953067b2c9e3d3dd44ec22d1e0815a) C:\WINDOWS\system32\DRIVERS\inspect.sys
2011/08/31 01:19:55.0515 3348 IntcAzAudAddService (8f924588c272fdaa28cf31a9bbc21a72) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/31 01:19:55.0828 3348 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/31 01:19:55.0890 3348 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/31 01:19:55.0937 3348 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/31 01:19:55.0984 3348 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/31 01:19:56.0031 3348 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/31 01:19:56.0171 3348 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/31 01:19:56.0203 3348 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/31 01:19:56.0250 3348 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/31 01:19:56.0296 3348 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/31 01:19:56.0359 3348 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/31 01:19:56.0500 3348 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/31 01:19:56.0578 3348 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/31 01:19:56.0671 3348 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/08/31 01:19:56.0750 3348 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/31 01:19:56.0875 3348 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/31 01:19:57.0000 3348 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/08/31 01:19:57.0078 3348 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/31 01:19:57.0203 3348 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/31 01:19:57.0265 3348 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/31 01:19:57.0359 3348 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/31 01:19:57.0437 3348 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/31 01:19:57.0562 3348 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/31 01:19:57.0640 3348 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/31 01:19:57.0687 3348 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/31 01:19:57.0718 3348 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/31 01:19:57.0781 3348 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/31 01:19:57.0828 3348 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/31 01:19:57.0890 3348 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/31 01:19:58.0015 3348 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/31 01:19:58.0078 3348 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/31 01:19:58.0140 3348 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/31 01:19:58.0187 3348 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/31 01:19:58.0296 3348 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/31 01:19:58.0328 3348 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/31 01:19:58.0390 3348 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/31 01:19:58.0453 3348 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/31 01:19:58.0484 3348 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/31 01:19:58.0671 3348 NETw4x32 (e0860951a0294826be9d1a64a42370b4) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
2011/08/31 01:19:59.0062 3348 NETwLx32 (72062b53186e4a3f5fcbc41ebb62b905) C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
2011/08/31 01:19:59.0437 3348 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/08/31 01:19:59.0484 3348 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/31 01:19:59.0546 3348 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
2011/08/31 01:19:59.0687 3348 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/31 01:19:59.0812 3348 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/31 01:20:00.0015 3348 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/31 01:20:00.0062 3348 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/31 01:20:00.0156 3348 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/08/31 01:20:00.0250 3348 PAEAFLT.sys (301e92ce7fb606f94f124a76d8145622) C:\WINDOWS\system32\DRIVERS\PAEAFLT.sys
2011/08/31 01:20:00.0328 3348 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/08/31 01:20:00.0343 3348 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/31 01:20:00.0421 3348 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/31 01:20:00.0468 3348 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/31 01:20:00.0531 3348 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/31 01:20:00.0593 3348 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/08/31 01:20:00.0828 3348 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/31 01:20:00.0890 3348 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/31 01:20:00.0921 3348 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/31 01:20:00.0953 3348 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/31 01:20:01.0125 3348 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/31 01:20:01.0171 3348 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/31 01:20:01.0265 3348 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/31 01:20:01.0312 3348 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/31 01:20:01.0359 3348 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/31 01:20:01.0390 3348 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/31 01:20:01.0421 3348 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/31 01:20:01.0500 3348 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/31 01:20:01.0593 3348 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/31 01:20:01.0750 3348 RPPKT (b7e136986bb3dac249a00e760281f0a9) C:\WINDOWS\system32\DRIVERS\rp_pkt32.sys
2011/08/31 01:20:01.0781 3348 RTLE8023xp (badabe0940c01619e8510b90fb314929) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/31 01:20:01.0921 3348 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/31 01:20:01.0968 3348 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/08/31 01:20:02.0125 3348 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/08/31 01:20:02.0187 3348 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/31 01:20:02.0250 3348 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/08/31 01:20:02.0312 3348 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/31 01:20:02.0484 3348 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/31 01:20:02.0562 3348 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/31 01:20:02.0718 3348 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/31 01:20:02.0843 3348 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/31 01:20:02.0906 3348 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/31 01:20:02.0968 3348 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/31 01:20:03.0015 3348 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/31 01:20:03.0171 3348 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/31 01:20:03.0312 3348 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/31 01:20:03.0390 3348 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/31 01:20:03.0437 3348 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/31 01:20:03.0500 3348 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/31 01:20:03.0593 3348 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
2011/08/31 01:20:03.0718 3348 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/31 01:20:03.0828 3348 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/31 01:20:03.0921 3348 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/31 01:20:04.0000 3348 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/31 01:20:04.0078 3348 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/31 01:20:04.0156 3348 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/31 01:20:04.0218 3348 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/31 01:20:04.0250 3348 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/31 01:20:04.0296 3348 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/31 01:20:04.0390 3348 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/31 01:20:04.0531 3348 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/31 01:20:04.0656 3348 WCMVCAM (fcf9f68f4bc8b9a4ac2055cf95a55352) C:\WINDOWS\system32\DRIVERS\wcmvcam.sys
2011/08/31 01:20:04.0796 3348 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/31 01:20:04.0937 3348 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/31 01:20:05.0156 3348 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/31 01:20:05.0328 3348 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/31 01:20:05.0421 3348 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/31 01:20:05.0468 3348 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/31 01:20:05.0593 3348 xusb21 (a640c90b007762939507c28a021be3b3) C:\WINDOWS\system32\DRIVERS\xusb21.sys
2011/08/31 01:20:05.0656 3348 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/31 01:20:05.0796 3348 Boot (0x1200) (48577a276f4da7c1c36f1c33efb7c07a) \Device\Harddisk0\DR0\Partition0
2011/08/31 01:20:05.0796 3348 ================================================================================
2011/08/31 01:20:05.0796 3348 Scan finished
2011/08/31 01:20:05.0796 3348 ================================================================================
2011/08/31 01:20:05.0812 1492 Detected object count: 0
2011/08/31 01:20:05.0812 1492 Actual detected object count: 0

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:59 AM

Posted 30 August 2011 - 07:25 PM

The scan is clean so we can start looking for remnants. The MBAM and SAS logs show that there was some infection here.

Please run ESET online

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
If no log is generated that means nothing was found. Please let me know if this happens.
Posted Image
m0le is a proud member of UNITE

#15 manutdj28

manutdj28
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:59 PM

Posted 30 August 2011 - 10:43 PM

Hi i have just been following them steps ^, but after step 8 i press start on the scanner, and i get the message , 'Can not get update.Is proxy configured?', i don't understand what to do?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users