Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Detected


  • Please log in to reply
15 replies to this topic

#1 TexasMitch

TexasMitch

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 11:16 AM

Hello BCers, seems something has happened to my PC again. I was doing my normal routine about to start up my game and my AntiVirus(Avira), detected a trojan:

Virus or unwanted program 'TR/Crypt.XPACK.Gen3 [trojan]'
detected in file 'C:\Documents and Settings\HP_Administrator\Local Settings\Temp\BIT257.tmp.
Action performed: Allow access

The name of that trojan sounds very familiar.. As if I have tried dealing with it before... If this is a trojan that is related with usb-related infections then I think I have had the same problem in the past.(Now I need to get rid of all my old usbs I use)

What should I do? I am currently running Avira AntiVirus, but I really doubt that will do any justice to this trojan.

~My specs
HP Pavilion a1310n
Windows XP sp3
Avira Antivirus;Mbam;SAS

Regards,
Mitchell

Edited by TexasMitch, 11 September 2011 - 11:18 AM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 12:23 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 01:08 PM

Hello Broni,

Thank you for the quick response!! I had some issues with your instructions :(

* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

MiniToolBox by Farbar
Ran by HP_Administrator (administrator) on 11-09-2011 at 12:28:38
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : mitch

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.tx.comcast.net.



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : hsd1.tx.comcast.net.

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-15-F2-8E-3D-28

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 68.87.85.102

68.87.69.150

Lease Obtained. . . . . . . . . . : Saturday, September 10, 2011 8:42:16 PM

Lease Expires . . . . . . . . . . : Saturday, September 17, 2011 8:42:16 PM

Server: cns.cmc.co.denver.comcast.net
Address: 68.87.85.102

Name: google.com
Addresses: 74.125.73.105, 74.125.73.99, 74.125.73.106, 74.125.73.103
74.125.73.104, 74.125.73.147



Pinging google.com [74.125.73.147] with 32 bytes of data:



Reply from 74.125.73.147: bytes=32 time=24ms TTL=49

Reply from 74.125.73.147: bytes=32 time=24ms TTL=49



Ping statistics for 74.125.73.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 24ms, Average = 24ms

Server: cns.cmc.co.denver.comcast.net
Address: 68.87.85.102

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 67.195.160.76, 69.147.125.65, 72.30.2.43, 98.137.149.56
209.191.122.70



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=59ms TTL=47

Reply from 72.30.2.43: bytes=32 time=59ms TTL=47



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 59ms, Maximum = 59ms, Average = 59ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 8e 3d 28 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.3 20
10.0.0.0 255.255.255.0 10.0.0.3 10.0.0.3 20
10.0.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.3 10.0.0.3 20
255.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/11/2011 00:06:35 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 00:00:11 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:55:57 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:45:55 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:45:43 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:42:09 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 10:54:02 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (08/29/2011 10:35:27 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (08/29/2011 10:10:30 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (08/29/2011 09:11:58 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).


System errors:
=============
Error: (09/11/2011 00:06:34 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 00:00:10 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:55:55 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:45:54 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:45:42 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:42:08 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 10:54:01 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/08/2011 02:22:02 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
Lbd

Error: (09/07/2011 06:31:39 PM) (Source: DCOM) (User: SYSTEM)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.

Error: (09/07/2011 06:30:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
Lbd


Microsoft Office Sessions:
=========================
Error: (09/11/2011 00:06:35 PM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 00:00:11 PM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:55:57 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:45:55 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:45:43 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:42:09 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 10:54:02 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (08/29/2011 10:35:27 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (08/29/2011 10:10:30 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (08/29/2011 09:11:58 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader X (10.1.0) (Version: 10.1.0)
AiO_Scan_CDA (Version: 50.0.214.000)
AiOSoftwareNPI (Version: 50.0.214.000)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Catalyst Control Center (Version: 2.010.0210.2338)
ATI Control Panel (Version: 6.14.10.5166)
ATI Display Driver (Version: 8.591-090225a-076825C-ATI)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.700)
BlackBerry Device Software Updater (Version: 6.0.1.27)
CameraDrivers (Version: 5.0.0.290)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455)
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455)
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455)
ccc-core-preinstall (Version: 2010.0210.2339.42455)
ccc-core-static (Version: 2010.0210.2339.42455)
ccc-utility (Version: 2010.0210.2339.42455)
CCC Help Chinese Standard (Version: 2010.0210.2338.42455)
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455)
CCC Help Czech (Version: 2010.0210.2338.42455)
CCC Help Danish (Version: 2010.0210.2338.42455)
CCC Help Dutch (Version: 2010.0210.2338.42455)
CCC Help English (Version: 2010.0210.2338.42455)
CCC Help Finnish (Version: 2010.0210.2338.42455)
CCC Help French (Version: 2010.0210.2338.42455)
CCC Help German (Version: 2010.0210.2338.42455)
CCC Help Greek (Version: 2010.0210.2338.42455)
CCC Help Hungarian (Version: 2010.0210.2338.42455)
CCC Help Italian (Version: 2010.0210.2338.42455)
CCC Help Japanese (Version: 2010.0210.2338.42455)
CCC Help Korean (Version: 2010.0210.2338.42455)
CCC Help Norwegian (Version: 2010.0210.2338.42455)
CCC Help Polish (Version: 2010.0210.2338.42455)
CCC Help Portuguese (Version: 2010.0210.2338.42455)
CCC Help Russian (Version: 2010.0210.2338.42455)
CCC Help Spanish (Version: 2010.0210.2338.42455)
CCC Help Swedish (Version: 2010.0210.2338.42455)
CCC Help Thai (Version: 2010.0210.2338.42455)
CCC Help Turkish (Version: 2010.0210.2338.42455)
CCleaner (Version: 3.10)
Counter-Strike
Counter-Strike: Source
cp_LightScribeConfig (Version: 53.0.24.000)
cp_LightScribePlugin (Version: 53.0.24.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Customer Experience Enhancement (Version: Customer Experience Enhancement -1.0.0.1680)
Data Fax SoftModem with SmartCP
Day of Defeat: Source
Defraggler (Version: 2.06)
DivX Setup (Version: 2.5.0.15)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
Dual-Core Optimizer (Version: 1.1.4.0169)
Easy Internet Sign-up (Version: FE UI-4.1.0.1680)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
Fax_CDA (Version: 50.0.214.000)
Google Earth (Version: 6.0.3.2197)
Google Toolbar for Internet Explorer
Google Update Helper (Version: 1.3.21.69)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Hitman Pro 3.5 (Version: 3.5.9.125)
HP Boot Optimizer (Version: 2.0.5.1)
HP DigitalMedia Archive (Version: 1.2)
HP Document Viewer 5.3 (Version: 5.3)
HP Image Zone for Media Center PC
HP Photosmart Cameras 5.0 (Version: 5.0)
HP Product Assistant (Version: 100.000.001.000)
HP PSC & OfficeJet 5.3.A
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
Insurgency
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 6 Update 26 (Version: 6.0.260)
LightScribe 1.4.52.1 (Version: 1.4.52.1)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Away Mode (Version: 6.0.0160.0)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour (Version: 1.0.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox (3.6.22) (Version: 3.6.22 (en-US))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NewCopy_CDA (Version: 50.0.214.000)
PS2
QuickTime (Version: 7.70.80.34)
Revo Uninstaller Pro 2.5.3 (Version: 2.5.3)
Scan (Version: 5.2.0.0)
Secunia PSI (2.0.0.3003)
Skins (Version: 2010.0210.2339.42455)
SolutionCenter (Version: 50.0.152.000)
Sonic Update Manager (Version: 3.0.0)
StarCraft II (Version: 1.3.6.19269)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 4.44.1000)
System Requirements Lab
Team Fortress 2
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 0.9.8a (Version: 0.9.8a)
War Inc. Battlezone
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WinZip 12.1 (Version: 12.1.8519)
World of Warcraft (Version: 4.2.0.14480)

========================= Memory info: ===================================

Percentage of memory in use: 79%
Total physical RAM: 1022.48 MB
Available physical RAM: 214.68 MB
Total Pagefile: 2456.77 MB
Available Pagefile: 1013.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1995.24 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:177.8 GB) (Free:56.86 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:8.5 GB) (Free:1.12 GB) FAT32

========================= Users: ========================================

User accounts for \\MITCH

Administrator Guest HelpAssistant
HP_Administrator SUPPORT_388945a0 SUPPORT_fddfa904


**** End of log ****

Click Go and post the result.

MiniToolBox by Farbar
Ran by HP_Administrator (administrator) on 11-09-2011 at 12:28:38
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : mitch

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.tx.comcast.net.



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : hsd1.tx.comcast.net.

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-15-F2-8E-3D-28

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 68.87.85.102

68.87.69.150

Lease Obtained. . . . . . . . . . : Saturday, September 10, 2011 8:42:16 PM

Lease Expires . . . . . . . . . . : Saturday, September 17, 2011 8:42:16 PM

Server: cns.cmc.co.denver.comcast.net
Address: 68.87.85.102

Name: google.com
Addresses: 74.125.73.105, 74.125.73.99, 74.125.73.106, 74.125.73.103
74.125.73.104, 74.125.73.147



Pinging google.com [74.125.73.147] with 32 bytes of data:



Reply from 74.125.73.147: bytes=32 time=24ms TTL=49

Reply from 74.125.73.147: bytes=32 time=24ms TTL=49



Ping statistics for 74.125.73.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 24ms, Average = 24ms

Server: cns.cmc.co.denver.comcast.net
Address: 68.87.85.102

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 67.195.160.76, 69.147.125.65, 72.30.2.43, 98.137.149.56
209.191.122.70



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=59ms TTL=47

Reply from 72.30.2.43: bytes=32 time=59ms TTL=47



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 59ms, Maximum = 59ms, Average = 59ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 8e 3d 28 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.3 20
10.0.0.0 255.255.255.0 10.0.0.3 10.0.0.3 20
10.0.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.3 10.0.0.3 20
255.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/11/2011 00:06:35 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 00:00:11 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:55:57 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:45:55 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:45:43 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 11:42:09 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (09/11/2011 10:54:02 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (08/29/2011 10:35:27 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (08/29/2011 10:10:30 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).

Error: (08/29/2011 09:11:58 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Shadow Copy writer RemovableStorageManager called routine OpenNtmsSessionW which failed with status 0x80070422 (converted to 0x800423f4).


System errors:
=============
Error: (09/11/2011 00:06:34 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 00:00:10 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:55:55 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:45:54 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:45:42 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 11:42:08 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/11/2011 10:54:01 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service ntmssvc with arguments "-Service"
in order to run the server:
{D61A27C6-8F53-11D0-BFA0-00A024151983}

Error: (09/08/2011 02:22:02 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
Lbd

Error: (09/07/2011 06:31:39 PM) (Source: DCOM) (User: SYSTEM)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.

Error: (09/07/2011 06:30:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2
Lbd


Microsoft Office Sessions:
=========================
Error: (09/11/2011 00:06:35 PM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 00:00:11 PM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:55:57 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:45:55 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:45:43 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 11:42:09 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (09/11/2011 10:54:02 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (08/29/2011 10:35:27 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (08/29/2011 10:10:30 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW

Error: (08/29/2011 09:11:58 AM) (Source: VSS)(User: )
Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader X (10.1.0) (Version: 10.1.0)
AiO_Scan_CDA (Version: 50.0.214.000)
AiOSoftwareNPI (Version: 50.0.214.000)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Catalyst Control Center (Version: 2.010.0210.2338)
ATI Control Panel (Version: 6.14.10.5166)
ATI Display Driver (Version: 8.591-090225a-076825C-ATI)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.700)
BlackBerry Device Software Updater (Version: 6.0.1.27)
CameraDrivers (Version: 5.0.0.290)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455)
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455)
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455)
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455)
ccc-core-preinstall (Version: 2010.0210.2339.42455)
ccc-core-static (Version: 2010.0210.2339.42455)
ccc-utility (Version: 2010.0210.2339.42455)
CCC Help Chinese Standard (Version: 2010.0210.2338.42455)
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455)
CCC Help Czech (Version: 2010.0210.2338.42455)
CCC Help Danish (Version: 2010.0210.2338.42455)
CCC Help Dutch (Version: 2010.0210.2338.42455)
CCC Help English (Version: 2010.0210.2338.42455)
CCC Help Finnish (Version: 2010.0210.2338.42455)
CCC Help French (Version: 2010.0210.2338.42455)
CCC Help German (Version: 2010.0210.2338.42455)
CCC Help Greek (Version: 2010.0210.2338.42455)
CCC Help Hungarian (Version: 2010.0210.2338.42455)
CCC Help Italian (Version: 2010.0210.2338.42455)
CCC Help Japanese (Version: 2010.0210.2338.42455)
CCC Help Korean (Version: 2010.0210.2338.42455)
CCC Help Norwegian (Version: 2010.0210.2338.42455)
CCC Help Polish (Version: 2010.0210.2338.42455)
CCC Help Portuguese (Version: 2010.0210.2338.42455)
CCC Help Russian (Version: 2010.0210.2338.42455)
CCC Help Spanish (Version: 2010.0210.2338.42455)
CCC Help Swedish (Version: 2010.0210.2338.42455)
CCC Help Thai (Version: 2010.0210.2338.42455)
CCC Help Turkish (Version: 2010.0210.2338.42455)
CCleaner (Version: 3.10)
Counter-Strike
Counter-Strike: Source
cp_LightScribeConfig (Version: 53.0.24.000)
cp_LightScribePlugin (Version: 53.0.24.000)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Customer Experience Enhancement (Version: Customer Experience Enhancement -1.0.0.1680)
Data Fax SoftModem with SmartCP
Day of Defeat: Source
Defraggler (Version: 2.06)
DivX Setup (Version: 2.5.0.15)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
Dual-Core Optimizer (Version: 1.1.4.0169)
Easy Internet Sign-up (Version: FE UI-4.1.0.1680)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
Fax_CDA (Version: 50.0.214.000)
Google Earth (Version: 6.0.3.2197)
Google Toolbar for Internet Explorer
Google Update Helper (Version: 1.3.21.69)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Hitman Pro 3.5 (Version: 3.5.9.125)
HP Boot Optimizer (Version: 2.0.5.1)
HP DigitalMedia Archive (Version: 1.2)
HP Document Viewer 5.3 (Version: 5.3)
HP Image Zone for Media Center PC
HP Photosmart Cameras 5.0 (Version: 5.0)
HP Product Assistant (Version: 100.000.001.000)
HP PSC & OfficeJet 5.3.A
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
Insurgency
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 6 Update 26 (Version: 6.0.260)
LightScribe 1.4.52.1 (Version: 1.4.52.1)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Away Mode (Version: 6.0.0160.0)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour (Version: 1.0.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox (3.6.22) (Version: 3.6.22 (en-US))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NewCopy_CDA (Version: 50.0.214.000)
PS2
QuickTime (Version: 7.70.80.34)
Revo Uninstaller Pro 2.5.3 (Version: 2.5.3)
Scan (Version: 5.2.0.0)
Secunia PSI (2.0.0.3003)
Skins (Version: 2010.0210.2339.42455)
SolutionCenter (Version: 50.0.152.000)
Sonic Update Manager (Version: 3.0.0)
StarCraft II (Version: 1.3.6.19269)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 4.44.1000)
System Requirements Lab
Team Fortress 2
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 0.9.8a (Version: 0.9.8a)
War Inc. Battlezone
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WinZip 12.1 (Version: 12.1.8519)
World of Warcraft (Version: 4.2.0.14480)

========================= Memory info: ===================================

Percentage of memory in use: 79%
Total physical RAM: 1022.48 MB
Available physical RAM: 214.68 MB
Total Pagefile: 2456.77 MB
Available Pagefile: 1013.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1995.24 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:177.8 GB) (Free:56.86 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:8.5 GB) (Free:1.12 GB) FAT32

========================= Users: ========================================

User accounts for \\MITCH

Administrator Guest HelpAssistant
HP_Administrator SUPPORT_388945a0 SUPPORT_fddfa904


**** End of log ****

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

Done. Did Quick Scan, 0 results. Then restarted computer.


Now click the Scan button. If you see a rootkit warning window, click OK.

This is where I had issues. I clicked 'Scan' and GMER started, but then after about 20 seconds I got an error message!:
"Mjcoj2b.exe

Mjcoj2b.exe has encountered a problem and needs to close. We are sorry for the inconvenience.

If you were in the middle of something, the information you were working on might be lost.

Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.

To see what data this error report contains, click here.

[Debug] [Send Error Report] [Don't Send]"

I re-connected my internet, and re-activated my AV after GMER failed. I will wait for further instructions.

Regards,
Mitchell

edit: I just realized at the end of your instructions you advised:
"IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode. "
~ I will try again; then Try to UN-check 'Devices'; then I will try in Safe Mode and I will post reults. Apologies for my failure to follow instructions.

Edited by TexasMitch, 11 September 2011 - 01:13 PM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 01:57 PM

Run this instead....

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 02:27 PM

Broni,

I apologize for confusing you. It was my fault for not reading the instructions more thoroughly.

GMER has been running for over an hour and it still scanning. GMER is still up and running the scan.

Would you like me to stop the GMER scan, and use 'Rootkit Unhooker'? Or proceed with this GMER scan?(GMER has been running 2 hours 30+ minutes)

Regards,
Mitchell

Edited by TexasMitch, 11 September 2011 - 03:36 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 03:39 PM

In that case keep it going.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 06:08 PM

Broni,

Thank you for your patience. I have come across NUMEROUS, HUGE problems upon finishing GMER.
Right when GMER finished I got about 20 error messages. I wrote some of them down:

~
Windows – Delayed Write Failed
Windows was unable to safe all the data for the file
\Device\HarddiskVolume2\WINDOWS\system32\config\AppEvent.Evt. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to safe this file elsewhere.

~
PSIA.exe – Application Error
The instrctuion at “0x0044a321” referenced memory at “0x00000028”. The memory could not be “written”.
Click on OK to terminate the program
Click on CANCEL to debug the problem.

~
Windows – Delayed Write Failed
Windows was unable to save all the data for the file \Devile\HarddiskVolume2\Program Files\Updates from HP\9972322\Users\Default\Data. The data has been lost. This error may be caused by a failure of your computer hardware or network connections. Please try to save this file elsewhere.



I closed out of GMER once I saved the log. And error messages kept popping up. I re-connected my internet, but it wasn't responding/working. I tried to open firefox and it said firefox.exe was missing then I tried to open google chrome and it gave me some error message....

I then restarted my computer and am now at a BLUE screen with the following text:
A problem has been detected and Windows has been shut down to prevent damage to your computer.
The problem seems to be caused by the following file: rdbss.sys
The driver unloaded without cancelling pending operations.
If this is the first time you've seen this Stop error screen,
restart your computer. If this screen appears again, follow these steps:
Check to make sure any new hardware or software is properly installed....

The computer just restarted on its own.. I tried writing down what it said as fast as I could, now windows is rebooting.... I don't have any idea what is going on at this point

Edited by TexasMitch, 11 September 2011 - 06:08 PM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 06:12 PM

Did you get GMER log?

Restart one more time and see if thing will get back to normal.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 06:14 PM

Ok. Windows managed to boot up properly. And it appears now that I am connected to the internet, and firefox is able to load up with no problems. Here is the results from gmer log:
When I try to open the log it says: The file or directory is corrupted and unreadable.
I saved it in 2 places for some reason, and the other location seems to open:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-11 18:00:48
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3200826AS rev.3.03
Running: mjcoj2bg.exe; Driver: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\uxldypob.sys


---- System - GMER 1.0.15 ----

SSDT F7BA9CFC ZwClose
SSDT F7BA9CB6 ZwCreateKey
SSDT F7BA9D06 ZwCreateSection
SSDT F7BA9CAC ZwCreateThread
SSDT F7BA9CBB ZwDeleteKey
SSDT F7BA9CC5 ZwDeleteValueKey
SSDT F7BA9CF7 ZwDuplicateObject
SSDT F7BA9CCA ZwLoadKey
SSDT F7BA9C98 ZwOpenProcess
SSDT F7BA9C9D ZwOpenThread
SSDT F7BA9CD4 ZwReplaceKey
SSDT F7BA9CCF ZwRestoreKey
SSDT F7BA9D0B ZwSetContextThread
SSDT F7BA9CC0 ZwSetValueKey
SSDT F7BA9CA7 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6A66000, 0x1C5D58, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[3468] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ownage_funmap_d.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ag_texture2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ag_texture2_icemix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ag_texture2_modified_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ag_texture_city.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ag_texture_city_advanced.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ag_texture_city_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_ak_colt.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_deagle.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_deagle7k.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_piranesi.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_port.cache 1276538 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_prodigy.cache 29854 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_russka.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_season.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_tides.cache 18706 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_train.cache 1287419 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_villa.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_v4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_v4_fixed.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_v4_fully_fixed.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_v6.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_v69.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_liberation.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_liberation2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_megamachine.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_meister_v3_beta2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_method.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_neon.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_ny_advance.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_ny_bigloop_2008a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_ny_momentum_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_ny_platinum.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_penumbra_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_penumbra_pf3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_raindance_ak_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roflicious_b1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roflicious_pfcf2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_abandoned_canals_new.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_barricade_factory.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_highway.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_industrial_complex.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_old_industrial.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_old_industrial_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_the_ship_64.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_the_ship_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_roy_zombieranch_night_b4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_citylife_v2a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_citylife_v2b.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_countrylake.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_crazycity.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_csmega_district_b5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_deep_thought_nv.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_desert_fortress_v2.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_desprerados_a1.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_dirty_lila_panic.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\aim_deagle_lcf_redgames.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\backalley_run_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_assault.cache 1406702 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_nuke.cache 1287756 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ea_cbble_christmas.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_awp_angular.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_fy_funtimes_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_battle_slider_v3b.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_flying_sg_final_improved.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_invisibleman_beta6.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_supermariobros.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panicdark.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_beach.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_beach_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_darkbasement_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_f3_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_f3_v3_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_fixed_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_isethen.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_lego_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_l_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_m3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_pfcf1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_sethensv4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_tpc_v2_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_uv_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_uv_final_oc.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_v2a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_panic_westside.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_little_city_v5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_little_city_v5pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_little_city_v5pf_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_winterfun_b4a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_winterfun_pf_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_workshop_gfk.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_wtfhax_v6.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_wtfhax_v6c.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_wtfhax_v6d.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_wtfhax_v6e.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_wwt_twinsteel_v8.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_zefchode6.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\_other.cache 282393 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\_other_rebuild.cache 8889674 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\_sharedprecache.cache 6061759 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_fun_allinone_css.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_fun_minigames_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_fun_omahabeach_2010.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ghosts_cave_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_hellhound_survival_v1_4_1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_hellsrace_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_hellz_multigame_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_humantetrix_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ig_ace_course.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ig_hellmix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_3dubka_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_420_beachstrike_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\deathrun_iceworld_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\deathrun_mario_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_aztec.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_cbble.cache 231 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_chateau.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_contra.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_cpl_fire.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_cpl_mill.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_cpl_strike.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_compact.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_compulsive_njv.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_freaky.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_fruits.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_goodbye.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_greatriver.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_greatriver_remix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_greatriver_xdre4m.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_hydrogen_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_hyper-tension_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_ptad.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_reloaded.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_battlepyramid.cache 7229 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_beat.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_blitz.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_blue_arena.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_ccss_two_towers.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_churches_x_final_fixed.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_cold_day.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_deagle6_texture_sig.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_dipmap.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_evergreenpark.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_funround.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_oompa_loompa.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_pure.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_rebel_resistance_final11.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_sc_colours.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_skyworld.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_skyworld_nodeath.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ski_mountain.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smashfloor_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smash_cannonsz.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smee_tower_fix2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smee_tower_ig.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smee_tower_ig_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smee_tower_pf_v1_1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_smee_tower_pf_v1_a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_speed_run_e2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_salon_moon.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_subway_v5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_survival_f2a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_temple_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_temple_v3pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_towers_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_tx_highschoolbeta7.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_tx_highschool_zkedit_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_unpanicv2_pf.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_unpanic_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_vc2_office_redone_b1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_wasteyard_beta3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ba_jail_hellsgamers_se_r2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_allmap.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_amor.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_dots.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_dust_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_fall.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_fishey_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_giga_citadel.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_kiwi.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_mist.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\bhop_thc.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\build_texture_v5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\buses_from_hell_fixed.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_747_css.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\test_hardware.cache 83 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\test_speakers.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\xc_cliffhanger.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\xc_icefloes.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\xc_towers.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\xmas_nipperhouse.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_30_seconds__b21.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_biohazard_2_rpd_v3a_004.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_ffvii_mako_reactor_v2_2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_iamlegend_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_megabox_ck27_plaguefest.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_moocbblechode_b1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_moocbblechode_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_moonlight_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_moonlight_v3_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_moon_roflicious_pf_02.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_mountain_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_natalyas_ship_v4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_neko_abura_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_complex.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_compound.cache 1356414 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_crackhouse.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_crackhouse2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_hacienda.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_havana.cache 107869 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_italy.cache 113495 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_militia.cache 1387202 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\cs_office.cache 162166 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_wolfenstein_3d.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ghs_lila_blue_town.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\hoejhus9.cache 16459 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\megabox.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\megabox_v2b.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_3k_smash_lego_copter.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_3k_smash_redux.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_4all_multigames_rc1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_all_in_one_sg_xivz_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_all_in_one_velocity_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_awp_snowsk337.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_battle_slider.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_firewall_samarkand.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_fortress_b5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_fortress_b7.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_ghs_flats.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_ghs_phantomnuke_pf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_gl33m4x_errata.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_hospital_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_idm_hauntedhouse_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_industry_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_base_winter_beta3.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_base_winter_beta3a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_battleforce_panic_ua.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_black_lion_macd_v8.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_bunker_f57_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_burbsdelchode_b1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_burbsdelchode_b3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddapfpanic1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddarena_b10.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddarena_b11.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddarena_b12.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddarena_b7.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddarena_b9.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddasnowpanic_b1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddasnowpanic_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_choddasnowpanic_b4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_chodda_panic_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_precision_b1v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_precision_b1v3_sm.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_pushcircle_v2_rfix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_pyramid_escape_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_quake_dmc_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_randomizer_v4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_randomizer_v5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_re_fy_big_city_v10.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_roflcopter_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_lotr_helms_deep_v5.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_lotr_minas_tirith_v2_2fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_lotr_mines_of_moria_v5_1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_lotr_mount_doom_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_motanuminc_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_potc_v3_4fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_potc_v3_4fix_pf_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_predator_ultimate_v1_2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_predator_ultimate_v1_3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_predator_ultimate_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_stargate_escape_v8.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\ze_voodoo_islands_v8_2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\fy_deagle_x9y.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\fy_iceworld.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_01.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_aim_47th_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_aim_pistol_3floor_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_aim_shotty.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_aim_shotty_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_aim_wc_deagle8k.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_allday_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_arena_future.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_awesome_warehouse.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\saw_puzzle_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\scoutzknivez.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\suf_static.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_10x_reloaded.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_boring.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_buck-around2_beta6.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_buck-wild.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_buck-wild2_beta2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_kakariko_village_002.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_kakariko_village_003.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_kakariko_village_004.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_kakariko_village_005.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_kakariko_village_006.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_panic_004.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_kruma_panic_007.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lilapanicbeach_chodefix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lilapanicbeach_chodefix2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lilapanicbeach_chodefix3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_neo_2_fix_and_bix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\as_arctic.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\as_courthouse.cache 143440 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\as_crisis.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\as_fleeiraq.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\as_italy.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\awp_india_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\awp_snowsk337.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_bear_attack_hard.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_bob2_fixed.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_bobiii.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_boulderdash.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_break-o-box_v4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_castlewars.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_castle_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_color_multigames_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ctf_castle_wars_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_fishing.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ipods_all_in_one_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_ka_trains.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_knife_multi_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_lt_galaxy_v2.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_metro_course_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_mk_colosseum_x.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_multimap_orbital_fix4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_n64_goldeneye_v2.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_obstacle_legend_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_office_coursee.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_office_coursee_2011.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_pauls_minecraft_course_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_pauls_multigames_v2_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_pauls_teambattle_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_fy_snow.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_h7-25.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_hutx_underground_b2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_lego_arena_2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_lego_spacetower2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_minesweeper.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_necrolepsy2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_redglock_s.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_slimland_towers.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_tdr_snow.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_toon_tropicalpit.cache 25116 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\gg_usp_deagle.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zh_desertbase.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_canisius.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_japan_v10_simpsons.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_ny__resist.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\surf_vegetables.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_4way_tunnel_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_dirty_panic_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_firewall_playground_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_lila_off!ce_v4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_neko_athletic_park_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_runbleeprun_final.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_saw_2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_saw_2_remake_v1.cache 32909 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_saw_fix_nd.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_saw_fix_ndf.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_saw_rfix_64v.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_saw_telebox.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_scari_multigame_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_seabattle_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_sg_allinone_skill_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_simonsays.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_abstractchode1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_abstractchode_pyramid1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_abstractchode_pyramid2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_abstractchode_sm.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_anotheruglyzmap_v1e.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_anotheruglyzmap_v2c.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_app7e_betterbworld_jdfix_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_atix_helicopter.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_atix_helicopter_mini.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_tankbase_v2_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_tomgreens_allinonev2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_warmcup_headshot.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_wasterland_beta4c.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_wipeout2_plaguefest.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_xix_multigame_x1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\mg_xix_multigame_x2_fix.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\nippers_opus.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_doomlike_station_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_dust_arena_v1_final.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_exhibit_night_2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_exhibit_v1f.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_facility_v1.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_farm3_nav72.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_firewall.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_firewall_flats.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_crane.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_dust.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_dust2.cache 32904 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_dust2_unlimited.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_dustmas2_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_inferno.cache 1276538 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_jungle_beta_v2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_kismayo.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\de_losttemple_pro.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_novum_v3.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_novum_v3_jdfix.cache 16449 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_ocx_orly_v4.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_officeattack_b5a.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_officerush_betav7.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_officesspace_pfss.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\maps\soundcache\zm_omi_facility_pfv2.cache 16 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsvipd2ct.vmt 128 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example 0 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\bplogo.vmt 168 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\bplogo.vtf 349644 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\bplogo2.vmt 124 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\bplogo2.vtf 349644 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\header.vmt 123 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\header.vtf 1398220 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\website.vmt 170 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\example\website.vtf 349676 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\mani_admin_plugin 0 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\mani_admin_plugin\mani_logo.vmt 141 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\mani_admin_plugin\mani_logo.vtf 43856 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\mani_admin_plugin\sllogo_down.vmt 91 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\mani_admin_plugin\sllogo_up.vmt 89 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\mani_admin_plugin\sllogo_up.vtf 8400 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nfologo5.vmt 70 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nfologo5.vtf 8304 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsglowlogo.vmt 130 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsglowlogo.vtf 87616 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsglowlogo2.vmt 130 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nslogo1.vmt 127 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nslogo1.vtf 87600 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nslogo2.vtf 87600 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nslogo3.vmt 127 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nslogo3.vtf 87600 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsVIP.vmt 124 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsVIP.vtf 43816 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsvipd2ct.vtf 87552 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsvipd2t.vmt 127 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\nsvipd2t.vtf 87552 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\profusion 0 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\profusion\getvip.vmt 176 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\profusion\getvip.vtf 43872 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\profusion\profusion1.vmt 180 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\profusion\profusion1.vtf 22016 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\rsglogo128.vmt 91 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\rsglogo128.vtf 87588 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\rsglogo256.vmt 91 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\rsglogo256.vtf 349732 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2 0 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\asite.vmt 135 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\asite.vtf 5592640 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\bsite.vmt 135 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\bsite.vtf 5592640 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\btunnels.vmt 135 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\btunnels.vtf 174944 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\car.vmt 130 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\car.vtf 174944 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\ctspawn.vmt 138 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\ctspawn.vtf 87544 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\longadoors.vmt 137 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\longadoors.vtf 174944 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\longamiddle.vmt 138 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\longamiddle.vtf 43904 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\outbtunnels.vmt 138 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\outbtunnels.vtf 174944 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\tspawn.vmt 135 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\section9dust2\tspawn.vtf 87544 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\spdecal.vmt 135 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\spdecal.vtf 11064 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\v4servers 0 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\v4servers\banner_53010.vmt 136 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\v4servers\banner_53010.vtf 43832 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\custom\v4servers\banner_53010b.vmt 137 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\underground\ucdecalfeb1.vmt 130 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\underground\ucdecalfeb1.vtf 349644 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\underground\ucdecalfeb2.vmt 130 bytes
File C:\Program Files\Steam\steamapps\mitttttch\counter-strike source\cstrike\materials\decals\underground\ucdecalfeb2.vtf 349644 bytes

---- EOF - GMER 1.0.15 ----

Edited by TexasMitch, 11 September 2011 - 06:14 PM.


#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 06:19 PM

It looks clean...

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 06:27 PM

It looks clean...

Well I suppose that's a good thing =p


Please copy and paste the contents of that file here.


2011/09/11 18:25:24.0640 1444 TDSS rootkit removing tool 2.5.21.0 Sep 10 2011 21:07:05
2011/09/11 18:25:24.0953 1444 ================================================================================
2011/09/11 18:25:24.0953 1444 SystemInfo:
2011/09/11 18:25:24.0953 1444
2011/09/11 18:25:24.0953 1444 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/11 18:25:24.0953 1444 Product type: Workstation
2011/09/11 18:25:24.0953 1444 ComputerName: MITCH
2011/09/11 18:25:24.0953 1444 UserName: HP_Administrator
2011/09/11 18:25:24.0953 1444 Windows directory: C:\WINDOWS
2011/09/11 18:25:24.0953 1444 System windows directory: C:\WINDOWS
2011/09/11 18:25:24.0953 1444 Processor architecture: Intel x86
2011/09/11 18:25:24.0953 1444 Number of processors: 1
2011/09/11 18:25:24.0953 1444 Page size: 0x1000
2011/09/11 18:25:24.0953 1444 Boot type: Normal boot
2011/09/11 18:25:24.0953 1444 ================================================================================
2011/09/11 18:25:25.0781 1444 Initialize success
2011/09/11 18:25:40.0281 0816 ================================================================================
2011/09/11 18:25:40.0281 0816 Scan started
2011/09/11 18:25:40.0281 0816 Mode: Manual;
2011/09/11 18:25:40.0281 0816 ================================================================================
2011/09/11 18:25:41.0046 0816 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/11 18:25:41.0109 0816 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/11 18:25:41.0203 0816 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/11 18:25:41.0296 0816 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/11 18:25:41.0593 0816 ALCXWDM (7f26d024355cbadb60838f53dfb171ec) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/09/11 18:25:41.0843 0816 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/09/11 18:25:41.0906 0816 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
2011/09/11 18:25:41.0968 0816 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
2011/09/11 18:25:42.0031 0816 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
2011/09/11 18:25:42.0078 0816 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
2011/09/11 18:25:42.0109 0816 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
2011/09/11 18:25:42.0187 0816 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/11 18:25:42.0218 0816 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
2011/09/11 18:25:42.0390 0816 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/11 18:25:42.0453 0816 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/11 18:25:42.0671 0816 ati2mtag (8763ede3e0cd40f5c3450571ac57f205) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/11 18:25:43.0015 0816 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/11 18:25:43.0078 0816 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/11 18:25:43.0218 0816 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/11 18:25:43.0296 0816 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/11 18:25:43.0375 0816 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/11 18:25:43.0437 0816 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/11 18:25:43.0500 0816 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/11 18:25:43.0562 0816 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/11 18:25:43.0640 0816 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/11 18:25:43.0703 0816 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/11 18:25:43.0890 0816 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/11 18:25:43.0953 0816 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/11 18:25:44.0000 0816 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/11 18:25:44.0031 0816 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/11 18:25:44.0078 0816 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/11 18:25:44.0125 0816 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/11 18:25:44.0171 0816 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/11 18:25:44.0218 0816 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/11 18:25:44.0250 0816 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/11 18:25:44.0265 0816 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/11 18:25:44.0312 0816 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/11 18:25:44.0343 0816 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/11 18:25:44.0375 0816 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/11 18:25:44.0421 0816 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/11 18:25:44.0468 0816 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/11 18:25:44.0578 0816 HSFHWBS2 (5df616addb75c1ad36c1f9e4de0f7654) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2011/09/11 18:25:44.0625 0816 HSF_DP (dfa8f86c0dbca7db948043aa3be6793b) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/09/11 18:25:44.0765 0816 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/11 18:25:44.0875 0816 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/11 18:25:44.0937 0816 iaStor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/09/11 18:25:45.0046 0816 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/11 18:25:45.0093 0816 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/11 18:25:45.0140 0816 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/11 18:25:45.0171 0816 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/11 18:25:45.0203 0816 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/11 18:25:45.0218 0816 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/11 18:25:45.0281 0816 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/11 18:25:45.0296 0816 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/11 18:25:45.0343 0816 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/11 18:25:45.0390 0816 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/11 18:25:45.0421 0816 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/11 18:25:45.0500 0816 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/11 18:25:45.0562 0816 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/11 18:25:45.0640 0816 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/11 18:25:45.0750 0816 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/09/11 18:25:45.0796 0816 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/09/11 18:25:45.0843 0816 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/11 18:25:45.0921 0816 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/11 18:25:45.0937 0816 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/11 18:25:46.0000 0816 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/11 18:25:46.0046 0816 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/11 18:25:46.0171 0816 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/11 18:25:46.0250 0816 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/11 18:25:46.0343 0816 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/11 18:25:46.0437 0816 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/11 18:25:46.0468 0816 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/11 18:25:46.0500 0816 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/11 18:25:46.0562 0816 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/11 18:25:46.0625 0816 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/11 18:25:46.0890 0816 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/11 18:25:46.0968 0816 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/11 18:25:47.0000 0816 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/11 18:25:47.0031 0816 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/11 18:25:47.0125 0816 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/11 18:25:47.0156 0816 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/11 18:25:47.0203 0816 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/11 18:25:47.0312 0816 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/11 18:25:47.0343 0816 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/11 18:25:47.0390 0816 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/11 18:25:47.0515 0816 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/11 18:25:47.0562 0816 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/11 18:25:47.0593 0816 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/11 18:25:47.0671 0816 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/11 18:25:47.0703 0816 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/11 18:25:47.0734 0816 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/11 18:25:47.0765 0816 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/11 18:25:47.0796 0816 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/11 18:25:47.0859 0816 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/11 18:25:47.0921 0816 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/11 18:25:48.0109 0816 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/11 18:25:48.0140 0816 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/11 18:25:48.0203 0816 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
2011/09/11 18:25:48.0234 0816 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/11 18:25:48.0281 0816 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
2011/09/11 18:25:48.0343 0816 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/11 18:25:48.0375 0816 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/11 18:25:48.0484 0816 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/11 18:25:48.0562 0816 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/11 18:25:48.0593 0816 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/11 18:25:48.0609 0816 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/11 18:25:48.0640 0816 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/11 18:25:48.0671 0816 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/11 18:25:48.0750 0816 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/11 18:25:48.0828 0816 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/11 18:25:48.0875 0816 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/11 18:25:48.0937 0816 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
2011/09/11 18:25:48.0984 0816 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINDOWS\system32\Drivers\RimUsb.sys
2011/09/11 18:25:49.0062 0816 RTL8023xp (3529828ec571fb2f64f6b142f9109993) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/09/11 18:25:49.0109 0816 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/11 18:25:49.0203 0816 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/09/11 18:25:49.0218 0816 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/09/11 18:25:49.0359 0816 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/11 18:25:49.0468 0816 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/09/11 18:25:49.0578 0816 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/11 18:25:49.0703 0816 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/11 18:25:49.0734 0816 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/11 18:25:49.0796 0816 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/11 18:25:49.0890 0816 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/11 18:25:49.0984 0816 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/11 18:25:50.0015 0816 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/11 18:25:50.0218 0816 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/11 18:25:50.0328 0816 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/11 18:25:50.0406 0816 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/11 18:25:50.0437 0816 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/11 18:25:50.0500 0816 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/11 18:25:50.0593 0816 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/11 18:25:50.0687 0816 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/11 18:25:50.0765 0816 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/09/11 18:25:50.0828 0816 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/11 18:25:50.0890 0816 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/11 18:25:50.0953 0816 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/11 18:25:50.0984 0816 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/09/11 18:25:51.0000 0816 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/11 18:25:51.0046 0816 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/11 18:25:51.0093 0816 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/11 18:25:51.0125 0816 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/09/11 18:25:51.0156 0816 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/11 18:25:51.0203 0816 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/11 18:25:51.0265 0816 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/09/11 18:25:51.0359 0816 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/11 18:25:51.0453 0816 winachsf (473ee64c368ce2eed110376c11960259) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/09/11 18:25:51.0593 0816 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/11 18:25:51.0625 0816 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/11 18:25:51.0671 0816 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0
2011/09/11 18:25:51.0703 0816 Boot (0x1200) (719f9ac582d8d707730bdd542e40cc8b) \Device\Harddisk0\DR0\Partition0
2011/09/11 18:25:51.0703 0816 Boot (0x1200) (006359f80626dedeb1af8ca4a1715ea2) \Device\Harddisk0\DR0\Partition1
2011/09/11 18:25:51.0718 0816 ================================================================================
2011/09/11 18:25:51.0718 0816 Scan finished
2011/09/11 18:25:51.0718 0816 ================================================================================
2011/09/11 18:25:51.0718 2456 Detected object count: 0
2011/09/11 18:25:51.0718 2456 Actual detected object count: 0

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 06:32 PM

No problem there.

Any current issues?

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 11 September 2011 - 11:40 PM

Any current issues?

No current issues that I can recognize. My only concern I have is about that trojan that was detected.

TFC will close all running programs, and it may ask you to restart computer.

Done. After rebooting, PC required CHKDSK to run (3 stage process)

Please run a free online scan with the ESET Online Scanner

Done. ESET didn't find anything.


My only concern is with the trojan that was detected by Avira. Is that removed? Is my pc clean and secure?

Thanks for your everything,
Mitchell

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:02 AM

Posted 11 September 2011 - 11:41 PM

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

================================================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/

2. Make sure, Windows Updates are current.

3. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

4. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

5. Run Temporary File Cleaner (TFC) weekly.

6. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

10. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 TexasMitch

TexasMitch
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 12 September 2011 - 12:22 PM

1. Update your Java version here:

Done.

2. Now, we need to remove old Java version and its remnants...

Done.

Your computer is clean

Thank you very much sir. I really appreciate your generosity.

Kindest Regards,
Mitchell




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users