Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tried everything but cant fix this :( PLEASE help


  • This topic is locked This topic is locked
12 replies to this topic

#1 kabiraslam

kabiraslam

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 16 September 2011 - 11:55 AM

I am running windows vista, i used this laptop after like a year and when i logged in internet explorer started opening, and in a couple of mins about 50 windows were opened. I have tried everything, combo fix, gmet, norton, malware bytes, anti spyware. i restored my windows and formatted my c drive but still i had the same problem. I installed chrome and then chrome started to open itself. Malwarebytes shows no infected files :S Today i formatted my whole harddisk and i thought this would solve the problem but no luck :S
I have pasted my recent dds log
Please help thanks :)


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6000.16982
Run by Kabir at 22:30:11 on 2011-09-16
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.958.506 [GMT 5:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SLsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\Kabir\Desktop\HiJackThis.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = google.com
uRun: [HijackThis startup scan] c:\users\kabir\desktop\HijackThis.exe /startupscan
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5037FF6D-7582-4605-B4EE-522EEE326A2D} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F69EDEC8-34D5-491B-B860-9B2167EF7D73} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl901adb35;MpKsl901adb35;c:\programdata\microsoft\microsoft antimalware\definition updates\{d34b19d5-0ce4-410a-9f72-296167d9105b}\MpKsl901adb35.sys [2011-9-16 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2006-11-2 22016]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-16 366152]
R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\drivers\fetnd6v.sys [2011-4-13 44544]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-16 22216]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\VTGKModeDX32.sys [2007-1-4 815616]
.
=============== Created Last 30 ================
.
2011-09-16 17:22:08 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d34b19d5-0ce4-410a-9f72-296167d9105b}\MpKsl901adb35.sys
2011-09-16 06:25:50 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-09-16 06:22:42 549888 ----a-w- c:\windows\system32\rpcss.dll
2011-09-16 06:22:40 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-09-16 06:22:40 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-09-16 06:22:39 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2011-09-16 06:22:39 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2011-09-16 06:22:38 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-16 06:22:38 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2011-09-16 06:22:36 53248 ----a-w- c:\windows\system32\iasads.dll
2011-09-16 06:22:36 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2011-09-16 06:22:35 97280 ----a-w- c:\windows\system32\iasrecst.dll
2011-09-16 06:22:35 158720 ----a-w- c:\windows\system32\sdohlp.dll
2011-09-16 05:39:27 -------- d-----w- c:\users\kabir\appdata\roaming\SUPERAntiSpyware.com
2011-09-16 05:38:51 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-16 05:38:51 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-16 05:10:49 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-16 03:54:12 388096 ----a-r- c:\users\kabir\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-16 03:54:09 -------- d-----w- c:\program files\Trend Micro
2011-09-16 03:51:04 -------- d-----w- c:\program files\CCleaner
2011-09-16 03:44:19 -------- d-----w- c:\program files\uTorrent
2011-09-16 03:43:39 -------- d-----w- c:\users\kabir\appdata\local\uTorrent
2011-09-16 03:43:38 -------- d-----w- c:\users\kabir\appdata\roaming\uTorrent
2011-09-16 02:03:04 156672 ----a-w- c:\windows\system32\t2embed.dll
2011-09-16 02:03:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-09-16 02:03:03 289792 ----a-w- c:\windows\system32\atmfd.dll
2011-09-16 02:03:03 24064 ----a-w- c:\windows\system32\lpk.dll
2011-09-16 02:03:03 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-09-16 02:03:02 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-09-16 01:51:05 61440 ----a-w- c:\windows\system32\winipsec.dll
2011-09-16 01:51:05 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2011-09-16 01:51:04 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-09-16 01:51:03 272896 ----a-w- c:\windows\system32\polstore.dll
2011-09-16 01:47:57 13824 ----a-w- c:\windows\system32\wshqos.dll
2011-09-16 01:47:56 70144 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-09-16 01:47:56 33280 ----a-w- c:\windows\system32\traffic.dll
2011-09-16 01:47:55 15360 ----a-w- c:\windows\system32\pacerprf.dll
2011-09-16 01:47:52 619008 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-09-16 01:47:52 36864 ----a-w- c:\windows\system32\cdd.dll
2011-09-16 01:47:51 134656 ----a-w- c:\windows\system32\dps.dll
2011-09-16 01:45:03 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-09-16 01:45:02 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-16 01:42:35 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-16 01:42:34 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-09-16 01:42:33 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-09-16 01:40:05 707072 ----a-w- c:\program files\common files\system\wab32.dll
2011-09-16 01:40:04 41984 ----a-w- c:\program files\windows mail\wabimp.dll
2011-09-16 01:40:04 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2011-09-16 01:40:04 1098752 ----a-w- c:\program files\common files\system\wab32res.dll
2011-09-16 01:40:03 205824 ----a-w- c:\windows\system32\msoeacct.dll
2011-09-16 01:40:02 87040 ----a-w- c:\windows\system32\msoert2.dll
2011-09-16 01:39:59 2836992 ----a-w- c:\program files\windows mail\MSOERES.dll
2011-09-16 01:39:58 1614848 ----a-w- c:\program files\windows mail\msoe.dll
2011-09-16 01:39:43 397312 ----a-w- c:\program files\windows mail\WinMail.exe
2011-09-16 01:39:39 81408 ----a-w- c:\program files\windows mail\oeimport.dll
2011-09-16 01:39:39 24064 ----a-w- c:\program files\common files\system\DirectDB.dll
2011-09-16 01:36:58 15360 ----a-w- c:\windows\system32\netevent.dll
2011-09-16 01:36:57 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-16 01:36:57 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-16 01:36:57 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-16 01:36:56 103936 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-16 01:36:56 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-16 01:36:55 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-16 01:36:55 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-16 01:36:55 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-16 01:26:31 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-09-16 01:25:59 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-09-16 01:21:28 -------- d-----w- c:\program files\Microsoft
2011-09-16 01:20:49 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-09-16 01:16:17 -------- d-----w- c:\windows\PCHEALTH
2011-09-16 01:16:01 4927864 ----a-w- c:\program files\common files\windows live\.cache\327e145a1cc740e\Silverlight.2.0.exe
2011-09-16 01:10:10 74520 ----a-w- c:\program files\common files\windows live\.cache\613862241cc740d\DSETUP.dll
2011-09-16 01:10:10 484632 ----a-w- c:\program files\common files\windows live\.cache\613862241cc740d\DXSETUP.exe
2011-09-16 01:10:10 1670936 ----a-w- c:\program files\common files\windows live\.cache\613862241cc740d\dsetup32.dll
2011-09-16 00:57:49 -------- d-----w- c:\program files\common files\Windows Live
2011-09-16 00:56:16 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2011-09-16 00:56:14 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2011-09-16 00:56:09 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2011-09-16 00:56:07 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2011-09-16 00:56:07 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2011-09-16 00:56:06 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2011-09-16 00:56:05 28344 ----a-w- c:\windows\system32\drivers\battc.sys
2011-09-16 00:56:01 542720 ----a-w- c:\windows\system32\sysmain.dll
2011-09-16 00:54:38 194560 ----a-w- c:\windows\system32\WebClnt.dll
2011-09-16 00:54:38 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2011-09-16 00:53:11 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2011-09-16 00:53:07 47104 ----a-w- c:\windows\system32\wlanapi.dll
2011-09-16 00:53:06 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2011-09-16 00:53:06 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2011-09-16 00:53:05 502272 ----a-w- c:\windows\system32\wlansvc.dll
2011-09-16 00:53:04 297984 ----a-w- c:\windows\system32\wlansec.dll
2011-09-16 00:50:48 1260032 ----a-w- c:\windows\system32\msxml3.dll
2011-09-16 00:50:46 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-09-16 00:50:43 1406464 ----a-w- c:\windows\system32\msxml6.dll
2011-09-16 00:50:42 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-09-16 00:48:49 216576 ----a-w- c:\windows\system32\msv1_0.dll
2011-09-16 00:46:56 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-09-16 00:46:56 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-09-16 00:46:55 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-09-16 00:45:40 49664 ----a-w- c:\windows\system32\csrsrv.dll
2011-09-16 00:45:39 376320 ----a-w- c:\windows\system32\winsrv.dll
2011-09-16 00:44:19 2855424 ----a-w- c:\windows\system32\mf.dll
2011-09-16 00:44:18 98816 ----a-w- c:\windows\system32\mfps.dll
2011-09-16 00:44:18 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2011-09-16 00:44:17 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-09-16 00:44:17 2048 ----a-w- c:\windows\system32\mferror.dll
2011-09-16 00:42:10 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-09-16 00:42:10 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-09-16 00:37:35 376832 ----a-w- c:\windows\system32\winhttp.dll
2011-09-16 00:35:59 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-09-16 00:34:40 71680 ----a-w- c:\windows\system32\atl.dll
2011-09-16 00:32:28 297472 ----a-w- c:\windows\system32\gdi32.dll
2011-09-16 00:31:21 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-16 00:31:19 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2011-09-16 00:30:17 374456 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-09-16 00:29:19 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-16 00:29:19 30208 ----a-w- c:\windows\system32\xolehlp.dll
2011-09-16 00:27:52 156160 ----a-w- c:\windows\system32\wkssvc.dll
2011-09-16 00:26:33 36352 ----a-w- c:\windows\system32\tsgqec.dll
2011-09-16 00:26:33 116736 ----a-w- c:\windows\system32\aaclient.dll
2011-09-16 00:26:32 1871872 ----a-w- c:\windows\system32\mstscax.dll
2011-09-16 00:24:58 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-16 00:23:03 414208 ----a-w- c:\windows\system32\msscp.dll
2011-09-16 00:22:04 713728 ----a-w- c:\windows\system32\timedate.cpl
2011-09-16 00:20:10 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2011-09-16 00:18:20 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2011-09-16 00:18:19 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2011-09-16 00:18:18 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2011-09-16 00:18:12 86016 ----a-w- c:\windows\system32\icfupgd.dll
2011-09-16 00:18:12 16896 ----a-w- c:\windows\system32\wfapigp.dll
2011-09-16 00:18:10 61952 ----a-w- c:\windows\system32\cmifw.dll
2011-09-16 00:14:22 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-09-16 00:14:20 10922496 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-09-16 00:14:19 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2011-09-16 00:14:19 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2011-09-16 00:03:28 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-16 00:00:19 696832 ----a-w- c:\windows\system32\localspl.dll
2011-09-15 23:58:07 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2011-09-15 23:58:06 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2011-09-15 23:58:06 20024 ----a-w- c:\windows\system32\drivers\viaide.sys
2011-09-15 23:58:05 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2011-09-15 23:58:01 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2011-09-15 23:58:00 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-09-15 23:56:30 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2011-09-15 23:55:00 2923520 ----a-w- c:\windows\explorer.exe
2011-09-15 23:53:23 229888 ----a-w- c:\windows\system32\msshsq.dll
2011-09-15 23:51:52 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-15 23:51:52 192000 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-15 23:51:51 8704 ----a-w- c:\windows\system32\hcrstco.dll
2011-09-15 23:51:51 8704 ----a-w- c:\windows\system32\hccoin.dll
2011-09-15 23:51:51 23040 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-15 23:51:50 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-15 23:51:50 224768 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-15 23:46:33 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-09-15 23:44:17 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-09-15 23:44:15 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-09-15 23:44:13 72704 ----a-w- c:\windows\system32\secur32.dll
2011-09-15 23:44:13 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-15 23:44:12 7680 ----a-w- c:\windows\system32\lsass.exe
2011-09-15 23:44:12 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2011-09-15 23:43:57 272384 ----a-w- c:\windows\system32\schannel.dll
2011-09-15 23:41:42 24064 ----a-w- c:\windows\system32\netcfg.exe
2011-09-15 23:38:59 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2011-09-15 23:37:59 3102720 ----a-w- c:\windows\system32\NlsData004c.dll
2011-09-15 23:27:15 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-09-15 23:27:15 220672 ----a-w- c:\windows\system32\l3codecp.acm
2011-09-15 23:21:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-09-15 23:21:27 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2011-09-15 23:21:27 179712 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-09-15 23:21:27 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-09-15 23:21:26 815104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-15 23:21:26 22016 ----a-w- c:\windows\system32\netiougc.exe
2011-09-15 23:21:26 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2011-09-15 23:21:01 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5caaff64-cd8b-41c2-b58f-3180e174a3ca}\gapaengine.dll
2011-09-15 23:18:22 7152464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d34b19d5-0ce4-410a-9f72-296167d9105b}\mpengine.dll
2011-09-15 23:18:14 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-09-15 23:17:34 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2011-09-15 23:17:34 223232 ----a-w- c:\windows\system32\WMASF.DLL
2011-09-15 23:17:34 2048 ----a-w- c:\windows\system32\asferror.dll
2011-09-15 23:16:58 25600 ----a-w- c:\windows\system32\amxread.dll
2011-09-15 23:16:58 14848 ----a-w- c:\windows\system32\apilogen.dll
2011-09-15 23:16:11 33280 ----a-w- c:\windows\system32\slwmi.dll
2011-09-15 23:16:11 268288 ----a-w- c:\windows\system32\mcbuilder.exe
2011-09-15 23:16:11 223232 ----a-w- c:\windows\system32\SLC.dll
2011-09-15 23:16:10 57856 ----a-w- c:\windows\system32\SLUINotify.dll
2011-09-15 23:16:10 566784 ----a-w- c:\windows\system32\SLCommDlg.dll
2011-09-15 23:16:10 351232 ----a-w- c:\windows\system32\SLUI.exe
2011-09-15 23:16:10 186368 ----a-w- c:\windows\system32\SLLUA.exe
2011-09-15 23:16:08 39936 ----a-w- c:\windows\system32\slcinst.dll
2011-09-15 23:16:08 2605568 ----a-w- c:\windows\system32\SLsvc.exe
2011-09-15 23:15:19 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-09-15 23:15:18 712192 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-09-15 23:15:17 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-09-15 23:14:24 97792 ----a-w- c:\windows\system32\cabview.dll
2011-09-15 23:12:51 61440 ----a-w- c:\windows\system32\ntprint.exe
2011-09-15 23:12:50 220160 ----a-w- c:\windows\system32\ntprint.dll
2011-09-15 23:12:49 120320 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2011-09-15 23:12:49 10240 ----a-w- c:\windows\system32\dhcpcmonitor.dll
2011-09-15 23:12:48 1984512 ----a-w- c:\windows\system32\authui.dll
2011-09-15 23:12:46 69632 ----a-w- c:\windows\system32\sendmail.dll
2011-09-15 23:12:45 8138240 ----a-w- c:\windows\system32\ssBranded.scr
2011-09-15 23:11:37 441856 ----a-w- c:\windows\system32\win32spl.dll
2011-09-15 23:11:37 37376 ----a-w- c:\windows\system32\printcom.dll
2011-09-15 23:11:06 2031104 ----a-w- c:\windows\system32\win32k.sys
2011-09-15 23:10:35 14848 ----a-w- c:\windows\system32\wshrm.dll
2011-09-15 23:10:35 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-09-15 23:09:45 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-09-15 23:09:45 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-09-15 23:09:45 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-09-15 23:08:24 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-09-15 23:08:24 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-09-15 23:08:24 312320 ----a-w- c:\windows\system32\msdrm.dll
2011-09-15 23:08:24 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-09-15 23:08:24 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-09-15 23:08:23 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-09-15 23:08:23 515584 ----a-w- c:\windows\system32\RMActivate.exe
2011-09-15 23:08:23 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2011-09-15 23:08:23 472576 ----a-w- c:\windows\system32\secproc.dll
2011-09-15 23:07:41 66048 ----a-w- c:\program files\windows sidebar\sbdrop.dll
2011-09-15 23:07:40 1232896 ----a-w- c:\program files\windows sidebar\sidebar.exe
2011-09-15 23:07:40 11776 ----a-w- c:\windows\system32\sbunattend.exe
2011-09-15 23:07:04 -------- d-----r- c:\program files\Skype
2011-09-15 23:06:05 83968 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-09-15 23:06:04 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-09-15 23:05:46 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2011-09-15 23:04:57 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-15 23:04:53 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-15 23:04:53 1686528 ----a-w- c:\windows\system32\gameux.dll
2011-09-15 23:04:05 94720 ----a-w- c:\windows\system32\logagent.exe
2011-09-15 23:04:04 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-09-15 23:03:18 765952 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-09-15 23:03:10 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2011-09-15 23:02:49 84480 ----a-w- c:\windows\system32\INETRES.dll
2011-09-15 23:02:49 737792 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-15 23:02:23 60928 ----a-w- c:\windows\system32\msasn1.dll
2011-09-15 23:01:58 1645568 ----a-w- c:\windows\system32\connect.dll
2011-09-15 23:01:32 5120 ----a-w- c:\windows\system32\wmi.dll
2011-09-15 23:01:32 152576 ----a-w- c:\windows\system32\imagehlp.dll
2011-09-15 23:01:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2011-09-15 23:00:23 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2011-09-15 22:59:40 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-09-15 22:59:24 974336 ----a-w- c:\windows\system32\crypt32.dll
2011-09-15 22:59:10 274432 ----a-w- c:\windows\system32\raschap.dll
2011-09-15 22:59:10 232960 ----a-w- c:\windows\system32\rastls.dll
2011-09-15 22:58:48 321536 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-15 22:58:33 99840 ----a-w- c:\windows\system32\poqexec.exe
2011-09-15 22:58:25 633856 ----a-w- c:\windows\system32\user32.dll
2011-09-15 22:57:43 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-09-15 22:57:43 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-09-15 22:57:43 1327616 ----a-w- c:\windows\system32\quartz.dll
2011-09-15 22:57:43 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-09-15 22:57:42 88576 ----a-w- c:\windows\system32\avifil32.dll
2011-09-15 22:57:42 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-09-15 22:57:42 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-09-15 22:57:42 31232 ----a-w- c:\windows\system32\msvidc32.dll
2011-09-15 22:57:42 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-09-15 22:57:42 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-09-15 22:57:08 750080 ----a-w- c:\windows\system32\qmgr.dll
2011-09-15 22:56:55 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-09-15 22:55:52 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2011-09-15 22:55:50 7680 ----a-w- c:\windows\system32\spwmp.dll
2011-09-15 22:55:50 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-09-15 22:55:49 4096 ----a-w- c:\windows\system32\msdxm.ocx
2011-09-15 22:55:49 4096 ----a-w- c:\windows\system32\dxmasf.dll
2011-09-15 22:55:49 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2011-09-15 22:55:48 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2011-09-15 22:55:42 311296 ----a-w- c:\windows\system32\unregmp2.exe
2011-09-15 22:55:42 1418240 ----a-w- c:\program files\windows media player\setup_wm.exe
2011-09-15 20:26:40 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-09-15 20:26:10 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-09-15 20:25:52 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-09-15 20:25:52 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-09-15 19:49:43 -------- d-----w- c:\users\kabir\appdata\local\Google
2011-09-15 19:45:33 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-15 19:43:59 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2011-09-15 19:43:58 -------- d-----w- c:\program files\SpywareBlaster
2011-09-15 19:40:47 -------- d-----w- c:\users\kabir\appdata\roaming\Malwarebytes
2011-09-15 19:40:39 -------- d-----w- c:\programdata\Malwarebytes
2011-09-15 19:40:35 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-15 19:40:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-15 19:38:14 -------- d-----w- c:\users\kabir\appdata\roaming\ProgSense
2011-09-15 19:38:14 -------- d-----w- C:\Downloads
2011-09-15 19:38:03 -------- d-----w- c:\program files\Orbitdownloader
2011-09-15 19:22:22 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-15 19:22:01 -------- d-----w- c:\users\kabir\appdata\local\VirtualStore
2011-09-15 19:17:08 -------- d-sh--we C:\Documents and Settings
.
==================== Find3M ====================
.
2011-09-16 01:56:14 72704 ----a-w- c:\windows\system32\admparse.dll
2011-09-16 01:56:11 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2011-09-16 01:56:10 832512 ----a-w- c:\windows\system32\wininet.dll
2011-09-16 01:56:00 389120 ----a-w- c:\windows\system32\html.iec
2011-09-16 01:55:59 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-09-16 01:55:58 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-16 01:55:56 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-16 01:55:51 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-16 01:55:48 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-16 01:55:42 56320 ----a-w- c:\windows\system32\iesetup.dll
2011-09-15 23:39:41 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2011-09-15 23:38:58 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2011-09-15 23:37:59 3102720 ----a-w- c:\windows\system32\NlsData004e.dll
2011-09-15 23:16:58 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-09-15 23:04:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-09-15 23:04:56 2143744 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-09-15 23:04:55 449024 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-09-15 23:04:54 537600 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-09-15 23:04:54 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
.
============= FINISH: 22:31:28.34 ===============

Can any one please help? The malware is becoming worse day by day..

EDIT: Please be patient. There are over 140 unanswered topics in this forum at present and the current average wait time to receive help is 5-6 days. ~Budapest

Edited by Budapest, 19 September 2011 - 12:07 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 21 September 2011 - 09:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Your log is clean.

After a Format and new installation the infection could be coming from your Master Boot Record or your router.

Lets check it out.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html
===

Reboot your computer and reconnect.

If still have the same issue please run these tools.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Post the logs for my review.

#3 kabiraslam

kabiraslam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 21 September 2011 - 12:01 PM

Thanks for the reply brother :)
Well i dont that its the router because even when im not connected to the router, my browser keeps opening. As soon as i loggin it starts opening. Plus now there is another problem. whenever i try to open a website it keeps on going to blank because thats my homepage :S. I run super antispyware and everytime it decets upto 40 adware trojans(sometimes 1, 39. 15 etcetc) and i delete them all the time, though i dont know what that it. Do ltme know if i should still do the router steps. Im posting the logs. Thanks :)


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-21 21:29:58
-----------------------------
21:29:58.111 OS Version: Windows 6.0.6001 Service Pack 1
21:29:58.122 Number of processors: 1 586 0xE08
21:29:58.125 ComputerName: HOME UserName:
21:32:04.741 Initialize success
21:38:11.214 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:38:11.307 Disk 0 Vendor: FUJITSU_MHV2060BH_PL 00000029 Size: 57231MB BusType: 3
21:38:13.460 Disk 0 MBR read successfully
21:38:13.471 Disk 0 MBR scan
21:38:13.482 Disk 0 Windows VISTA default MBR code
21:38:13.507 Disk 0 scanning sectors +117207040
21:38:13.641 Disk 0 scanning C:\Windows\system32\drivers
21:41:13.129 Service scanning
21:42:43.715 Service MpKslc399b49c C:\ProgramData\Microsoft\Microsoft Antimalware\Definition

Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKslc399b49c.sys **LOCKED** 32
21:42:44.033 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:42:48.524 Modules scanning
21:45:02.669 Disk 0 trace - called modules:
21:45:02.783 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll viaide.sys
21:45:02.783 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b7f478]
21:45:02.794 3 CLASSPNP.SYS[865bc745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0

[0x83afc8a8]
21:45:02.795 Scan finished successfully
21:47:46.410 Disk 0 MBR has been saved successfully to "C:\Users\Kabir\Desktop\MBR.dat"
21:47:49.260 The log file has been saved successfully to "C:\Users\Kabir\Desktop\aswMBR.txt"



2011/09/21 21:51:32.0924 2980 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/21 21:51:42.0949 2980

================================================================================
2011/09/21 21:51:42.0949 2980 SystemInfo:
2011/09/21 21:51:42.0949 2980
2011/09/21 21:51:42.0949 2980 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/21 21:51:42.0949 2980 Product type: Workstation
2011/09/21 21:51:42.0949 2980 ComputerName: HOME
2011/09/21 21:51:42.0957 2980 UserName: Kabir
2011/09/21 21:51:42.0957 2980 Windows directory: C:\Windows
2011/09/21 21:51:42.0957 2980 System windows directory: C:\Windows
2011/09/21 21:51:42.0957 2980 Processor architecture: Intel x86
2011/09/21 21:51:42.0957 2980 Number of processors: 1
2011/09/21 21:51:42.0958 2980 Page size: 0x1000
2011/09/21 21:51:42.0959 2980 Boot type: Normal boot
2011/09/21 21:51:42.0959 2980

================================================================================
2011/09/21 21:52:00.0617 2980 Initialize success
2011/09/21 21:52:13.0086 3368

================================================================================
2011/09/21 21:52:13.0086 3368 Scan started
2011/09/21 21:52:13.0086 3368 Mode: Manual;
2011/09/21 21:52:13.0086 3368

================================================================================
2011/09/21 21:52:15.0861 3368 ACPI (fcb8c7210f0135e24c6580f7f649c73c)

C:\Windows\system32\drivers\acpi.sys
2011/09/21 21:52:16.0207 3368 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb)

C:\Windows\system32\drivers\adp94xx.sys
2011/09/21 21:52:16.0437 3368 adpahci (b84088ca3cdca97da44a984c6ce1ccad)

C:\Windows\system32\drivers\adpahci.sys
2011/09/21 21:52:16.0889 3368 adpu160m (7880c67bccc27c86fd05aa2afb5ea469)

C:\Windows\system32\drivers\adpu160m.sys
2011/09/21 21:52:17.0353 3368 adpu320 (9ae713f8e30efc2abccd84904333df4d)

C:\Windows\system32\drivers\adpu320.sys
2011/09/21 21:52:17.0966 3368 AFD (763e172a55177e478cb419f88fd0ba03)

C:\Windows\system32\drivers\afd.sys
2011/09/21 21:52:18.0822 3368 afw (5c4125d2af6ddbb6422ce5f6e9be7098)

C:\Windows\system32\DRIVERS\afw.sys
2011/09/21 21:52:19.0389 3368 afwcore (c223c5327ff06330b0251f1830fee1af)

C:\Windows\system32\drivers\afwcore.sys
2011/09/21 21:52:19.0842 3368 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a)

C:\Windows\system32\drivers\djsvs.sys
2011/09/21 21:52:20.0060 3368 aliide (90395b64600ebb4552e26e178c94b2e4)

C:\Windows\system32\drivers\aliide.sys
2011/09/21 21:52:20.0499 3368 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7)

C:\Windows\system32\drivers\amdagp.sys
2011/09/21 21:52:21.0008 3368 amdide (0577df1d323fe75a739c787893d300ea)

C:\Windows\system32\drivers\amdide.sys
2011/09/21 21:52:21.0665 3368 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5)

C:\Windows\system32\drivers\amdk7.sys
2011/09/21 21:52:21.0860 3368 AmdK8 (0ca0071da4315b00fc1328ca86b425da)

C:\Windows\system32\drivers\amdk8.sys
2011/09/21 21:52:22.0051 3368 ApfiltrService (7c2f57bce81fa74933f0e1c84a97c9db)

C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/21 21:52:22.0628 3368 arc (5f673180268bb1fdb69c99b6619fe379)

C:\Windows\system32\drivers\arc.sys
2011/09/21 21:52:23.0041 3368 arcsas (957f7540b5e7f602e44648c7de5a1c05)

C:\Windows\system32\drivers\arcsas.sys
2011/09/21 21:52:23.0350 3368 ASWFilt (1f9827d87260dad71555a34c7a8624c3)

C:\Windows\system32\Filt\ASWFilt.dll
2011/09/21 21:52:23.0707 3368 AsyncMac (53b202abee6455406254444303e87be1)

C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/21 21:52:24.0165 3368 atapi (2d9c903dc76a66813d350a562de40ed9)

C:\Windows\system32\drivers\atapi.sys
2011/09/21 21:52:25.0139 3368 ATE_PROCMON (8492eaadb882c0f0b38a40dee1206445) C:\Program

Files\Anti Trojan Elite\ATEPMon.sys
2011/09/21 21:52:25.0710 3368 athr (2846f5ee802889d500fcf5cc48b28381)

C:\Windows\system32\DRIVERS\athr.sys
2011/09/21 21:52:26.0235 3368 Beep (67e506b75bd5326a3ec7b70bd014dfb6)

C:\Windows\system32\drivers\Beep.sys
2011/09/21 21:52:26.0606 3368 bowser (74b442b2be1260b7588c136177ceac66)

C:\Windows\system32\DRIVERS\bowser.sys
2011/09/21 21:52:26.0983 3368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309)

C:\Windows\system32\drivers\brfiltlo.sys
2011/09/21 21:52:27.0214 3368 BrFiltUp (56801ad62213a41f6497f96dee83755a)

C:\Windows\system32\drivers\brfiltup.sys
2011/09/21 21:52:27.0693 3368 Brserid (b304e75cff293029eddf094246747113)

C:\Windows\system32\drivers\brserid.sys
2011/09/21 21:52:27.0989 3368 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b)

C:\Windows\system32\drivers\brserwdm.sys
2011/09/21 21:52:28.0475 3368 BrUsbMdm (bd456606156ba17e60a04e18016ae54b)

C:\Windows\system32\drivers\brusbmdm.sys
2011/09/21 21:52:29.0108 3368 BrUsbSer (af72ed54503f717a43268b3cc5faec2e)

C:\Windows\system32\drivers\brusbser.sys
2011/09/21 21:52:29.0431 3368 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68)

C:\Windows\system32\drivers\bthmodem.sys
2011/09/21 21:52:30.0149 3368 catchme (e59ac590ef2f9c4ed198a3b0b35dd274)

C:\Users\Kabir\AppData\Local\Temp\catchme.sys
2011/09/21 21:52:30.0702 3368 cdfs (7add03e75beb9e6dd102c3081d29840a)

C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/21 21:52:31.0629 3368 cdrom (1ec25cea0de6ac4718bf89f9e1778b57)

C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/21 21:52:32.0341 3368 circlass (da8e0afc7baa226c538ef53ac2f90897)

C:\Windows\system32\drivers\circlass.sys
2011/09/21 21:52:32.0845 3368 CLFS (465745561c832b29f7c48b488aab3842)

C:\Windows\system32\CLFS.sys
2011/09/21 21:52:33.0778 3368 CmBatt (99afc3795b58cc478fbbbcdc658fcb56)

C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/21 21:52:34.0271 3368 cmdide (45201046c776ffdaf3fc8a0029c581c8)

C:\Windows\system32\drivers\cmdide.sys
2011/09/21 21:52:34.0817 3368 Compbatt (6afef0b60fa25de07c0968983ee4f60a)

C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/21 21:52:35.0557 3368 crcdisk (2a213ae086bbec5e937553c7d9a2b22c)

C:\Windows\system32\drivers\crcdisk.sys
2011/09/21 21:52:36.0255 3368 Crusoe (22a7f883508176489f559ee745b5bf5d)

C:\Windows\system32\drivers\crusoe.sys
2011/09/21 21:52:36.0850 3368 DfsC (9e635ae5e8ad93e2b5989e2e23679f97)

C:\Windows\system32\Drivers\dfsc.sys
2011/09/21 21:52:37.0683 3368 disk (64109e623abd6955c8fb110b592e68b7)

C:\Windows\system32\drivers\disk.sys
2011/09/21 21:52:39.0076 3368 drmkaud (97fef831ab90bee128c9af390e243f80)

C:\Windows\system32\drivers\drmkaud.sys
2011/09/21 21:52:39.0800 3368 DXGKrnl (f8bf50a8d862f8cc089080bec509bca6)

C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/21 21:52:40.0588 3368 E1G60 (f88fb26547fd2ce6d0a5af2985892c48)

C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/21 21:52:41.0225 3368 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68)

C:\Windows\system32\drivers\ecache.sys
2011/09/21 21:52:42.0160 3368 elxstor (e8f3f21a71720c84bcf423b80028359f)

C:\Windows\system32\drivers\elxstor.sys
2011/09/21 21:52:42.0581 3368 exfat (0d858eb20589a34efb25695acaa6aa2d)

C:\Windows\system32\drivers\exfat.sys
2011/09/21 21:52:42.0728 3368 fastfat (3c489390c2e2064563727752af8eab9e)

C:\Windows\system32\drivers\fastfat.sys
2011/09/21 21:52:43.0061 3368 fdc (63bdada84951b9c03e641800e176898a)

C:\Windows\system32\DRIVERS\fdc.sys
2011/09/21 21:52:43.0471 3368 FET5X86V (ef89d20c8d1d8db34f5511f1d303d86f)

C:\Windows\system32\DRIVERS\fetnd5bv.sys
2011/09/21 21:52:43.0781 3368 FETND6V (eed13b8876a8aa9e8c1f77d08e002690)

C:\Windows\system32\DRIVERS\fetnd6v.sys
2011/09/21 21:52:44.0051 3368 FETNDIS (b2b2c38e916184ff8523c7439ddd417f)

C:\Windows\system32\DRIVERS\fetnd5.sys
2011/09/21 21:52:44.0336 3368 FileInfo (a8c0139a884861e3aae9cfe73b208a9f)

C:\Windows\system32\drivers\fileinfo.sys
2011/09/21 21:52:44.0694 3368 Filetrace (0ae429a696aecbc5970e3cf2c62635ae)

C:\Windows\system32\drivers\filetrace.sys
2011/09/21 21:52:45.0190 3368 flpydisk (6603957eff5ec62d25075ea8ac27de68)

C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/21 21:52:45.0438 3368 FltMgr (05ea53afe985443011e36dab07343b46)

C:\Windows\system32\drivers\fltmgr.sys
2011/09/21 21:52:45.0748 3368 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198)

C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/21 21:52:46.0135 3368 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5)

C:\Windows\system32\drivers\gagp30kx.sys
2011/09/21 21:52:46.0968 3368 HdAudAddService (cf2e6fb5a3a44c2c354e47ab0991c0bd)

C:\Windows\system32\drivers\viahduaa.sys
2011/09/21 21:52:47.0287 3368 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99)

C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/21 21:52:47.0667 3368 HidBth (1338520e78d90154ed6be8f84de5fceb)

C:\Windows\system32\drivers\hidbth.sys
2011/09/21 21:52:48.0172 3368 HidIr (ff3160c3a2445128c5a6d9b076da519e)

C:\Windows\system32\drivers\hidir.sys
2011/09/21 21:52:48.0439 3368 HidUsb (854ca287ab7faf949617a788306d967e)

C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/21 21:52:48.0670 3368 HpCISSs (df353b401001246853763c4b7aaa6f50)

C:\Windows\system32\drivers\hpcisss.sys
2011/09/21 21:52:49.0273 3368 HSFHWAZL (46d67209550973257601a533e2ac5785)

C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/21 21:52:50.0362 3368 HSF_DPV (efed6bd9b9d5f407adca918bbe2d410d)

C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/21 21:52:51.0220 3368 HSXHWAZL (c2eb8396c46e13f76037d70eae8820a9)

C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/21 21:52:52.0174 3368 HTTP (33b02459e86d0a2b86a6b9fe19139390)

C:\Windows\system32\drivers\HTTP.sys
2011/09/21 21:52:52.0937 3368 i2omp (324c2152ff2c61abae92d09f3cca4d63)

C:\Windows\system32\drivers\i2omp.sys
2011/09/21 21:52:53.0676 3368 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd)

C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/21 21:52:54.0054 3368 iaStorV (c957bf4b5d80b46c5017bf0101e6c906)

C:\Windows\system32\drivers\iastorv.sys
2011/09/21 21:52:54.0618 3368 iirsp (2d077bf86e843f901d8db709c95b49a5)

C:\Windows\system32\drivers\iirsp.sys
2011/09/21 21:52:54.0797 3368 intelide (97469037714070e45194ed318d636401)

C:\Windows\system32\drivers\intelide.sys
2011/09/21 21:52:54.0913 3368 intelppm (224191001e78c89dfa78924c3ea595ff)

C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/21 21:52:55.0452 3368 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3)

C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/21 21:52:55.0721 3368 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17)

C:\Windows\system32\drivers\ipmidrv.sys
2011/09/21 21:52:55.0956 3368 IPNAT (8793643a67b42cec66490b2a0cf92d68)

C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/21 21:52:56.0107 3368 IRENUM (109c0dfb82c3632fbd11949b73aeeac9)

C:\Windows\system32\drivers\irenum.sys
2011/09/21 21:52:56.0658 3368 isapnp (350fca7e73cf65bcef43fae1e4e91293)

C:\Windows\system32\drivers\isapnp.sys
2011/09/21 21:52:57.0180 3368 iScsiPrt (f247eec28317f6c739c16de420097301)

C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/21 21:52:57.0771 3368 iteatapi (bced60d16156e428f8df8cf27b0df150)

C:\Windows\system32\drivers\iteatapi.sys
2011/09/21 21:52:58.0557 3368 iteraid (06fa654504a498c30adca8bec4e87e7e)

C:\Windows\system32\drivers\iteraid.sys
2011/09/21 21:52:59.0194 3368 kbdclass (37605e0a8cf00cbba538e753e4344c6e)

C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/21 21:52:59.0794 3368 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3)

C:\Windows\system32\drivers\kbdhid.sys
2011/09/21 21:53:02.0450 3368 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a)

C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/09/21 21:53:03.0327 3368 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca)

C:\Windows\system32\Drivers\ksecdd.sys
2011/09/21 21:53:04.0312 3368 lltdio (d1c5883087a0c3f1344d9d55a44901f6)

C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/21 21:53:05.0303 3368 LSI_FC (a2262fb9f28935e862b4db46438c80d2)

C:\Windows\system32\drivers\lsi_fc.sys
2011/09/21 21:53:05.0876 3368 LSI_SAS (30d73327d390f72a62f32c103daf1d6d)

C:\Windows\system32\drivers\lsi_sas.sys
2011/09/21 21:53:06.0690 3368 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3)

C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/21 21:53:07.0753 3368 luafv (8f5c7426567798e62a3b3614965d62cc)

C:\Windows\system32\drivers\luafv.sys
2011/09/21 21:53:08.0330 3368 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76)

C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/21 21:53:08.0883 3368 megasas (d153b14fc6598eae8422a2037553adce)

C:\Windows\system32\drivers\megasas.sys
2011/09/21 21:53:09.0591 3368 Modem (e13b5ea0f51ba5b1512ec671393d09ba)

C:\Windows\system32\drivers\modem.sys
2011/09/21 21:53:09.0973 3368 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8)

C:\Windows\system32\DRIVERS\monitor.sys
2011/09/21 21:53:11.0402 3368 mouclass (5bf6a1326a335c5298477754a506d263)

C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/21 21:53:12.0661 3368 mouhid (93b8d4869e12cfbe663915502900876f)

C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/21 21:53:13.0962 3368 MountMgr (bdafc88aa6b92f7842416ea6a48e1600)

C:\Windows\system32\drivers\mountmgr.sys
2011/09/21 21:53:14.0347 3368 MpFilter (fee0baded54222e9f1dae9541212aab1)

C:\Windows\system32\DRIVERS\MpFilter.sys
2011/09/21 21:53:15.0779 3368 mpio (583a41f26278d9e0ea548163d6139397)

C:\Windows\system32\drivers\mpio.sys
2011/09/21 21:53:16.0811 3368 MpKsl1e8afeec (5f53edfead46fa7adb78eee9ecce8fdf)

C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-

E9B9114B87CE}\MpKsl1e8afeec.sys
2011/09/21 21:53:19.0705 3368 MpKsl9d30adf7 (5f53edfead46fa7adb78eee9ecce8fdf)

C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-

E9B9114B87CE}\MpKsl9d30adf7.sys
2011/09/21 21:53:21.0258 3368 MpKslc399b49c (5f53edfead46fa7adb78eee9ecce8fdf)

C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-

E9B9114B87CE}\MpKslc399b49c.sys
2011/09/21 21:53:22.0256 3368 MpNWMon (2c3489660d4a8d514c123c3f0d67df46)

C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/09/21 21:53:23.0004 3368 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e)

C:\Windows\system32\drivers\mpsdrv.sys
2011/09/21 21:53:23.0430 3368 Mraid35x (4fbbb70d30fd20ec51f80061703b001e)

C:\Windows\system32\drivers\mraid35x.sys
2011/09/21 21:53:24.0409 3368 MRxDAV (ae3de84536b6799d2267443cec8edbb9)

C:\Windows\system32\drivers\mrxdav.sys
2011/09/21 21:53:25.0464 3368 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74)

C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/21 21:53:26.0153 3368 mrxsmb10 (8a75752ae17924f65452746674b14b78)

C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/21 21:53:26.0891 3368 mrxsmb20 (f4d0f3252e651f02be64984ffa738394)

C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/21 21:53:28.0245 3368 msahci (742aed7939e734c36b7e8d6228ce26b7)

C:\Windows\system32\drivers\msahci.sys
2011/09/21 21:53:28.0446 3368 msdsm (3fc82a2ae4cc149165a94699183d3028)

C:\Windows\system32\drivers\msdsm.sys
2011/09/21 21:53:29.0725 3368 Msfs (a9927f4a46b816c92f461acb90cf8515)

C:\Windows\system32\drivers\Msfs.sys
2011/09/21 21:53:30.0161 3368 msisadrv (0f400e306f385c56317357d6dea56f62)

C:\Windows\system32\drivers\msisadrv.sys
2011/09/21 21:53:30.0477 3368 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07)

C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/21 21:53:30.0736 3368 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e)

C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/21 21:53:31.0001 3368 MSPQM (b572da05bf4e098d4bba3a4734fb505b)

C:\Windows\system32\drivers\MSPQM.sys
2011/09/21 21:53:31.0306 3368 MsRPC (b5614aecb05a9340aa0fb55bf561cc63)

C:\Windows\system32\drivers\MsRPC.sys
2011/09/21 21:53:32.0091 3368 mssmbios (e384487cb84be41d09711c30ca79646c)

C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/21 21:53:32.0855 3368 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a)

C:\Windows\system32\drivers\MSTEE.sys
2011/09/21 21:53:33.0541 3368 Mup (6dfd1d322de55b0b7db7d21b90bec49c)

C:\Windows\system32\Drivers\mup.sys
2011/09/21 21:53:34.0398 3368 NativeWifiP (dd721f8635191132992e7ceaa3c43c84)

C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/21 21:53:35.0483 3368 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1)

C:\Windows\system32\drivers\ndis.sys
2011/09/21 21:53:36.0797 3368 NdisTapi (0e186e90404980569fb449ba7519ae61)

C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/21 21:53:37.0425 3368 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389)

C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/21 21:53:38.0368 3368 NdisWan (3d14c3b3496f88890d431e8aa022a411)

C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/21 21:53:39.0093 3368 NDProxy (71dab552b41936358f3b541ae5997fb3)

C:\Windows\system32\drivers\NDProxy.sys
2011/09/21 21:53:39.0808 3368 NetBIOS (bcd093a5a6777cf626434568dc7dba78)

C:\Windows\system32\DRIVERS\netbios.sys
2011/09/21 21:53:40.0443 3368 netbt (7c5fee5b1c5728507cd96fb4a13e7a02)

C:\Windows\system32\DRIVERS\netbt.sys
2011/09/21 21:53:40.0835 3368 nfrd960 (2e7fb731d4790a1bc6270accefacb36e)

C:\Windows\system32\drivers\nfrd960.sys
2011/09/21 21:53:41.0011 3368 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb)

C:\Windows\system32\drivers\Npfs.sys
2011/09/21 21:53:41.0666 3368 nsiproxy (609773e344a97410ce4ebf74a8914fcf)

C:\Windows\system32\drivers\nsiproxy.sys
2011/09/21 21:53:42.0138 3368 Ntfs (b4effe29eb4f15538fd8a9681108492d)

C:\Windows\system32\drivers\Ntfs.sys
2011/09/21 21:53:45.0326 3368 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72)

C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/21 21:53:46.0224 3368 Null (c5dbbcda07d780bda9b685df333bb41e)

C:\Windows\system32\drivers\Null.sys
2011/09/21 21:53:46.0906 3368 nvraid (e69e946f80c1c31c53003bfbf50cbb7c)

C:\Windows\system32\drivers\nvraid.sys
2011/09/21 21:53:47.0644 3368 nvstor (9e0ba19a28c498a6d323d065db76dffc)

C:\Windows\system32\drivers\nvstor.sys
2011/09/21 21:53:48.0467 3368 nv_agp (07c186427eb8fcc3d8d7927187f260f7)

C:\Windows\system32\drivers\nv_agp.sys
2011/09/21 21:53:50.0328 3368 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5)

C:\Windows\system32\drivers\ohci1394.sys
2011/09/21 21:53:50.0863 3368 Parport (0fa9b5055484649d63c303fe404e5f4d)

C:\Windows\system32\drivers\parport.sys
2011/09/21 21:53:51.0074 3368 partmgr (3b38467e7c3daed009dfe359e17f139f)

C:\Windows\system32\drivers\partmgr.sys
2011/09/21 21:53:51.0639 3368 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112)

C:\Windows\system32\drivers\parvdm.sys
2011/09/21 21:53:52.0371 3368 pci (01b94418deb235dff777cc80076354b4)

C:\Windows\system32\drivers\pci.sys
2011/09/21 21:53:52.0948 3368 pciide (3b1901e401473e03eb8c874271e50c26)

C:\Windows\system32\drivers\pciide.sys
2011/09/21 21:53:53.0646 3368 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5)

C:\Windows\system32\drivers\pcmcia.sys
2011/09/21 21:53:54.0409 3368 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92)

C:\Windows\system32\drivers\peauth.sys
2011/09/21 21:53:55.0159 3368 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1)

C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/21 21:53:55.0674 3368 Processor (0e3cef5d28b40cf273281d620c50700a)

C:\Windows\system32\drivers\processr.sys
2011/09/21 21:53:56.0272 3368 PSched (a114cfe308c24b8235b03cfdffe11e99)

C:\Windows\system32\DRIVERS\pacer.sys
2011/09/21 21:53:56.0847 3368 ql2300 (ccdac889326317792480c0a67156a1ec)

C:\Windows\system32\drivers\ql2300.sys
2011/09/21 21:53:57.0144 3368 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b)

C:\Windows\system32\drivers\ql40xx.sys
2011/09/21 21:53:57.0529 3368 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7)

C:\Windows\system32\drivers\qwavedrv.sys
2011/09/21 21:53:57.0844 3368 RasAcd (147d7f9c556d259924351feb0de606c3)

C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/21 21:53:57.0970 3368 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0)

C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/21 21:53:58.0188 3368 RasPppoe (3e9d9b048107b40d87b97df2e48e0744)

C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/21 21:53:58.0373 3368 RasSstp (a7d141684e9500ac928a772ed8e6b671)

C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/21 21:53:58.0523 3368 rdbss (6e1c5d0457622f9ee35f683110e93d14)

C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/21 21:53:58.0728 3368 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899)

C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/21 21:53:58.0955 3368 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b)

C:\Windows\system32\drivers\rdpdr.sys
2011/09/21 21:53:59.0078 3368 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c)

C:\Windows\system32\drivers\rdpencdd.sys
2011/09/21 21:53:59.0236 3368 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e)

C:\Windows\system32\drivers\RDPWD.sys
2011/09/21 21:53:59.0666 3368 rspndr (9c508f4074a39e8b4b31d27198146fad)

C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/21 21:53:59.0822 3368 S3GIGP (be78d6f4e1c1140d8453ca9fe3c2b34b)

C:\Windows\system32\DRIVERS\VTGKModeDX32.sys
2011/09/21 21:54:00.0750 3368 SandBox (a981b8e884f25701e58c55b3c44d869e)

C:\Windows\system32\drivers\SandBox.sys
2011/09/21 21:54:01.0727 3368 SASDIFSV (39763504067962108505bff25f024345) C:\Program

Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/09/21 21:54:03.0627 3368 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program

Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/09/21 21:54:04.0709 3368 sbp2port (3ce8f073a557e172b330109436984e30)

C:\Windows\system32\drivers\sbp2port.sys
2011/09/21 21:54:05.0321 3368 secdrv (90a3935d05b494a5a39d37e71f09a677)

C:\Windows\system32\drivers\secdrv.sys
2011/09/21 21:54:06.0183 3368 Serenum (68e44e331d46f0fb38f0863a84cd1a31)

C:\Windows\system32\drivers\serenum.sys
2011/09/21 21:54:06.0658 3368 Serial (c70d69a918b178d3c3b06339b40c2e1b)

C:\Windows\system32\drivers\serial.sys
2011/09/21 21:54:07.0083 3368 sermouse (8af3d28a879bf75db53a0ee7a4289624)

C:\Windows\system32\drivers\sermouse.sys
2011/09/21 21:54:07.0281 3368 sffdisk (103b79418da647736ee95645f305f68a)

C:\Windows\system32\drivers\sffdisk.sys
2011/09/21 21:54:07.0650 3368 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee)

C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/21 21:54:07.0918 3368 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614)

C:\Windows\system32\drivers\sffp_sd.sys
2011/09/21 21:54:08.0067 3368 sfloppy (46ed8e91793b2e6f848015445a0ac188)

C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/21 21:54:08.0916 3368 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa)

C:\Windows\system32\drivers\sisraid2.sys
2011/09/21 21:54:09.0145 3368 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7)

C:\Windows\system32\drivers\sisraid4.sys
2011/09/21 21:54:09.0338 3368 Smb (031e6bcd53c9b2b9ace111eafec347b6)

C:\Windows\system32\DRIVERS\smb.sys
2011/09/21 21:54:09.0412 3368 spldr (7aebdeef071fe28b0eef2cdd69102bff)

C:\Windows\system32\drivers\spldr.sys
2011/09/21 21:54:09.0548 3368 srv (8e5fc19b3b38364c5f44ccecec5248e9)

C:\Windows\system32\DRIVERS\srv.sys
2011/09/21 21:54:09.0789 3368 srv2 (4ceeb95e0b79e48b81f2da0a6c24c64b)

C:\Windows\system32\DRIVERS\srv2.sys
2011/09/21 21:54:09.0897 3368 srvnet (f9c65e1e00a6bbf7c57d9b8ea068c525)

C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/21 21:54:10.0022 3368 swenum (7ba58ecf0c0a9a69d44b3dca62becf56)

C:\Windows\system32\DRIVERS\swenum.sys
2011/09/21 21:54:10.0204 3368 Symc8xx (192aa3ac01df071b541094f251deed10)

C:\Windows\system32\drivers\symc8xx.sys
2011/09/21 21:54:10.0316 3368 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125)

C:\Windows\system32\drivers\sym_hi.sys
2011/09/21 21:54:10.0423 3368 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb)

C:\Windows\system32\drivers\sym_u3.sys
2011/09/21 21:54:10.0692 3368 Tcpip (2eae4500984c2f8dacfb977060300a15)

C:\Windows\system32\drivers\tcpip.sys
2011/09/21 21:54:11.0148 3368 Tcpip6 (2eae4500984c2f8dacfb977060300a15)

C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/21 21:54:11.0851 3368 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b)

C:\Windows\system32\drivers\tcpipreg.sys
2011/09/21 21:54:12.0379 3368 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56)

C:\Windows\system32\drivers\tdpipe.sys
2011/09/21 21:54:12.0474 3368 TDTCP (389c63e32b3cefed425b61ed92d3f021)

C:\Windows\system32\drivers\tdtcp.sys
2011/09/21 21:54:12.0601 3368 tdx (d09276b1fab033ce1d40dcbdf303d10f)

C:\Windows\system32\DRIVERS\tdx.sys
2011/09/21 21:54:12.0735 3368 TermDD (a048056f5e1a96a9bf3071b91741a5aa)

C:\Windows\system32\DRIVERS\termdd.sys
2011/09/21 21:54:12.0922 3368 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206)

C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/21 21:54:13.0046 3368 tunmp (caecc0120ac49e3d2f758b9169872d38)

C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/21 21:54:13.0149 3368 tunnel (6042505ff6fa9ac1ef7684d0e03b6940)

C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/21 21:54:13.0274 3368 uagp35 (7d33c4db2ce363c8518d2dfcf533941f)

C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/21 21:54:13.0419 3368 udfs (8b5088058fa1d1cd897a2113ccff6c58)

C:\Windows\system32\DRIVERS\udfs.sys
2011/09/21 21:54:13.0910 3368 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0)

C:\Windows\system32\drivers\uliagpkx.sys
2011/09/21 21:54:14.0038 3368 uliahci (3cd4ea35a6221b85dcc25daa46313f8d)

C:\Windows\system32\drivers\uliahci.sys
2011/09/21 21:54:14.0182 3368 UlSata (8514d0e5cd0534467c5fc61be94a569f)

C:\Windows\system32\drivers\ulsata.sys
2011/09/21 21:54:14.0245 3368 ulsata2 (38c3c6e62b157a6bc46594fada45c62b)

C:\Windows\system32\drivers\ulsata2.sys
2011/09/21 21:54:14.0435 3368 umbus (32cff9f809ae9aed85464492bf3e32d2)

C:\Windows\system32\DRIVERS\umbus.sys
2011/09/21 21:54:15.0066 3368 usbccgp (caf811ae4c147ffcd5b51750c7f09142)

C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/21 21:54:15.0166 3368 usbcir (e9476e6c486e76bc4898074768fb7131)

C:\Windows\system32\drivers\usbcir.sys
2011/09/21 21:54:15.0279 3368 usbehci (cebe90821810e76320155beba722fcf9)

C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/21 21:54:15.0368 3368 usbhub (cc6b28e4ce39951357963119ce47b143)

C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/21 21:54:15.0568 3368 usbohci (38dbc7dd6cc5a72011f187425384388b)

C:\Windows\system32\drivers\usbohci.sys
2011/09/21 21:54:15.0727 3368 usbprint (b51e52acf758be00ef3a58ea452fe360)

C:\Windows\system32\drivers\usbprint.sys
2011/09/21 21:54:15.0853 3368 USBSTOR (87ba6b83c5d19b69160968d07d6e2982)

C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/21 21:54:15.0953 3368 usbuhci (814d653efc4d48be3b04a307eceff56f)

C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/21 21:54:16.0176 3368 VBEngNT (8dfcd62c767741576bb9cd8da9854517)

C:\Windows\system32\drivers\VBEngNT.sys
2011/09/21 21:54:16.0325 3368 VBFilt (442e677f49d0e310a7b0841cb880e821)

C:\Windows\system32\Filt\VBFilt.dll
2011/09/21 21:54:16.0455 3368 vga (7d92be0028ecdedec74617009084b5ef)

C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/21 21:54:16.0559 3368 VgaSave (2e93ac0a1d8c79d019db6c51f036636c)

C:\Windows\System32\drivers\vga.sys
2011/09/21 21:54:16.0646 3368 viaagp (045d9961e591cf0674a920b6ba3ba5cb)

C:\Windows\system32\drivers\viaagp.sys
2011/09/21 21:54:16.0754 3368 ViaC7 (56a4de5f02f2e88182b0981119b4dd98)

C:\Windows\system32\drivers\viac7.sys
2011/09/21 21:54:16.0884 3368 viaide (aadf5587a4063f52c2c3fed7887426fc)

C:\Windows\system32\drivers\viaide.sys
2011/09/21 21:54:17.0070 3368 volmgr (69503668ac66c77c6cd7af86fbdf8c43)

C:\Windows\system32\drivers\volmgr.sys
2011/09/21 21:54:17.0238 3368 volmgrx (98f5ffe6316bd74e9e2c97206c190196)

C:\Windows\system32\drivers\volmgrx.sys
2011/09/21 21:54:17.0405 3368 volsnap (d8b4a53dd2769f226b3eb374374987c9)

C:\Windows\system32\drivers\volsnap.sys
2011/09/21 21:54:17.0557 3368 vsmraid (d984439746d42b30fc65a4c3546c6829)

C:\Windows\system32\drivers\vsmraid.sys
2011/09/21 21:54:17.0758 3368 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031)

C:\Windows\system32\drivers\wacompen.sys
2011/09/21 21:54:17.0908 3368 Wanarp (55201897378cca7af8b5efd874374a26)

C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/21 21:54:17.0964 3368 Wanarpv6 (55201897378cca7af8b5efd874374a26)

C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/21 21:54:18.0136 3368 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4)

C:\Windows\system32\drivers\wd.sys
2011/09/21 21:54:18.0272 3368 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96)

C:\Windows\system32\drivers\Wdf01000.sys
2011/09/21 21:54:18.0557 3368 winachsf (d0116c473ef3c381a42bb55036a1adb1)

C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/21 21:54:19.0642 3368 WmiAcpi (701a9f884a294327e9141d73746ee279)

C:\Windows\system32\drivers\wmiacpi.sys
2011/09/21 21:54:20.0070 3368 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c)

C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/21 21:54:20.0613 3368 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6)

C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/21 21:54:20.0997 3368 XAudio (22a08b9faecd6a306868f59b7f03f188)

C:\Windows\system32\DRIVERS\XAudio32.sys
2011/09/21 21:54:21.0211 3368 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36)

\Device\Harddisk0\DR0
2011/09/21 21:54:21.0357 3368 Boot (0x1200) (fc6c5955f12b4468465dac3d7ad6c8ee)

\Device\Harddisk0\DR0\Partition0
2011/09/21 21:54:21.0483 3368 Boot (0x1200) (e78c9d62ce5d849a92cb4a81fa4e0cbb)

\Device\Harddisk0\DR0\Partition1
2011/09/21 21:54:21.0536 3368

================================================================================
2011/09/21 21:54:21.0536 3368 Scan finished
2011/09/21 21:54:21.0536 3368

================================================================================
2011/09/21 21:54:21.0577 3384 Detected object count: 0
2011/09/21 21:54:21.0577 3384 Actual detected object count: 0

Attached Files

  • Attached File  MBR.zip   569bytes   0 downloads


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 21 September 2011 - 05:34 PM

Now run the aswMBR.exe tool. Select the FixMBR button.

Important > you need to wait for the tool to report ... Infection fixed successfully
Do not reboot the machine until it has said so.

When you see the message restart the computer normally.

Post the log.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Please post the logs and let me know what problem persists.

#5 kabiraslam

kabiraslam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 22 September 2011 - 04:23 AM

Here are the logs. Well since tomorrow I used the laptop for an hour or so and i face no issues what so ever. I hope it stays the same :D


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-22 13:15:15
-----------------------------
13:15:15.278 OS Version: Windows 6.0.6001 Service Pack 1
13:15:15.278 Number of processors: 1 586 0xE08
13:15:15.280 ComputerName: HOME UserName:
13:15:16.046 Initialize success
13:16:58.416 Verifying
13:17:08.432 Disk 0 Windows 600 MBR fixed successfully
13:20:47.741 Disk 0 MBR has been saved successfully to "C:\Users\Kabir\Desktop\MBR.dat"
13:20:47.848 The log file has been saved successfully to "C:\Users\Kabir\Desktop\aswMBR1.txt"


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-22 13:23:20
-----------------------------
13:23:20.082 OS Version: Windows 6.0.6001 Service Pack 1
13:23:20.083 Number of processors: 1 586 0xE08
13:23:20.086 ComputerName: HOME UserName:
13:23:22.921 Initialize success
13:23:37.416 Verifying
13:23:47.437 Disk 0 Windows 600 MBR fixed successfully
13:24:09.155 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:24:09.165 Disk 0 Vendor: FUJITSU_MHV2060BH_PL 00000029 Size: 57231MB BusType: 3
13:24:11.246 Disk 0 MBR read successfully
13:24:11.255 Disk 0 MBR scan
13:24:11.263 Disk 0 Windows VISTA default MBR code
13:24:11.283 Disk 0 scanning sectors +117207040
13:24:11.571 Disk 0 scanning C:\Windows\system32\drivers
13:24:38.459 Service scanning
13:24:40.733 Service MpKslc399b49c C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKslc399b49c.sys **LOCKED** 32
13:24:40.746 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
13:24:41.809 Modules scanning
13:25:05.529 Disk 0 trace - called modules:
13:25:05.652 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll viaide.sys
13:25:05.683 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b7f478]
13:25:05.703 3 CLASSPNP.SYS[865bc745] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x83afc8a8]
13:25:05.725 Scan finished successfully
13:25:14.247 Verifying
13:25:24.272 Disk 0 Windows 600 MBR fixed successfully
13:25:45.080 Disk 0 MBR has been saved successfully to "C:\Users\Kabir\Desktop\MBR.dat"
13:25:45.122 The log file has been saved successfully to "C:\Users\Kabir\Desktop\aswMBR1.txt"





ComboFix 11-09-21.04 - Kabir 09/22/2011 13:43:44.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.958.393 [GMT 5:00]
Running from: c:\users\Kabir\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Outpost Security Suite *Disabled/Updated* {ECEA6BCD-A007-0BC7-D5A5-0254DCBD816E}
FW: Outpost Security Suite *Disabled* {D4D1EAE8-EA68-0A9F-FEFA-AB61226EC615}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Outpost Security Suite *Disabled/Updated* {578B8A29-863D-0449-EF15-3926A73ACBD3}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-08-22 to 2011-09-22 )))))))))))))))))))))))))))))))
.
.
2011-09-22 08:54 . 2011-09-22 08:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-21 16:38 . 2011-09-21 16:38 -------- d-----w- c:\programdata\WinZip
2011-09-21 16:03 . 2011-09-21 16:03 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKslc399b49c.sys
2011-09-21 10:58 . 2011-09-21 10:58 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKsl9d30adf7.sys
2011-09-19 05:13 . 2011-09-19 05:13 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKsl1e8afeec.sys
2011-09-19 05:03 . 2011-09-19 05:03 -------- d-----w- C:\PerfLogs
2011-09-19 00:25 . 2011-09-19 00:26 -------- d-----w- C:\ff0c06dc0c353b639e2f41c2367c9e13
2011-09-18 16:17 . 2011-08-16 03:48 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\mpengine.dll
2011-09-18 04:33 . 2008-01-05 11:23 2414136 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-18 04:33 . 2008-01-19 07:36 1541120 ----a-w- c:\windows\system32\onex.dll
2011-09-18 04:33 . 2008-01-19 07:33 2623488 ----a-w- c:\windows\system32\SLsvc.exe
2011-09-18 04:31 . 2008-01-19 07:36 750080 ----a-w- c:\windows\system32\propsys.dll
2011-09-18 04:30 . 2008-01-19 07:38 131640 ----a-w- c:\windows\system32\basecsp.dll
2011-09-18 04:29 . 2008-01-19 07:38 58936 ----a-w- c:\program files\Windows Defender\MpRtPlug.dll
2011-09-18 04:28 . 2008-01-19 07:36 135680 ----a-w- c:\windows\system32\wbem\wmipdskq.dll
2011-09-18 04:27 . 2008-01-19 07:37 56320 ----a-w- c:\windows\system32\wscmisetup.dll
2011-09-18 04:26 . 2008-01-19 07:36 24064 ----a-w- c:\windows\system32\srwmi.dll
2011-09-18 04:25 . 2008-01-19 05:52 25088 ----a-w- c:\windows\system32\drivers\vga.sys
2011-09-18 04:24 . 2008-01-19 07:34 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2011-09-18 04:24 . 2008-01-19 07:36 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2011-09-18 04:24 . 2008-01-19 07:36 742912 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-09-18 04:24 . 2008-01-19 07:36 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2011-09-18 04:24 . 2008-01-19 07:34 191488 ----a-w- c:\windows\system32\wbem\mofd.dll
2011-09-18 04:24 . 2008-01-19 07:34 263168 ----a-w- c:\windows\system32\wbem\esscli.dll
2011-09-18 04:24 . 2008-01-19 07:36 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2011-09-18 04:24 . 2008-01-19 07:36 264704 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2011-09-18 04:24 . 2008-01-19 07:36 129536 ----a-w- c:\windows\system32\sqmapi.dll
2011-09-18 04:24 . 2008-01-19 07:36 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2011-09-18 04:23 . 2008-01-19 07:36 704512 ----a-w- c:\windows\system32\SmiEngine.dll
2011-09-18 04:23 . 2008-01-19 07:36 218624 ----a-w- c:\windows\system32\wdscore.dll
2011-09-18 04:23 . 2008-01-19 07:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2011-09-18 04:22 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2011-09-18 04:22 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2011-09-18 04:22 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2011-09-18 04:22 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2011-09-18 01:44 . 2011-09-18 01:44 709968 ----a-w- c:\windows\is-U5I0V.exe
2011-09-18 01:27 . 2011-09-18 01:27 -------- d--h--w- c:\programdata\Common Files
2011-09-18 00:58 . 2011-09-18 01:27 -------- d-----w- c:\programdata\MFAData
2011-09-17 14:33 . 2011-09-17 15:35 -------- d-----w- c:\programdata\boost_interprocess
2011-09-17 14:27 . 2011-09-17 14:31 -------- d-----w- c:\program files\MpcStar
2011-09-17 10:40 . 2011-09-17 10:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-17 10:39 . 2011-09-17 17:41 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-17 08:48 . 2011-08-16 03:48 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-17 08:43 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-09-17 00:07 . 2011-05-30 02:16 1025824 ----a-w- c:\windows\system32\drivers\vbcorent.sys
2011-09-16 23:05 . 2011-02-02 12:04 242040 ----a-w- c:\windows\system32\drivers\VBEngNT.sys
2011-09-16 23:05 . 2011-03-21 11:27 708760 ----a-w- c:\windows\system32\drivers\SandBox.sys
2011-09-16 23:04 . 2010-09-27 10:37 328296 ----a-w- c:\windows\system32\drivers\afwcore.sys
2011-09-16 22:56 . 2010-04-20 11:01 34920 ----a-w- c:\windows\system32\drivers\afw.sys
2011-09-16 22:55 . 2011-09-17 20:00 -------- d-----w- c:\windows\system32\Filt
2011-09-16 22:55 . 2011-09-16 22:55 -------- d-----w- c:\program files\Agnitum
2011-09-16 22:54 . 2011-09-16 22:54 -------- d-----w- c:\programdata\Agnitum
2011-09-16 21:49 . 2011-09-16 21:49 -------- d-----w- c:\program files\BillP Studios
2011-09-16 21:49 . 2011-09-16 21:49 -------- d-----w- c:\programdata\InstallMate
2011-09-16 19:47 . 2011-09-16 19:47 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-09-16 19:46 . 2011-09-16 19:46 269312 ----a-w- c:\windows\system32\es.dll
2011-09-16 19:45 . 2011-09-16 19:45 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-09-16 19:45 . 2011-09-16 19:45 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-09-16 19:45 . 2011-09-16 19:45 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-09-16 06:25 . 2011-09-16 06:25 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-09-16 06:24 . 2011-09-16 06:24 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-09-16 06:24 . 2011-09-16 06:24 927288 ----a-w- c:\windows\system32\winresume.exe
2011-09-16 06:24 . 2011-09-16 06:24 988216 ----a-w- c:\windows\system32\winload.exe
2011-09-16 06:24 . 2011-09-16 06:24 40960 ----a-w- c:\windows\system32\srclient.dll
2011-09-16 06:24 . 2011-09-16 06:24 378368 ----a-w- c:\windows\system32\srcore.dll
2011-09-16 06:24 . 2011-09-16 06:24 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-09-16 06:24 . 2011-09-16 06:24 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-09-16 06:24 . 2011-09-16 06:24 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-09-16 06:24 . 2011-09-16 06:24 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-09-16 06:24 . 2011-09-16 06:24 615992 ----a-w- c:\windows\system32\ci.dll
2011-09-16 06:22 . 2011-09-16 06:22 551424 ----a-w- c:\windows\system32\rpcss.dll
2011-09-16 06:22 . 2011-09-16 06:22 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-09-16 06:22 . 2011-09-16 06:22 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-09-16 06:22 . 2011-09-16 06:22 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2011-09-16 06:22 . 2011-09-16 06:22 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2011-09-16 06:22 . 2011-09-16 06:22 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-16 06:22 . 2011-09-16 06:22 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2011-09-16 06:22 . 2011-09-16 06:22 54784 ----a-w- c:\windows\system32\iasads.dll
2011-09-16 06:22 . 2011-09-16 06:22 44032 ----a-w- c:\windows\system32\iasdatastore.dll
2011-09-16 06:22 . 2011-09-16 06:22 183296 ----a-w- c:\windows\system32\sdohlp.dll
2011-09-16 06:22 . 2011-09-16 06:22 17408 ----a-w- c:\windows\system32\iashost.exe
2011-09-16 06:22 . 2011-09-16 06:22 98304 ----a-w- c:\windows\system32\iasrecst.dll
2011-09-16 03:54 . 2011-09-16 03:54 -------- d-----w- c:\program files\Trend Micro
2011-09-16 03:51 . 2011-09-16 03:51 -------- d-----w- c:\program files\CCleaner
2011-09-16 03:44 . 2011-09-16 03:46 -------- d-----w- c:\program files\uTorrent
2011-09-16 02:02 . 2011-09-16 02:02 156672 ----a-w- c:\windows\system32\t2embed.dll
2011-09-16 02:02 . 2011-09-16 02:02 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-09-16 02:02 . 2011-09-16 02:02 289792 ----a-w- c:\windows\system32\atmfd.dll
2011-09-16 02:02 . 2011-09-16 02:02 23552 ----a-w- c:\windows\system32\lpk.dll
2011-09-16 02:02 . 2011-09-16 02:02 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-09-16 02:02 . 2011-09-16 02:02 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-09-16 01:54 . 2011-09-16 01:54 634648 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2011-09-16 01:54 . 2011-09-16 01:54 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-16 01:54 . 2011-09-16 01:54 129536 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-09-16 01:51 . 2011-09-16 01:51 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2011-09-16 01:50 . 2011-09-16 01:50 61440 ----a-w- c:\windows\system32\winipsec.dll
2011-09-16 01:50 . 2011-09-16 01:50 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-09-16 01:50 . 2011-09-16 01:50 272896 ----a-w- c:\windows\system32\polstore.dll
2011-09-16 01:44 . 2011-09-16 01:44 98304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-09-16 01:44 . 2011-09-16 01:44 301568 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-16 01:42 . 2011-09-16 01:42 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-16 01:42 . 2011-09-16 01:42 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-09-16 01:42 . 2011-09-16 01:42 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-09-16 01:36 . 2011-09-16 01:36 17920 ----a-w- c:\windows\system32\netevent.dll
2011-09-16 01:36 . 2011-09-16 01:36 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-16 01:36 . 2011-09-16 01:36 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-16 01:36 . 2011-09-16 01:36 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-16 01:36 . 2011-09-16 01:36 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-16 01:36 . 2011-09-16 01:36 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-16 01:36 . 2011-09-16 01:36 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-16 01:36 . 2011-09-16 01:36 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-16 01:36 . 2011-09-16 01:36 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-16 01:29 . 2011-09-16 19:51 -------- d-----w- c:\program files\Microsoft Silverlight
2011-09-16 01:26 . 2006-11-29 08:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-09-16 01:25 . 2011-09-16 01:25 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-09-16 01:21 . 2011-09-16 01:21 -------- d-----w- c:\program files\Microsoft
2011-09-16 01:20 . 2011-09-16 01:20 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-09-16 01:20 . 2011-09-16 01:28 -------- d-----w- c:\program files\Windows Live
2011-09-16 01:16 . 2011-09-16 01:16 -------- d-----w- c:\windows\PCHEALTH
2011-09-16 00:57 . 2011-09-16 00:57 -------- d-----w- c:\program files\Common Files\Windows Live
2011-09-16 00:52 . 2011-09-16 00:52 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-09-16 00:52 . 2011-09-16 00:52 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2011-09-16 00:52 . 2011-09-16 00:52 64512 ----a-w- c:\windows\system32\wlanapi.dll
2011-09-16 00:52 . 2011-09-16 00:52 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-09-16 00:52 . 2011-09-16 00:52 302592 ----a-w- c:\windows\system32\wlansec.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-19 02:15 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-09-19 02:15 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-09-16 19:45 . 2011-09-16 19:45 36864 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui
2011-09-15 23:16 . 2011-09-15 23:16 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-09-15 23:04 . 2011-09-15 23:04 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-09-15 23:04 . 2011-09-15 23:04 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-09-15 23:04 . 2011-09-15 23:04 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-09-15 23:04 . 2011-09-15 23:04 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-09-15 23:04 . 2011-09-15 23:04 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Outpost]
@="{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}"
[HKEY_CLASSES_ROOT\CLSID\{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}]
2011-03-30 14:01 468128 ----a-w- c:\program files\Agnitum\Outpost Security Suite Free\op_shell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HijackThis startup scan"="c:\users\Kabir\Desktop\HijackThis.exe" [2010-03-25 388096]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-17 4603264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2011-04-04 3107736]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Security Suite Free\feedback.exe" [2011-03-30 517056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2011-8-2 610120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-17 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Agnitum\OUTPOS~1\wl_hook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 MpKsl2843599d;MpKsl2843599d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKsl2843599d.sys [x]
R1 MpKsl3d30f794;MpKsl3d30f794;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1EC35D29-2892-492F-B3C1-E1D22BEC8ECE}\MpKsl3d30f794.sys [x]
R1 MpKslee357bc0;MpKslee357bc0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D34B19D5-0CE4-410A-9F72-296167D9105B}\MpKslee357bc0.sys [x]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [2011-04-04 2072592]
S1 afw;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [2010-04-20 34920]
S1 MpKsl1e8afeec;MpKsl1e8afeec;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKsl1e8afeec.sys [2011-09-19 28752]
S1 MpKsl9d30adf7;MpKsl9d30adf7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKsl9d30adf7.sys [2011-09-21 28752]
S1 MpKslc399b49c;MpKslc399b49c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D1D18E4-EAAE-41FF-9760-E9B9114B87CE}\MpKslc399b49c.sys [2011-09-21 28752]
S1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2011-03-21 708760]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-09-17 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-09-17 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-09-17 116608]
S2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-19 21504]
S3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2010-09-27 328296]
S3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [2011-03-21 70160]
S3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\DRIVERS\fetnd6v.sys [2011-04-13 44544]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 VBEngNT;VBEngNT;c:\windows\system32\drivers\VBEngNT.sys [2011-02-02 242040]
S3 VBFilt;VBFilt;c:\windows\system32\Filt\VBFilt.dll [2011-03-21 34096]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 59085333
*NewlyCreated* - ASWMBR
*NewlyCreated* - MPKSLC399B49C
*Deregistered* - 59085333
*Deregistered* - aswMBR
*Deregistered* - VBCoreNT.0
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-164253424-1475004973-1542342749-1000Core.job
- c:\users\Kabir\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 19:49]
.
2011-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-164253424-1475004973-1542342749-1000UA.job
- c:\users\Kabir\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 19:49]
.
2011-09-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0a628e57-5638-482f-8430-56fbdffe3136.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-17 10:56]
.
2011-09-22 c:\windows\Tasks\User_Feed_Synchronization-{E0261286-73D8-44F3-BA55-F5F9566A0E39}.job
- c:\windows\system32\msfeedssync.exe [2011-09-18 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = google.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Anti Trojan Elite - c:\program files\Anti Trojan Elite\TJEnder.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-22 13:54
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(536)
c:\progra~1\Agnitum\OUTPOS~1\wl_hook.dll
.
- - - - - - - > 'lsass.exe'(580)
c:\progra~1\Agnitum\OUTPOS~1\wl_hook.dll
.
- - - - - - - > 'Explorer.exe'(3736)
c:\program files\Agnitum\Outpost Security Suite Free\op_shell.dll
.
Completion time: 2011-09-22 14:01:17
ComboFix-quarantined-files.txt 2011-09-22 09:00
ComboFix2.txt 2011-09-16 19:44
.
Pre-Run: 6,794,543,104 bytes free
Post-Run: 7,224,889,344 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - AD8725AF89B550757AA00713E051B8E6

#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 22 September 2011 - 07:23 AM

Looking good.


Open notepad and copy/paste the text in the quote box below into it:

FixCSet::

Driver::
MpKsl2843599d
MpKsl3d30f794
MpKslee357bc0



Save this as CFScript on your desktop.

Posted Image

Referring to the picture above, drag CFScript into ComboFix.exe
===

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

#7 kabiraslam

kabiraslam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 22 September 2011 - 09:52 AM

Here it is bro :)


Results of screen317's Security Check version 0.99.18
Windows Vista Service Pack 1 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Outpost Security Suite 7.1.1
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.4
SUPERAntiSpyware
CCleaner
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
WinPatrol winpatrol.exe
Microsoft Security Client Antimalware MsMpEng.exe
BillP Studios WinPatrol WinPatrol.exe
``````````End of Log````````````

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 22 September 2011 - 05:49 PM

http://support.microsoft.com/lifecycle/search/?sort=PN&alpha=WINDOWS+vista
Windows Vista Service Pack 1 support ended on 12/07/2011

For continued security support from Microsoft get the Service Pack 2.
http://support.microsoft.com/kb/935791

<<<>>>

When all is well:

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other programs we used.
===

Surf Safely, and Think Prevention!

#9 kabiraslam

kabiraslam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 25 September 2011 - 06:29 PM

Hey bro im sorry couldnt reply back, there was a problem with my internet connection. So basically i all was well until yesterday morning. I was using my laptop and suddenly again 15 googl chrome windows popped up at the same time. I wasnt even connected to a wireless or lan as my net was not working.... :S

I have installed the service pack 2 though as you said. Thanks

#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 26 September 2011 - 07:32 AM

This topic will be kept open for 7 days. If you have any issue with this computer feel free to call.

#11 kabiraslam

kabiraslam
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 26 September 2011 - 08:00 AM

Call where? :S

#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 26 September 2011 - 01:33 PM

Sorry.

Post here.

#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:51 PM

Posted 03 October 2011 - 08:33 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users