Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

easya-z.com virus


  • This topic is locked This topic is locked
24 replies to this topic

#1 irdodgy

irdodgy

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 09 January 2012 - 02:07 PM

Hi,

For the past week now, i have been having loads of problems with being redirected when online. I have tired numerous anti virus and anti malware programs and none have picked up any problems. I have followed the self help guide http://www.bleepingcomputer.com/forums/topic12491.html with no luck either. I have also tried to use TDSSkiller but the program starts, then fails to load, I would have added a dds log but it locks up the computer about 5 minutes in (3 attempts now). please help.

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 12 January 2012 - 03:09 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 13 January 2012 - 01:43 AM

Hi Gringo, thanks for the response, DeFogger ran fine but DDS keeps causing my computer to crash. I leave the box running with the # symbols appearing and everything looks fine. When i come back to it the # symbols are no more than 2/3 across the screen and everything has frozen and all i can do it restart my computer. I have tired about 8 times now leaving it from about 3 mins up to about 6 hours and only had the same outcome. I have malware bytes and avast on my computer - i have disabled maleware bytes so it doesn't load on start up but avast is a bit more of a pain. I have set it to gaming mode and turned all its shields off but i am not sure if it is still interfering with the DDS program.

Thanks
irdodgy

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 13 January 2012 - 03:03 AM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 13 January 2012 - 11:35 AM

Results from the OTL.txt file

OTL logfile created on: 13/01/2012 16:28:56 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Richard\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 73.24% Memory free
5.09 Gb Paging File | 4.45 Gb Available in Paging File | 87.51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 23.35 Gb Free Space | 30.45% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 174.10 Gb Free Space | 58.41% Space Free | Partition Type: NTFS
Drive I: | 14.94 Gb Total Space | 11.29 Gb Free Space | 75.60% Space Free | Partition Type: FAT32

Computer Name: RICHARD | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Richard\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
PRC - C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe ()
PRC - C:\WINDOWS\system32\acs.exe (Atheros)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\12011300\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\12011001\algo.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
MOD - C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe ()
MOD - C:\Program Files\NETGEAR\WNA1100\WifiLib.dll ()
MOD - C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (TomTomHOMEService) -- C:\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (nosGetPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (WSWNA1100) -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe ()
SRV - (jswpsapi) -- C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (CSHelper) -- C:\WINDOWS\system32\CSHelper.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)


========== Driver Services (SafeList) ==========

DRV - (nocashio) -- C:\WINDOWS\system32\drivers\nocashio.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (AR9271) -- C:\WINDOWS\system32\drivers\athuw.sys (Atheros Communications, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (JSWSCIMD) -- C:\WINDOWS\system32\drivers\jswscimd.sys (Atheros Communications, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (s116mdm) -- C:\WINDOWS\system32\drivers\s116mdm.sys (MCCI Corporation)
DRV - (s116mdfl) -- C:\WINDOWS\system32\drivers\s116mdfl.sys (MCCI Corporation)
DRV - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\WINDOWS\system32\drivers\s116bus.sys (MCCI Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (SE26obex) -- C:\WINDOWS\system32\drivers\SE26obex.sys (MCCI)
DRV - (SE26mdm) -- C:\WINDOWS\system32\drivers\SE26mdm.sys (MCCI)
DRV - (SE26mdfl) -- C:\WINDOWS\system32\drivers\SE26mdfl.sys (MCCI)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (Airgo) -- C:\WINDOWS\system32\drivers\wnihdd51.sys (Airgo Networks, Inc.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (ZD1201U) ZyDAS ZD1201 IEEE 802.11b Wireless LAN Driver (USB) -- C:\WINDOWS\system32\drivers\ZD1201U.sys (ZyDAS Technology Corporation)
DRV - (QCEmerald) -- C:\WINDOWS\system32\drivers\OVCE.sys (Microsoft Corporation)
DRV - (lusbaudio) -- C:\WINDOWS\system32\drivers\OVSound2.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 D3 FC 1B 16 B9 CC 01 [binary data]
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-343818398-1604221776-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: {dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.21
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=d0a23c1b0000000000000018f3fbfa32&tlver=1.4.19.19&instlRef=sst&ss=1&affID=17978&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@artistscope.com/ArtistScope DRM plugin 1,version=1.1.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll (ArtistScope)
FF - HKLM\Software\MozillaPlugins\@artistscope.com/ArtistScope plugin 42,version=4.2.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScope42.dll (ArtistScope)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.8.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@artistscope.com/ArtistScope DRM plugin 1,version=1.1.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll (ArtistScope)
FF - HKCU\Software\MozillaPlugins\@artistscope.com/ArtistScope plugin 42,version=4.2.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScope42.dll (ArtistScope)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.8.1: C:\Documents and Settings\Richard\Local Settings\Application Data\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/12 11:44:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/12 11:44:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/02 11:47:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/22 18:57:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/04 17:42:40 | 000,000,000 | ---D | M]

[2010/08/29 22:05:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Extensions
[2009/06/23 16:37:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Extensions\home2@tomtom.com
[2012/01/05 19:32:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\dcp7qj8g.default\extensions
[2011/04/22 07:27:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\dcp7qj8g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/22 18:57:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/23 22:07:37 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/12/02 11:47:43 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/11/21 04:21:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/03/28 07:27:56 | 000,582,656 | ---- | M] (ArtistScope) -- C:\Program Files\mozilla firefox\plugins\npArtistScope42.dll
[2009/02/02 05:06:56 | 000,211,456 | ---- | M] (ArtistScope) -- C:\Program Files\mozilla firefox\plugins\npArtistScopeDRM11.dll
[2008/01/08 00:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/21 01:23:17 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/11/21 01:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/21 01:23:17 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/11/21 01:23:17 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/11/21 01:23:17 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/01/05 17:19:15 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-1604221776-725345543-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-1604221776-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-1604221776-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-343818398-1604221776-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-343818398-1604221776-725345543-1003\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-343818398-1604221776-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1301869550156 (WUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7DD239-4D53-49D7-9E4A-D69F02EEE414}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9FE2535-642C-4683-9F26-F775A8D37993}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\TPSvc: DllName - (TPSvc.dll) - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/23 17:53:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c2046e56-b86c-11dd-a2cf-0018f3fbfa32}\Shell - "" = AutoRun
O33 - MountPoints2\{c2046e56-b86c-11dd-a2cf-0018f3fbfa32}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c2046e56-b86c-11dd-a2cf-0018f3fbfa32}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{c2046f92-b86c-11dd-a2cf-0018f3fbfa32}\Shell - "" = AutoRun
O33 - MountPoints2\{c2046f92-b86c-11dd-a2cf-0018f3fbfa32}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c2046f92-b86c-11dd-a2cf-0018f3fbfa32}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/13 16:26:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\OTL(1).exe
[2012/01/12 17:22:54 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Richard\Desktop\dds(1).scr
[2012/01/06 20:35:33 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Richard\Desktop\HijackThis.exe
[2012/01/05 20:11:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Richard\Recent
[2012/01/04 17:44:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGEAR WNA1100 Smart Wizard
[2012/01/04 17:43:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager
[2012/01/04 17:43:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/04 17:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/04 17:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/01/04 17:31:48 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2012/01/04 17:31:35 | 000,426,074 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wgapi.dll
[2012/01/04 17:31:34 | 001,710,944 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2012/01/04 17:31:34 | 001,269,854 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2012/01/04 17:31:34 | 000,495,700 | ---- | C] (Atheros) -- C:\WINDOWS\System32\acs.exe
[2012/01/04 17:31:34 | 000,405,504 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2012/01/04 17:31:34 | 000,356,443 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2012/01/04 17:31:34 | 000,311,390 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2012/01/04 17:31:34 | 000,254,022 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2012/01/04 17:31:34 | 000,249,924 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2012/01/04 17:31:34 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2012/01/04 17:31:34 | 000,127,079 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2012/01/04 17:31:34 | 000,127,053 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2012/01/04 17:31:34 | 000,082,017 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2012/01/04 17:31:34 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2012/01/04 17:31:34 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscimd.sys
[2012/01/04 17:31:34 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\jswscimd.sys
[2012/01/04 17:31:26 | 000,073,800 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athgina.dll
[2012/01/04 17:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2012/01/03 19:13:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\QuickScan
[2012/01/03 19:04:44 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Richard\Desktop\dfg36t3g64.exe
[2012/01/03 18:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2012/01/03 16:51:56 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/01/03 16:47:25 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/01/02 20:08:20 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/02 18:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\SUPERAntiSpyware.com
[2012/01/02 18:37:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/01/02 18:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/01/02 18:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/01/02 18:23:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/01/02 17:16:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/01/01 17:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/01/01 17:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/01/01 14:55:48 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012/01/01 14:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012/01/01 12:53:54 | 000,000,000 | ---D | C] -- C:\Users
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/13 16:26:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\OTL(1).exe
[2012/01/13 16:20:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/12 17:22:57 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Richard\Desktop\dds(1).scr
[2012/01/12 17:13:19 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Richard\defogger_reenable
[2012/01/11 23:00:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/06 20:35:34 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Richard\Desktop\HijackThis.exe
[2012/01/05 18:56:43 | 000,682,906 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2012/01/05 17:19:15 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/04 17:32:56 | 000,434,060 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/04 17:32:56 | 000,067,806 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/04 17:31:24 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk
[2012/01/04 17:31:24 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA1100 Smart Wizard.lnk
[2012/01/03 19:27:36 | 000,000,422 | ---- | M] () -- C:\WINDOWS\DCEBOOT.RST
[2012/01/03 19:21:20 | 000,000,238 | RHS- | M] () -- C:\boot.ini
[2012/01/03 19:15:26 | 000,228,959 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\census.cache
[2012/01/03 19:15:26 | 000,214,749 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\ars.cache
[2012/01/03 19:13:25 | 000,022,032 | ---- | M] () -- C:\WINDOWS\DCEBoot.exe
[2012/01/03 19:05:00 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Richard\Desktop\dfg36t3g64.exe
[2012/01/03 19:03:04 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\housecall.guid.cache
[2012/01/03 17:19:41 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/01/03 16:51:56 | 000,000,330 | ---- | M] () -- C:\Start_.cmd
[2012/01/03 16:45:28 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Richard\MBRCheck_MBR_Backup_01-03-12_16-45-28.bak
[2012/01/02 20:08:23 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/02 19:45:40 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/02 18:37:39 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/01 18:51:37 | 000,000,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2012/01/01 18:32:47 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/01/01 14:55:40 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012/01/01 12:38:54 | 000,000,227 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2012/01/01 12:05:30 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\nocashio.sys
[2012/01/01 12:00:53 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/23 21:50:44 | 000,095,744 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/12 17:12:46 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Richard\defogger_reenable
[2012/01/04 17:31:34 | 000,039,471 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2012/01/04 17:31:34 | 000,039,469 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2012/01/04 17:31:34 | 000,035,967 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.cat
[2012/01/04 17:31:34 | 000,035,538 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.cat
[2012/01/04 17:31:34 | 000,005,529 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.inf
[2012/01/04 17:31:34 | 000,005,363 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2012/01/04 17:31:34 | 000,002,231 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.inf
[2012/01/04 17:31:34 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2012/01/04 17:31:26 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2012/01/04 17:31:24 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk
[2012/01/04 17:31:24 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA1100 Smart Wizard.lnk
[2012/01/03 19:27:36 | 000,000,422 | ---- | C] () -- C:\WINDOWS\DCEBOOT.RST
[2012/01/03 19:13:25 | 000,022,032 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe
[2012/01/03 19:13:05 | 000,228,959 | ---- | C] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\census.cache
[2012/01/03 19:13:01 | 000,214,749 | ---- | C] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\ars.cache
[2012/01/03 19:03:04 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\housecall.guid.cache
[2012/01/03 16:51:56 | 000,000,330 | ---- | C] () -- C:\Start_.cmd
[2012/01/03 16:45:28 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Richard\MBRCheck_MBR_Backup_01-03-12_16-45-28.bak
[2012/01/02 20:08:23 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/02 18:37:39 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/01 18:50:48 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2012/01/01 17:49:23 | 000,682,906 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2012/01/01 14:36:55 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/01/01 12:38:53 | 000,000,227 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/01/01 12:05:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
[2011/12/29 11:41:50 | 000,499,624 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\qtsstandardsguidance2007.pdf
[2011/12/29 11:41:50 | 000,309,614 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\ASSIGNMENT_HANDBOOK_2011-2012.pdf
[2011/07/25 18:06:17 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2011/05/23 19:23:35 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011/05/16 18:32:21 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011/05/16 18:32:21 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011/05/16 18:32:16 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf07a.dat
[2011/05/16 18:29:16 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2011/04/07 23:23:36 | 001,526,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/04 18:18:44 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011/03/29 21:33:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Richard\Application Data\455599.ini
[2010/11/15 08:02:29 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\d3d9caps.dat
[2010/06/29 19:05:23 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/06/29 19:05:13 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/06/29 19:05:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/05/15 15:48:42 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/04/11 20:44:31 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/04/11 20:44:31 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/04/11 20:43:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Richard\Application Data\$_hpcst$.hpc
[2009/11/03 19:23:17 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/10/06 18:04:08 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\CSHelper.exe
[2009/08/14 21:35:51 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/04/18 08:08:51 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/24 19:24:14 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/12/13 08:47:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\dump_wmimmc(2).sys
[2008/12/11 22:02:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\dump_wmimmc(3).sys
[2008/10/19 00:29:59 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/09/16 00:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/08/06 16:46:12 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2008/06/01 16:21:02 | 000,007,952 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/05/26 16:07:30 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Start.INI
[2008/04/20 13:00:52 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/04/20 07:34:24 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/22 20:08:47 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2007/10/14 14:51:56 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2007/07/10 13:22:14 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/07/06 15:31:16 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/06/01 13:34:09 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/06/01 13:34:09 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/06/01 13:34:09 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007/05/10 13:16:46 | 000,095,744 | ---- | C] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/04 14:01:29 | 000,001,522 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/04/29 16:22:05 | 000,001,723 | ---- | C] () -- C:\Program Files\Duvvil.d2s
[2007/04/23 22:29:02 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/04/23 22:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/04/23 18:43:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/04/23 18:42:26 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/04/23 18:31:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/23 18:18:09 | 000,070,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\WS01UPH.bin
[2007/04/23 18:12:24 | 000,006,870 | R--- | C] () -- C:\WINDOWS\System32\drivers\wni6000.bin
[2007/04/23 18:01:57 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2007/04/23 18:01:57 | 000,000,396 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2007/04/23 18:01:41 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/04/23 18:01:36 | 000,024,959 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/04/23 18:01:28 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/04/23 17:56:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/04/23 17:51:17 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/06/14 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/06/14 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/06/14 12:00:00 | 000,434,060 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/06/14 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/06/14 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/06/14 12:00:00 | 000,067,806 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/06/14 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/06/14 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/06/14 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/06/14 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/06/14 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/27 11:40:30 | 000,002,572 | ---- | C] () -- C:\WINDOWS\WINDVDBOOTRECDOE.sys
[1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Thanks
irdodgy

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 13 January 2012 - 11:45 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 14 January 2012 - 03:48 AM

Hi Gringo,

Combofix ran, updated and installed recovery console fine. there were no error messages and it started running its scan saying this should take about 10 minutes. However after about 9 minutes my whole computer froze to the extent that the clock still read the same time even 20min afterwards. I ran the program 4 or 5 time and left it over night but each time my computer froze after 9 minutes.

As a side note - my system32 now crashes once my computer has loaded up. This doesn't seem to effect anything on my computer but I am guessing it isn't meant to do that.

Thanks
irdodgy

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 14 January 2012 - 08:06 PM

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
ComboFix /nombr
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 15 January 2012 - 05:18 AM

Hi Gringo,

It worked this time

ComboFix 12-01-15.01 - Richard 15/01/2012 9:19.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2592 [GMT 0:00]
Running from: c:\documents and settings\Richard\Desktop\ComboFix.exe
Command switches used :: /nombr
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\{7e853d72-626a-48ec-a868-ba8d5e23e045}
c:\windows\system32\{8126a4a5-bfd3-46fe-bbdf-bfb5cf78e489}
c:\windows\system32\{ed4bd629-c1b6-4399-8a34-02ccaa921dc9}
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\msssc.dll
c:\windows\system32\SET153.tmp
c:\windows\system32\SET158.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-12-15 to 2012-01-15 )))))))))))))))))))))))))))))))
.
.
2074-05-07 17:38 . 2006-11-21 19:48 203576 -c----w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2012-01-14 15:37 . 2012-01-14 15:37 -------- d-----w- c:\program files\vShare.tv plugin
2012-01-13 20:58 . 2011-10-14 14:47 23040 -c----w- c:\windows\system32\dllcache\mciseq.dll
2012-01-13 20:58 . 2011-10-14 14:47 176128 -c----w- c:\windows\system32\dllcache\winmm.dll
2012-01-13 20:58 . 2011-11-18 12:35 60416 -c----w- c:\windows\system32\dllcache\packager.exe
2012-01-03 19:13 . 2012-01-05 17:11 -------- d-----w- c:\documents and settings\Richard\Application Data\QuickScan
2012-01-03 19:13 . 2012-01-03 19:13 22032 ----a-w- c:\windows\DCEBoot.exe
2012-01-03 18:28 . 2012-01-03 18:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2012-01-03 18:14 . 2012-01-04 17:43 -------- d-----w- c:\program files\Security Task Manager
2012-01-03 18:05 . 2012-01-03 18:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2012-01-02 20:08 . 2011-12-10 15:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-02 18:38 . 2012-01-02 18:38 -------- d-----w- c:\documents and settings\Richard\Application Data\SUPERAntiSpyware.com
2012-01-02 18:37 . 2012-01-04 17:43 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-02 18:37 . 2012-01-02 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-01-02 18:34 . 2012-01-02 18:34 -------- d-----w- c:\program files\Trend Micro
2012-01-02 18:23 . 2012-01-05 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\SecTaskMan
2012-01-02 17:23 . 2012-01-02 17:23 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2012-01-02 17:21 . 2012-01-02 17:21 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2012-01-01 17:48 . 2012-01-05 19:28 -------- d-----w- c:\program files\Common Files\PC Tools
2012-01-01 17:46 . 2012-01-05 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2012-01-01 15:55 . 2012-01-01 15:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-01-01 14:55 . 2012-01-01 14:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-01-01 14:36 . 2012-01-01 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2012-01-01 12:53 . 2012-01-01 12:53 -------- d-----w- C:\Users
2012-01-01 12:05 . 2012-01-01 12:05 4096 ----a-w- c:\windows\system32\drivers\nocashio.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-04-03 10:06 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-04-03 10:06 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-04-03 10:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-04-03 10:06 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-04-03 10:06 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-04-03 10:06 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-04-03 10:06 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-04-03 10:06 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-04-03 10:06 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-04-03 10:06 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2011-04-04 18:18 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2011-04-04 18:18 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 15:41 . 2011-09-09 17:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-19 15:38 . 2011-11-19 15:38 53248 ----a-r- c:\documents and settings\Richard\Application Data\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
2011-11-18 12:35 . 2011-04-04 18:18 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2011-04-04 18:19 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2011-04-04 18:18 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:20 . 2007-02-18 22:44 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2005-06-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2005-06-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2005-06-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28 . 2011-04-04 18:18 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2011-04-04 18:18 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2011-04-04 18:18 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2011-04-04 18:18 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2011-04-04 18:18 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2011-04-04 18:18 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2011-04-04 18:19 186880 ----a-w- c:\windows\system32\encdec.dll
2011-11-21 04:21 . 2011-11-22 18:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
<pre>
c:\program files\AutoCAD 2008\Sample\AutoCAD addon's\CAD Software Non AutoCAD\IntelliCAD 6.1 Standard trial .exe
c:\program files\AutoCAD 2008\Sample\blocks\AutoCAD addon's\CAD Software Non AutoCAD\IntelliCAD 6.1 Standard trial .exe
</pre>
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WNA1100 Smart Wizard.lnk - c:\program files\NETGEAR\WNA1100\WNA1100.exe [2012-1-4 4562944]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Richard^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
path=c:\documents and settings\Richard\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
backup=c:\windows\pss\BBC iPlayer Desktop.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Richard^Start Menu^Programs^Startup^NETGEAR WNA1100 Smart Wizard.lnk]
path=c:\documents and settings\Richard\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WNA1100 Smart Wizard.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-29 20:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar]
c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-04-19 21:16 342848 ----a-w- c:\program files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2007-03-12 13:51 663552 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2007-01-26 14:58 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
2010-12-08 21:15 63360 ----a-w- c:\program files\DivX\DivX Plus Web Player\DDMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-12-09 19:28 1226608 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gfhYdHclcK.exe]
c:\documents and settings\All Users\Application Data\gfhYdHclcK.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files\HP\HP Software Update\HPWuSchd2.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-01-29 20:10 46632 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2007-03-29 15:41 222128 ----a-w- c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISW]
c:\program files\CheckPoint\ZAForceField\ForceField.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-12-24 17:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-06-07 16:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-01-29 20:12 30248 -c--a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
2007-02-01 12:46 255528 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-02-18 10:47 79192 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
c:\program files\Spybot - Search & Destroy\TeaTimer.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 -c--a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-12-09 00:44 4616064 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
c:\program files\Common Files\Real\Update_OB\realsched.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-03-09 12:30 247728 ----a-w- c:\tomtom home 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WRSVC]
c:\program files\Webroot\WRSA.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVGEMS"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"ANISERVICE"=2 (0x2)
"RapportMgmtService"=2 (0x2)
"TomTomHOMEService"=2 (0x2)
"ServiceLayer"=3 (0x3)
"CSHelper"=2 (0x2)
"BBUpdate"=2 (0x2)
"Autodesk Licensing Service"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"c:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Runes of magic\\Runes of Magic\\Client.exe"=
"c:\\Documents and Settings\\Richard\\Local Settings\\Apps\\2.0\\9EXZMGW4.DT4\\XZHH70Q4.7VZ\\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\\CurseClient.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"f:\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"f:\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"f:\\Steam\\SteamApps\\common\\supreme commander 2\\bin\\SupremeCommander2.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [03/04/2011 10:06 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [03/04/2011 10:06 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 16:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 21:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11/08/2011 23:38 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03/04/2011 10:06 20568]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [03/04/2011 19:12 652872]
R2 WSWNA1100;WSWNA1100;c:\program files\NETGEAR\WNA1100\WifiSvc.exe [04/01/2012 17:31 278528]
R3 AR9271;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [04/01/2012 17:31 1710944]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [04/01/2012 17:31 57440]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [02/01/2012 20:08 20464]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\Drivers\Scutum50.sys --> c:\windows\system32\Drivers\Scutum50.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [11/04/2010 20:44 36608]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\NETGEAR\WNA1100\jswpsapi.exe [04/01/2012 17:31 360529]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [04/04/2011 18:18 14336]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [24/05/2007 13:23 31872]
S3 ZD1201U;ZyDAS ZD1201 IEEE 802.11b Wireless LAN Driver (USB);c:\windows\system32\drivers\ZD1201U.sys [23/04/2007 18:18 38656]
S3 ZDNDIS5;ZDNDIS5 Protocol Driver;\??\c:\windows\system32\ZDNDIS5.SYS --> c:\windows\system32\ZDNDIS5.SYS [?]
S4 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [06/10/2009 18:04 266240]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [08/07/2007 18:32 715248]
S4 TomTomHOMEService;TomTomHOMEService;c:\tomtom home 2\TomTomHOMEService.exe [09/03/2011 12:30 92592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8B7DD239-4D53-49D7-9E4A-D69F02EEE414}: NameServer = 208.67.220.220,208.67.222.222
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\Richard\Application Data\Mozilla\Firefox\Profiles\dcp7qj8g.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=d0a23c1b0000000000000018f3fbfa32&tlver=1.4.19.19&instlRef=sst&ss=1&affID=17978&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Notify-TPSvc - TPSvc.dll
Notify-WgaLogon - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-15 09:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-343818398-1604221776-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:41,c2,f3,56,a6,19,e0,da,58,7b,71,0e,3a,64,7f,19,15,07,05,3a,a2,cb,79,
25,d8,40,2e,e7,b4,9c,01,d1,00,40,b1,79,96,4f,48,87,90,8b,ff,07,6d,7b,42,db,\
"??"=hex:eb,1f,2d,b0,11,61,84,98,d8,d0,2d,fb,cd,d2,c6,97
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1124)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\athgina.dll
.
Completion time: 2012-01-15 10:15:25
ComboFix-quarantined-files.txt 2012-01-15 10:15
.
Pre-Run: 24,711,831,552 bytes free
Post-Run: 24,730,800,128 bytes free
.
- - End Of File - - B913BE7DD6993B7BBE65690D6D770967

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 15 January 2012 - 02:11 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 15 January 2012 - 04:05 PM

Hi Gringo,

When i run the program nothing happens, the computer seems like it is beginning to run an program then nothing happens at all

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 15 January 2012 - 05:34 PM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun TDSSKiller for me and send me the report

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 15 January 2012 - 05:47 PM

Hi Gringo,

fix TDSS cleared the infection.

TDSS log:

22:44:03.0359 3728 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
22:44:03.0515 3728 ============================================================
22:44:03.0515 3728 Current date / time: 2012/01/15 22:44:03.0515
22:44:03.0515 3728 SystemInfo:
22:44:03.0515 3728
22:44:03.0515 3728 OS Version: 5.1.2600 ServicePack: 3.0
22:44:03.0515 3728 Product type: Workstation
22:44:03.0515 3728 ComputerName: RICHARD
22:44:03.0515 3728 UserName: Richard
22:44:03.0515 3728 Windows directory: C:\WINDOWS
22:44:03.0515 3728 System windows directory: C:\WINDOWS
22:44:03.0515 3728 Processor architecture: Intel x86
22:44:03.0515 3728 Number of processors: 2
22:44:03.0515 3728 Page size: 0x1000
22:44:03.0515 3728 Boot type: Normal boot
22:44:03.0515 3728 ============================================================
22:44:05.0156 3728 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000, SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
22:44:05.0234 3728 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000, SectorSize: 0x200, Cylinders: 0x97695, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K', Flags 0x00000050
22:44:05.0328 3728 Initialize success
22:44:09.0937 2336 ============================================================
22:44:09.0937 2336 Scan started
22:44:09.0937 2336 Mode: Manual;
22:44:09.0937 2336 ============================================================
22:44:11.0156 2336 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:44:11.0156 2336 Aavmker4 - ok
22:44:11.0171 2336 Abiosdsk - ok
22:44:11.0187 2336 abp480n5 - ok
22:44:11.0234 2336 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:44:11.0234 2336 ACPI - ok
22:44:11.0390 2336 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:44:11.0390 2336 ACPIEC - ok
22:44:11.0453 2336 ADIHdAudAddService (ab0d9669bab1009e48cc91117e59912b) C:\WINDOWS\system32\drivers\ADIHdAud.sys
22:44:11.0453 2336 ADIHdAudAddService - ok
22:44:11.0625 2336 adpu160m - ok
22:44:11.0781 2336 AEAudio (03be587e90c8b37c7ff1fe2e9c1d1c90) C:\WINDOWS\system32\drivers\AEAudio.sys
22:44:11.0796 2336 AEAudio - ok
22:44:11.0937 2336 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:44:11.0953 2336 aec - ok
22:44:12.0125 2336 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:44:12.0125 2336 AFD - ok
22:44:12.0234 2336 Aha154x - ok
22:44:12.0250 2336 aic78u2 - ok
22:44:12.0265 2336 aic78xx - ok
22:44:12.0328 2336 Airgo (f665ff4c62ce0121f1db77568f80b0f8) C:\WINDOWS\system32\DRIVERS\wnihdd51.sys
22:44:12.0343 2336 Airgo - ok
22:44:12.0437 2336 AliIde - ok
22:44:12.0453 2336 amsint - ok
22:44:12.0578 2336 AR9271 (76fd2178f8d6cf804a37017f8e163b88) C:\WINDOWS\system32\DRIVERS\athuw.sys
22:44:12.0640 2336 AR9271 - ok
22:44:12.0734 2336 asc - ok
22:44:12.0750 2336 asc3350p - ok
22:44:12.0765 2336 asc3550 - ok
22:44:12.0828 2336 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:44:12.0828 2336 aswFsBlk - ok
22:44:12.0968 2336 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
22:44:12.0968 2336 aswMon2 - ok
22:44:13.0109 2336 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
22:44:13.0109 2336 aswRdr - ok
22:44:13.0140 2336 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
22:44:13.0140 2336 aswSnx - ok
22:44:13.0312 2336 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
22:44:13.0312 2336 aswSP - ok
22:44:13.0468 2336 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
22:44:13.0468 2336 aswTdi - ok
22:44:13.0515 2336 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:44:13.0515 2336 AsyncMac - ok
22:44:13.0718 2336 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:44:13.0718 2336 atapi - ok
22:44:13.0781 2336 Atdisk - ok
22:44:13.0875 2336 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:44:13.0875 2336 Atmarpc - ok
22:44:14.0031 2336 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:44:14.0031 2336 audstub - ok
22:44:14.0078 2336 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:44:14.0078 2336 Beep - ok
22:44:14.0187 2336 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
22:44:14.0187 2336 BrScnUsb - ok
22:44:14.0343 2336 catchme - ok
22:44:14.0468 2336 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:44:14.0468 2336 cbidf2k - ok
22:44:14.0500 2336 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:44:14.0500 2336 CCDECODE - ok
22:44:14.0656 2336 cd20xrnt - ok
22:44:14.0765 2336 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:44:14.0765 2336 Cdaudio - ok
22:44:14.0921 2336 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:44:14.0921 2336 Cdfs - ok
22:44:14.0937 2336 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:44:14.0937 2336 Cdrom - ok
22:44:15.0046 2336 Changer - ok
22:44:15.0062 2336 CmdIde - ok
22:44:15.0078 2336 Cpqarray - ok
22:44:15.0093 2336 dac2w2k - ok
22:44:15.0109 2336 dac960nt - ok
22:44:15.0171 2336 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:44:15.0171 2336 Disk - ok
22:44:15.0328 2336 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:44:15.0343 2336 dmboot - ok
22:44:15.0500 2336 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:44:15.0500 2336 dmio - ok
22:44:15.0562 2336 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:44:15.0562 2336 dmload - ok
22:44:15.0796 2336 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:44:15.0796 2336 DMusic - ok
22:44:16.0140 2336 dpti2o - ok
22:44:16.0250 2336 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:44:16.0250 2336 drmkaud - ok
22:44:16.0406 2336 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:44:16.0406 2336 Fastfat - ok
22:44:16.0437 2336 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:44:16.0437 2336 Fdc - ok
22:44:16.0578 2336 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:44:16.0578 2336 Fips - ok
22:44:16.0734 2336 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:44:16.0734 2336 Flpydisk - ok
22:44:16.0812 2336 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:44:16.0812 2336 FltMgr - ok
22:44:16.0968 2336 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
22:44:16.0968 2336 fssfltr - ok
22:44:17.0062 2336 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
22:44:17.0109 2336 FsUsbExDisk - ok
22:44:17.0203 2336 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:44:17.0203 2336 Fs_Rec - ok
22:44:17.0343 2336 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:44:17.0359 2336 Ftdisk - ok
22:44:17.0515 2336 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:44:17.0515 2336 Gpc - ok
22:44:17.0671 2336 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:44:17.0671 2336 HDAudBus - ok
22:44:17.0843 2336 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:44:17.0843 2336 hidusb - ok
22:44:17.0953 2336 hpn - ok
22:44:18.0015 2336 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:44:18.0015 2336 HPZid412 - ok
22:44:18.0171 2336 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:44:18.0171 2336 HPZipr12 - ok
22:44:18.0312 2336 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:44:18.0312 2336 HPZius12 - ok
22:44:18.0468 2336 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:44:18.0468 2336 HTTP - ok
22:44:18.0671 2336 hwdatacard (d24c509bce360af120431d44d100605b) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
22:44:18.0687 2336 hwdatacard - ok
22:44:18.0796 2336 i2omgmt - ok
22:44:18.0812 2336 i2omp - ok
22:44:18.0859 2336 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:44:18.0859 2336 i8042prt - ok
22:44:19.0031 2336 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:44:19.0031 2336 Imapi - ok
22:44:19.0156 2336 ini910u - ok
22:44:19.0281 2336 IntelIde - ok
22:44:19.0328 2336 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:44:19.0328 2336 Ip6Fw - ok
22:44:19.0484 2336 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:44:19.0484 2336 IpFilterDriver - ok
22:44:19.0656 2336 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:44:19.0671 2336 IpInIp - ok
22:44:19.0812 2336 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:44:19.0812 2336 IpNat - ok
22:44:19.0968 2336 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:44:19.0968 2336 IPSec - ok
22:44:20.0109 2336 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:44:20.0109 2336 IRENUM - ok
22:44:20.0296 2336 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:44:20.0296 2336 isapnp - ok
22:44:20.0437 2336 JSWSCIMD (ad67795900aa8c05cc4570f5349e0639) C:\WINDOWS\system32\DRIVERS\jswscimd.sys
22:44:20.0437 2336 JSWSCIMD - ok
22:44:20.0609 2336 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:44:20.0609 2336 Kbdclass - ok
22:44:20.0781 2336 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:44:20.0781 2336 kmixer - ok
22:44:20.0921 2336 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:44:20.0921 2336 KSecDD - ok
22:44:21.0078 2336 Lbd - ok
22:44:21.0125 2336 lbrtfdc - ok
22:44:21.0171 2336 lusbaudio (081caf42d5db1fcf8794fd77befd1b11) C:\WINDOWS\system32\drivers\OVSound2.sys
22:44:21.0171 2336 lusbaudio - ok
22:44:21.0265 2336 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
22:44:21.0265 2336 MBAMProtector - ok
22:44:21.0421 2336 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:44:21.0421 2336 mnmdd - ok
22:44:21.0468 2336 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:44:21.0484 2336 Modem - ok
22:44:21.0656 2336 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:44:21.0656 2336 Mouclass - ok
22:44:21.0796 2336 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:44:21.0796 2336 mouhid - ok
22:44:21.0843 2336 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:44:21.0843 2336 MountMgr - ok
22:44:21.0953 2336 mraid35x - ok
22:44:22.0015 2336 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:44:22.0015 2336 MRxDAV - ok
22:44:22.0140 2336 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:44:22.0156 2336 MRxSmb - ok
22:44:22.0296 2336 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:44:22.0296 2336 Msfs - ok
22:44:22.0312 2336 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:44:22.0312 2336 MSKSSRV - ok
22:44:22.0453 2336 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:44:22.0453 2336 MSPCLOCK - ok
22:44:22.0625 2336 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:44:22.0625 2336 MSPQM - ok
22:44:22.0765 2336 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:44:22.0781 2336 mssmbios - ok
22:44:22.0828 2336 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:44:22.0828 2336 MSTEE - ok
22:44:22.0953 2336 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
22:44:22.0953 2336 MTsensor - ok
22:44:23.0093 2336 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:44:23.0093 2336 Mup - ok
22:44:23.0250 2336 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:44:23.0250 2336 NABTSFEC - ok
22:44:23.0281 2336 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:44:23.0281 2336 NDIS - ok
22:44:23.0437 2336 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:44:23.0437 2336 NdisIP - ok
22:44:23.0484 2336 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:44:23.0484 2336 NdisTapi - ok
22:44:23.0687 2336 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:44:23.0687 2336 Ndisuio - ok
22:44:23.0859 2336 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:44:23.0859 2336 NdisWan - ok
22:44:24.0000 2336 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:44:24.0015 2336 NDProxy - ok
22:44:24.0156 2336 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:44:24.0156 2336 NetBIOS - ok
22:44:24.0171 2336 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:44:24.0171 2336 NetBT - ok
22:44:24.0296 2336 nocashio (03bba4dedefb48c510061529651b453a) C:\WINDOWS\system32\drivers\nocashio.sys
22:44:24.0296 2336 nocashio - ok
22:44:24.0437 2336 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:44:24.0437 2336 Npfs - ok
22:44:24.0468 2336 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:44:24.0484 2336 Ntfs - ok
22:44:24.0796 2336 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:44:24.0796 2336 Null - ok
22:44:25.0359 2336 nv (18281a647f8d2a0afd00f4a9f52c59f4) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:44:28.0640 2336 nv - ok
22:44:29.0031 2336 nvata (49628180adb2e043ce017d85014bb751) C:\WINDOWS\system32\DRIVERS\nvata.sys
22:44:29.0031 2336 nvata - ok
22:44:29.0484 2336 NVENETFD (0bb062e16d13368692514ed1dd3b6400) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:44:29.0500 2336 NVENETFD - ok
22:44:29.0968 2336 nvnetbus (f4ee2e38c2b34921b19c52d0cbdef4c9) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:44:29.0968 2336 nvnetbus - ok
22:44:30.0015 2336 NVR0Dev - ok
22:44:30.0406 2336 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:44:30.0437 2336 NwlnkFlt - ok
22:44:30.0921 2336 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:44:30.0953 2336 NwlnkFwd - ok
22:44:31.0359 2336 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:44:31.0375 2336 Parport - ok
22:44:31.0828 2336 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:44:31.0843 2336 PartMgr - ok
22:44:32.0265 2336 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:44:32.0281 2336 ParVdm - ok
22:44:32.0687 2336 pccsmcfd - ok
22:44:32.0968 2336 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:44:32.0968 2336 PCI - ok
22:44:33.0234 2336 PCIDump - ok
22:44:33.0531 2336 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:44:33.0578 2336 PCIIde - ok
22:44:34.0000 2336 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:44:34.0031 2336 Pcmcia - ok
22:44:34.0421 2336 PDCOMP - ok
22:44:34.0765 2336 PDFRAME - ok
22:44:35.0062 2336 PDRELI - ok
22:44:35.0453 2336 PDRFRAME - ok
22:44:35.0937 2336 perc2 - ok
22:44:36.0375 2336 perc2hib - ok
22:44:36.0875 2336 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:44:36.0890 2336 PptpMiniport - ok
22:44:37.0046 2336 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:44:37.0046 2336 Processor - ok
22:44:37.0156 2336 PROCEXP151 - ok
22:44:37.0218 2336 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:44:37.0218 2336 PSched - ok
22:44:37.0359 2336 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:44:37.0359 2336 Ptilink - ok
22:44:37.0515 2336 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:44:37.0515 2336 PxHelp20 - ok
22:44:37.0734 2336 QCEmerald (90849934d37133e069f31f3e9a66c9bc) C:\WINDOWS\system32\DRIVERS\OVCE.sys
22:44:37.0734 2336 QCEmerald - ok
22:44:37.0859 2336 ql1080 - ok
22:44:37.0875 2336 Ql10wnt - ok
22:44:37.0875 2336 ql12160 - ok
22:44:37.0890 2336 ql1240 - ok
22:44:37.0906 2336 ql1280 - ok
22:44:37.0953 2336 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:44:37.0953 2336 RasAcd - ok
22:44:38.0062 2336 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:44:38.0062 2336 Rasl2tp - ok
22:44:38.0218 2336 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:44:38.0218 2336 RasPppoe - ok
22:44:38.0359 2336 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:44:38.0359 2336 Raspti - ok
22:44:38.0515 2336 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:44:38.0515 2336 Rdbss - ok
22:44:38.0687 2336 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:44:38.0703 2336 rdpdr - ok
22:44:38.0843 2336 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:44:38.0859 2336 RDPWD - ok
22:44:39.0000 2336 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:44:39.0015 2336 redbook - ok
22:44:39.0156 2336 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINDOWS\system32\Drivers\RimUsb.sys
22:44:39.0156 2336 RimUsb - ok
22:44:39.0312 2336 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
22:44:39.0312 2336 RimVSerPort - ok
22:44:39.0453 2336 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
22:44:39.0453 2336 ROOTMODEM - ok
22:44:39.0687 2336 rspndr (0e11b35e972796042044bc27ce13b065) C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:44:39.0687 2336 rspndr - ok
22:44:39.0781 2336 rt2870 - ok
22:44:39.0828 2336 s116bus (815445f4676cc96bc9aeec303c727e19) C:\WINDOWS\system32\DRIVERS\s116bus.sys
22:44:39.0828 2336 s116bus - ok
22:44:39.0984 2336 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\WINDOWS\system32\DRIVERS\s116mdfl.sys
22:44:39.0984 2336 s116mdfl - ok
22:44:40.0140 2336 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\WINDOWS\system32\DRIVERS\s116mdm.sys
22:44:40.0140 2336 s116mdm - ok
22:44:40.0218 2336 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:44:40.0218 2336 SASDIFSV - ok
22:44:40.0234 2336 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:44:40.0234 2336 SASKUTIL - ok
22:44:40.0343 2336 Scutum50 - ok
22:44:40.0390 2336 SE26mdfl (271e52ebe93af39d3410f5481f36202a) C:\WINDOWS\system32\DRIVERS\SE26mdfl.sys
22:44:40.0390 2336 SE26mdfl - ok
22:44:40.0546 2336 SE26mdm (c6b688bc8af4d2d384dbcb3fa4681fca) C:\WINDOWS\system32\DRIVERS\SE26mdm.sys
22:44:40.0546 2336 SE26mdm - ok
22:44:40.0734 2336 SE26obex (e6a884ea26c38087a419c4221a354168) C:\WINDOWS\system32\DRIVERS\SE26obex.sys
22:44:40.0750 2336 SE26obex - ok
22:44:40.0890 2336 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:44:40.0890 2336 Secdrv - ok
22:44:41.0062 2336 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
22:44:41.0078 2336 SenFiltService - ok
22:44:41.0250 2336 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:44:41.0250 2336 serenum - ok
22:44:41.0406 2336 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:44:41.0406 2336 Serial - ok
22:44:41.0578 2336 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:44:41.0578 2336 Sfloppy - ok
22:44:41.0687 2336 Simbad - ok
22:44:41.0796 2336 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:44:41.0796 2336 SLIP - ok
22:44:42.0000 2336 Sparrow - ok
22:44:42.0328 2336 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:44:42.0328 2336 splitter - ok
22:44:42.0515 2336 sptd (0c1dad75274cb6e31f053ce3e08bf9c3) C:\WINDOWS\System32\Drivers\sptd.sys
22:44:42.0531 2336 sptd - ok
22:44:42.0671 2336 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:44:42.0687 2336 sr - ok
22:44:42.0843 2336 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:44:42.0859 2336 Srv - ok
22:44:43.0015 2336 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:44:43.0015 2336 streamip - ok
22:44:43.0171 2336 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:44:43.0171 2336 swenum - ok
22:44:43.0328 2336 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:44:43.0328 2336 swmidi - ok
22:44:43.0453 2336 symc810 - ok
22:44:43.0468 2336 symc8xx - ok
22:44:43.0468 2336 sym_hi - ok
22:44:43.0484 2336 sym_u3 - ok
22:44:43.0531 2336 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:44:43.0531 2336 sysaudio - ok
22:44:43.0921 2336 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:44:43.0953 2336 Tcpip - ok
22:44:44.0109 2336 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:44:44.0109 2336 TDPIPE - ok
22:44:44.0125 2336 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:44:44.0140 2336 TDTCP - ok
22:44:44.0281 2336 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:44:44.0281 2336 TermDD - ok
22:44:44.0406 2336 TosIde - ok
22:44:44.0453 2336 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:44:44.0453 2336 Udfs - ok
22:44:44.0625 2336 ultra - ok
22:44:44.0796 2336 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:44:44.0812 2336 Update - ok
22:44:44.0937 2336 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:44:44.0937 2336 usbccgp - ok
22:44:45.0000 2336 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:44:45.0000 2336 usbehci - ok
22:44:45.0109 2336 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:44:45.0109 2336 usbhub - ok
22:44:45.0250 2336 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:44:45.0265 2336 usbohci - ok
22:44:45.0421 2336 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:44:45.0421 2336 usbprint - ok
22:44:45.0593 2336 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:44:45.0593 2336 USBSTOR - ok
22:44:45.0781 2336 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:44:45.0781 2336 VgaSave - ok
22:44:45.0890 2336 ViaIde - ok
22:44:45.0937 2336 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:44:45.0937 2336 VolSnap - ok
22:44:46.0093 2336 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:44:46.0093 2336 Wanarp - ok
22:44:46.0203 2336 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:44:46.0218 2336 Wdf01000 - ok
22:44:46.0328 2336 WDICA - ok
22:44:46.0375 2336 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:44:46.0375 2336 wdmaud - ok
22:44:46.0515 2336 WNIPROT5 - ok
22:44:46.0609 2336 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:44:46.0609 2336 WS2IFSL - ok
22:44:46.0796 2336 WSIMD (7a36f3083e28405d6c5ecdb942513c3b) C:\WINDOWS\system32\DRIVERS\wsimd.sys
22:44:46.0812 2336 WSIMD - ok
22:44:46.0968 2336 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:44:46.0968 2336 WSTCODEC - ok
22:44:47.0109 2336 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:44:47.0109 2336 WudfPf - ok
22:44:47.0250 2336 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:44:47.0250 2336 WudfRd - ok
22:44:47.0421 2336 ZD1201U (7ebcf6441b3e3521b5726b933107793c) C:\WINDOWS\system32\DRIVERS\zd1201u.sys
22:44:47.0421 2336 ZD1201U - ok
22:44:47.0531 2336 ZDNDIS5 - ok
22:44:47.0593 2336 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:44:47.0718 2336 \Device\Harddisk0\DR0 - ok
22:44:47.0718 2336 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
22:44:47.0734 2336 \Device\Harddisk1\DR1 - ok
22:44:47.0734 2336 Boot (0x1200) (6e0bbe403068d0f2052a3e4b01bfe349) \Device\Harddisk0\DR0\Partition0
22:44:47.0734 2336 \Device\Harddisk0\DR0\Partition0 - ok
22:44:47.0734 2336 Boot (0x1200) (c426a89671ec9a469bc148efbf00acc8) \Device\Harddisk1\DR1\Partition0
22:44:47.0734 2336 \Device\Harddisk1\DR1\Partition0 - ok
22:44:47.0750 2336 ============================================================
22:44:47.0750 2336 Scan finished
22:44:47.0750 2336 ============================================================
22:44:47.0750 2328 Detected object count: 0
22:44:47.0750 2328 Actual detected object count: 0

Thanks
irdodgy

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:46 AM

Posted 15 January 2012 - 06:34 PM

Hello

I would ike to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 irdodgy

irdodgy
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:46 AM

Posted 16 January 2012 - 01:34 AM

Hi Gringo,

Log as requested:

32 Bit HP CIO Components Installer
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.3.1
Advertising Center
Age of Empires III
Amazon MP3 Downloader 1.0.9
ArtistScope Plugin FX 42
avast! Free Antivirus
BitTorrent
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
BlackBerry Device Software Web Update Tools
Brother MFL-Pro Suite
BSPlayer
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CCleaner
Curse Client
DivX Setup
DNA
DVD Shrink 3.2
FAT32 Format
FileASSASSIN
Freelancer
GPGNet
Guild Wars
Hero Editor V0.96
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows Movie Maker (KB892312)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB943604-v6)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB981793)
ImagXpress
Java Auto Updater
Java™ 6 Update 2
Java™ 6 Update 22
Java™ SE Runtime Environment 6 Update 1
Junk Mail filter update
LightScribe 1.4.124.1
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XML Parser
Mozilla Firefox 8.0.1 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Nero 7 Essentials
Nero CoverDesigner
Nero PhotoSnap
NeroBurningROM
NeroExpress
neroxml
NETGEAR WNA1100 wireless USB 2.0 adapter
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
Oblivion
PaperPort Image Printer
RCT3 Soaked
RollerCoaster Tycoon 3
Runes of Magic
ScanSoft PaperPort 11
Security Task Manager 1.8d
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Segoe UI
Software Update for Web Folders
SopCast 3.3.2
Sorian AI Mod 2.0.0
Steam
SUPERAntiSpyware
Supreme Commander
Supreme Commander - Forged Alliance
Supreme Commander 2
System Requirements Lab
Tekla Structures License Server v1.13
TomTom HOME 2.8.1.2218
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VBA (2627.01)
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
VCRedistSetup
VideoLAN VLC media player 0.8.6
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
vShare.tv plugin 1.3
WebEx
WinAVI Video Converter 9.0
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR archiver
WinZip 11.1
Yahoo! BrowserPlus 2.8.1

Thanks
irdodgy




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users