Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Shield *rage* - HJT Log


  • This topic is locked This topic is locked
4 replies to this topic

#1 officerchops

officerchops

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 04 February 2012 - 01:45 AM

Hey guys any help would be VERY appreciated.

Got a program called 'Security Shield' keeps popping up & killing task manager ect. asking me to buy their 'malware removal software' :P

I'm Running XP Pro (I know, I know...)

I've tried Spybot Search & Destroy and looking up the CLSID's in pacman & other archives and have gotten no-where.

PLEASE, help a brother out.

-Charlie (e-mail address removed to protect from spambots. ~ OB)

//// HJT Log //// (was pulled in safemode as I can't run HJT or task manager in regular)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:34:19 PM, on 4/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\NETGEAR\WN111v2\jswtrayutil.exe"
O4 - HKLM\..\Run: [DLSService] "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: NETGEAR WN111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WN111v2\WN111V2.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Google Update Service (gupdate1ca1bce2d421980) (gupdate1ca1bce2d421980) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 4910 bytes

Edited by Orange Blossom, 04 February 2012 - 02:03 AM.


BC AdBot (Login to Remove)

 


#2 officerchops

officerchops
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 04 February 2012 - 03:16 AM

Thanks Orange Blossom.
Grabbing more log files as I type, posting shortly (FSS, TDSSkiller, GMER)

Let's step on this things neck eh?

#3 officerchops

officerchops
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 04 February 2012 - 05:46 PM

/// FSS Log ///

Farbar Service Scanner Version: 02-02-2012
Ran by Administrator (administrator) on 04-02-2012 at 17:57:53
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: Attention! Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgtdix(11) fssfltr(8) Gpc(6) IPSec(4) JSWSCIMD(10) NetBT(5) PSched(7) Tcpip(3) WSIMD(9)
0x0B000000040000000100000002000000030000000B00000005000000060000000700000008000000090000000A000000
IpSec Tag value is correct.

**** End of log ****

/// TDS Log ///

17:58:30.0843 1504 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
17:58:31.0687 1504 ============================================================
17:58:31.0687 1504 Current date / time: 2012/02/04 17:58:31.0687
17:58:31.0687 1504 SystemInfo:
17:58:31.0687 1504
17:58:31.0687 1504 OS Version: 5.1.2600 ServicePack: 3.0
17:58:31.0687 1504 Product type: Workstation
17:58:31.0687 1504 ComputerName: PYRONE635XPP
17:58:31.0687 1504 UserName: Administrator
17:58:31.0687 1504 Windows directory: C:\WINDOWS
17:58:31.0687 1504 System windows directory: C:\WINDOWS
17:58:31.0687 1504 Processor architecture: Intel x86
17:58:31.0687 1504 Number of processors: 2
17:58:31.0687 1504 Page size: 0x1000
17:58:31.0687 1504 Boot type: Safe boot with network
17:58:31.0687 1504 ============================================================
17:58:33.0296 1504 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:58:33.0296 1504 \Device\Harddisk0\DR0:
17:58:33.0296 1504 MBR used
17:58:33.0296 1504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38FDCABF
17:58:33.0406 1504 Initialize success
17:58:33.0406 1504 ============================================================
17:58:49.0953 1144 ============================================================
17:58:49.0953 1144 Scan started
17:58:49.0953 1144 Mode: Manual; TDLFS;
17:58:49.0953 1144 ============================================================
17:58:50.0890 1144 Abiosdsk - ok
17:58:50.0921 1144 abp480n5 - ok
17:58:51.0000 1144 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:58:51.0000 1144 ACPI - ok
17:58:51.0046 1144 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:58:51.0046 1144 ACPIEC - ok
17:58:51.0062 1144 adpu160m - ok
17:58:51.0125 1144 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:58:51.0125 1144 aec - ok
17:58:51.0187 1144 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
17:58:51.0187 1144 AFD - ok
17:58:51.0203 1144 Aha154x - ok
17:58:51.0218 1144 aic78u2 - ok
17:58:51.0250 1144 aic78xx - ok
17:58:51.0296 1144 AliIde - ok
17:58:51.0375 1144 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
17:58:51.0390 1144 Ambfilt - ok
17:58:51.0406 1144 amsint - ok
17:58:51.0515 1144 appliand (69370f2e2827ffba910d0bfa9e62e484) C:\WINDOWS\system32\DRIVERS\appliand.sys
17:58:51.0515 1144 appliand - ok
17:58:51.0515 1144 appliandMP (69370f2e2827ffba910d0bfa9e62e484) C:\WINDOWS\system32\DRIVERS\appliand.sys
17:58:51.0515 1144 appliandMP - ok
17:58:51.0546 1144 asc - ok
17:58:51.0562 1144 asc3350p - ok
17:58:51.0578 1144 asc3550 - ok
17:58:51.0687 1144 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:58:51.0687 1144 AsyncMac - ok
17:58:51.0734 1144 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:58:51.0734 1144 atapi - ok
17:58:51.0750 1144 Atdisk - ok
17:58:51.0781 1144 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:58:51.0781 1144 Atmarpc - ok
17:58:51.0890 1144 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:58:51.0890 1144 audstub - ok
17:58:51.0953 1144 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
17:58:51.0953 1144 AVGIDSDriver - ok
17:58:52.0000 1144 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
17:58:52.0000 1144 AVGIDSEH - ok
17:58:52.0046 1144 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
17:58:52.0046 1144 AVGIDSFilter - ok
17:58:52.0093 1144 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
17:58:52.0093 1144 AVGIDSShim - ok
17:58:52.0140 1144 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:58:52.0156 1144 Avgldx86 - ok
17:58:52.0187 1144 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:58:52.0187 1144 Avgmfx86 - ok
17:58:52.0234 1144 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:58:52.0234 1144 Avgrkx86 - ok
17:58:52.0281 1144 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:58:52.0281 1144 Avgtdix - ok
17:58:52.0296 1144 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:58:52.0296 1144 Beep - ok
17:58:52.0390 1144 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
17:58:52.0390 1144 BrScnUsb - ok
17:58:52.0390 1144 catchme - ok
17:58:52.0406 1144 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:58:52.0406 1144 cbidf2k - ok
17:58:52.0453 1144 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:58:52.0453 1144 CCDECODE - ok
17:58:52.0468 1144 cd20xrnt - ok
17:58:52.0468 1144 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:58:52.0468 1144 Cdaudio - ok
17:58:52.0500 1144 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:58:52.0500 1144 Cdfs - ok
17:58:52.0531 1144 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:58:52.0531 1144 Cdrom - ok
17:58:52.0531 1144 Changer - ok
17:58:52.0546 1144 CmdIde - ok
17:58:52.0562 1144 Cpqarray - ok
17:58:52.0562 1144 dac2w2k - ok
17:58:52.0578 1144 dac960nt - ok
17:58:52.0578 1144 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:58:52.0578 1144 Disk - ok
17:58:52.0609 1144 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:58:52.0625 1144 dmboot - ok
17:58:52.0625 1144 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:58:52.0625 1144 dmio - ok
17:58:52.0640 1144 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:58:52.0640 1144 dmload - ok
17:58:52.0687 1144 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:58:52.0687 1144 DMusic - ok
17:58:52.0718 1144 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
17:58:52.0734 1144 DNINDIS5 - ok
17:58:52.0750 1144 dpti2o - ok
17:58:52.0750 1144 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:58:52.0750 1144 drmkaud - ok
17:58:52.0796 1144 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:58:52.0796 1144 Fastfat - ok
17:58:52.0812 1144 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:58:52.0812 1144 Fdc - ok
17:58:52.0828 1144 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:58:52.0828 1144 Fips - ok
17:58:52.0828 1144 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:58:52.0828 1144 Flpydisk - ok
17:58:52.0859 1144 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:58:52.0859 1144 FltMgr - ok
17:58:52.0906 1144 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
17:58:52.0906 1144 fssfltr - ok
17:58:52.0937 1144 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:58:52.0937 1144 Fs_Rec - ok
17:58:52.0937 1144 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:58:52.0937 1144 Ftdisk - ok
17:58:52.0937 1144 GMSIPCI - ok
17:58:52.0984 1144 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:58:52.0984 1144 Gpc - ok
17:58:53.0046 1144 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:58:53.0046 1144 HDAudBus - ok
17:58:53.0093 1144 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:58:53.0109 1144 HidUsb - ok
17:58:53.0109 1144 hpn - ok
17:58:53.0171 1144 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:58:53.0171 1144 HTTP - ok
17:58:53.0171 1144 i2omgmt - ok
17:58:53.0187 1144 i2omp - ok
17:58:53.0234 1144 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:58:53.0234 1144 i8042prt - ok
17:58:53.0250 1144 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:58:53.0250 1144 Imapi - ok
17:58:53.0265 1144 ini910u - ok
17:58:53.0437 1144 IntcAzAudAddService (60d33814c478ad436082a05d7e50a0b6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:58:53.0531 1144 IntcAzAudAddService - ok
17:58:53.0546 1144 IntelIde - ok
17:58:53.0593 1144 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:58:53.0593 1144 intelppm - ok
17:58:53.0609 1144 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:58:53.0609 1144 Ip6Fw - ok
17:58:53.0625 1144 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:58:53.0625 1144 IpFilterDriver - ok
17:58:53.0640 1144 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:58:53.0640 1144 IpInIp - ok
17:58:53.0671 1144 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:58:53.0671 1144 IpNat - ok
17:58:53.0671 1144 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:58:53.0671 1144 IPSec - ok
17:58:53.0687 1144 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:58:53.0687 1144 IRENUM - ok
17:58:53.0734 1144 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:58:53.0734 1144 isapnp - ok
17:58:53.0796 1144 JSWSCIMD (ad67795900aa8c05cc4570f5349e0639) C:\WINDOWS\system32\DRIVERS\jswscimd.sys
17:58:53.0796 1144 JSWSCIMD - ok
17:58:53.0843 1144 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:58:53.0843 1144 Kbdclass - ok
17:58:53.0875 1144 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:58:53.0875 1144 kbdhid - ok
17:58:53.0906 1144 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:58:53.0906 1144 kmixer - ok
17:58:53.0937 1144 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:58:53.0937 1144 KSecDD - ok
17:58:54.0015 1144 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys
17:58:54.0015 1144 Lbd - ok
17:58:54.0031 1144 lbrtfdc - ok
17:58:54.0109 1144 massfilter (59f57b06d1e3c7a3f22d62c7c5b4c3c3) C:\WINDOWS\system32\drivers\massfilter.sys
17:58:54.0109 1144 massfilter - ok
17:58:54.0140 1144 massfilter_hs (38bfa8fa6d838cbab58a1c2b49ebf96b) C:\WINDOWS\system32\drivers\massfilter_hs.sys
17:58:54.0140 1144 massfilter_hs - ok
17:58:54.0187 1144 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:58:54.0187 1144 mnmdd - ok
17:58:54.0234 1144 mod7700 (f37a8070f1e6d0a1feac34ebb846fd05) C:\WINDOWS\system32\Drivers\dvb7700all.sys
17:58:54.0250 1144 mod7700 - ok
17:58:54.0281 1144 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:58:54.0296 1144 Modem - ok
17:58:54.0359 1144 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
17:58:54.0375 1144 Monfilt - ok
17:58:54.0437 1144 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:58:54.0437 1144 Mouclass - ok
17:58:54.0484 1144 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:58:54.0484 1144 mouhid - ok
17:58:54.0500 1144 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:58:54.0500 1144 MountMgr - ok
17:58:54.0546 1144 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
17:58:54.0546 1144 MPE - ok
17:58:54.0593 1144 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:58:54.0593 1144 MpFilter - ok
17:58:54.0593 1144 mraid35x - ok
17:58:54.0609 1144 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:58:54.0609 1144 MRxDAV - ok
17:58:54.0640 1144 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:58:54.0640 1144 MRxSmb - ok
17:58:54.0671 1144 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:58:54.0671 1144 Msfs - ok
17:58:54.0718 1144 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:58:54.0718 1144 MSKSSRV - ok
17:58:54.0718 1144 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:58:54.0718 1144 MSPCLOCK - ok
17:58:54.0734 1144 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:58:54.0734 1144 MSPQM - ok
17:58:54.0812 1144 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:58:54.0812 1144 mssmbios - ok
17:58:54.0843 1144 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:58:54.0843 1144 MSTEE - ok
17:58:54.0906 1144 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:58:54.0906 1144 Mup - ok
17:58:54.0937 1144 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:58:54.0937 1144 NABTSFEC - ok
17:58:54.0984 1144 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:58:54.0984 1144 NDIS - ok
17:58:55.0015 1144 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:58:55.0015 1144 NdisIP - ok
17:58:55.0062 1144 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:58:55.0062 1144 NdisTapi - ok
17:58:55.0109 1144 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:58:55.0109 1144 Ndisuio - ok
17:58:55.0125 1144 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:58:55.0125 1144 NdisWan - ok
17:58:55.0171 1144 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:58:55.0171 1144 NDProxy - ok
17:58:55.0187 1144 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:58:55.0187 1144 NetBIOS - ok
17:58:55.0187 1144 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:58:55.0187 1144 NetBT - ok
17:58:55.0218 1144 NetworkX (aad4636f8f670cd2b8d394adec920b5d) C:\WINDOWS\system32\ckldrv.sys
17:58:55.0218 1144 NetworkX - ok
17:58:55.0312 1144 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
17:58:55.0312 1144 NPF - ok
17:58:55.0328 1144 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:58:55.0328 1144 Npfs - ok
17:58:55.0375 1144 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:58:55.0390 1144 Ntfs - ok
17:58:55.0406 1144 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:58:55.0406 1144 Null - ok
17:58:55.0640 1144 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:58:55.0906 1144 nv - ok
17:58:55.0968 1144 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:58:55.0968 1144 NwlnkFlt - ok
17:58:55.0984 1144 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:58:55.0984 1144 NwlnkFwd - ok
17:58:56.0015 1144 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:58:56.0015 1144 Parport - ok
17:58:56.0031 1144 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:58:56.0031 1144 PartMgr - ok
17:58:56.0062 1144 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:58:56.0062 1144 ParVdm - ok
17:58:56.0078 1144 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:58:56.0078 1144 PCI - ok
17:58:56.0093 1144 PCIDump - ok
17:58:56.0109 1144 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:58:56.0109 1144 PCIIde - ok
17:58:56.0156 1144 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:58:56.0156 1144 Pcmcia - ok
17:58:56.0171 1144 PDCOMP - ok
17:58:56.0187 1144 PDFRAME - ok
17:58:56.0250 1144 PDRELI - ok
17:58:56.0296 1144 PDRFRAME - ok
17:58:56.0312 1144 perc2 - ok
17:58:56.0328 1144 perc2hib - ok
17:58:56.0421 1144 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:58:56.0421 1144 PptpMiniport - ok
17:58:56.0437 1144 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:58:56.0437 1144 PSched - ok
17:58:56.0453 1144 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:58:56.0453 1144 Ptilink - ok
17:58:56.0468 1144 ql1080 - ok
17:58:56.0515 1144 Ql10wnt - ok
17:58:56.0531 1144 ql12160 - ok
17:58:56.0578 1144 ql1240 - ok
17:58:56.0625 1144 ql1280 - ok
17:58:56.0640 1144 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:58:56.0640 1144 RasAcd - ok
17:58:56.0671 1144 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:58:56.0671 1144 Rasl2tp - ok
17:58:56.0718 1144 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:58:56.0734 1144 RasPppoe - ok
17:58:56.0734 1144 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:58:56.0734 1144 Raspti - ok
17:58:56.0796 1144 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:58:56.0796 1144 Rdbss - ok
17:58:56.0812 1144 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:58:56.0812 1144 RDPCDD - ok
17:58:56.0875 1144 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:58:56.0875 1144 rdpdr - ok
17:58:56.0937 1144 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:58:56.0937 1144 RDPWD - ok
17:58:56.0984 1144 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:58:56.0984 1144 redbook - ok
17:58:57.0109 1144 RTLE8023xp (e47c52f0380f0950e2bc9f1bcdc0de9b) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:58:57.0109 1144 RTLE8023xp - ok
17:58:57.0203 1144 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:58:57.0203 1144 Secdrv - ok
17:58:57.0234 1144 sentemul (da474c823f4dc8a4fb653180f607a048) C:\WINDOWS\system32\drivers\sentemul.sys
17:58:57.0234 1144 sentemul - ok
17:58:57.0265 1144 Sentinel (d23fc3f409fdbb2a5c230abc137c4b45) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
17:58:57.0265 1144 Sentinel - ok
17:58:57.0296 1144 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:58:57.0296 1144 serenum - ok
17:58:57.0312 1144 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:58:57.0328 1144 Serial - ok
17:58:57.0359 1144 sermouse (1f16931c722c69e4a7866244796c66a0) C:\WINDOWS\system32\DRIVERS\sermouse.sys
17:58:57.0359 1144 sermouse - ok
17:58:57.0406 1144 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:58:57.0406 1144 Sfloppy - ok
17:58:57.0421 1144 Simbad - ok
17:58:57.0468 1144 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:58:57.0468 1144 SLIP - ok
17:58:57.0500 1144 Sntnlusb - ok
17:58:57.0562 1144 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
17:58:57.0562 1144 SONYPVU1 - ok
17:58:57.0562 1144 Sparrow - ok
17:58:57.0625 1144 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:58:57.0625 1144 splitter - ok
17:58:57.0687 1144 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:58:57.0687 1144 sr - ok
17:58:57.0734 1144 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:58:57.0734 1144 Srv - ok
17:58:57.0781 1144 SSPORT (ef3458337d7341a05169cefc73709264) C:\WINDOWS\system32\Drivers\SSPORT.sys
17:58:57.0781 1144 SSPORT - ok
17:58:57.0812 1144 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:58:57.0812 1144 streamip - ok
17:58:57.0859 1144 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:58:57.0859 1144 swenum - ok
17:58:57.0859 1144 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:58:57.0859 1144 swmidi - ok
17:58:57.0890 1144 symc810 - ok
17:58:57.0937 1144 symc8xx - ok
17:58:57.0953 1144 sym_hi - ok
17:58:58.0015 1144 sym_u3 - ok
17:58:58.0031 1144 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:58:58.0031 1144 sysaudio - ok
17:58:58.0109 1144 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:58:58.0109 1144 Tcpip - ok
17:58:58.0156 1144 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:58:58.0156 1144 TDPIPE - ok
17:58:58.0171 1144 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:58:58.0171 1144 TDTCP - ok
17:58:58.0171 1144 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:58:58.0187 1144 TermDD - ok
17:58:58.0218 1144 TosIde - ok
17:58:58.0328 1144 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:58:58.0328 1144 Udfs - ok
17:58:58.0343 1144 ultra - ok
17:58:58.0406 1144 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:58:58.0406 1144 Update - ok
17:58:58.0468 1144 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:58:58.0468 1144 usbaudio - ok
17:58:58.0484 1144 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:58:58.0484 1144 usbccgp - ok
17:58:58.0515 1144 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:58:58.0515 1144 usbehci - ok
17:58:58.0546 1144 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:58:58.0546 1144 usbhub - ok
17:58:58.0609 1144 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:58:58.0609 1144 usbprint - ok
17:58:58.0640 1144 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:58:58.0640 1144 usbscan - ok
17:58:58.0656 1144 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:58:58.0656 1144 USBSTOR - ok
17:58:58.0687 1144 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:58:58.0687 1144 usbuhci - ok
17:58:58.0718 1144 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:58:58.0734 1144 VgaSave - ok
17:58:58.0796 1144 ViaIde - ok
17:58:58.0875 1144 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:58:58.0890 1144 VolSnap - ok
17:58:58.0921 1144 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:58:58.0921 1144 Wanarp - ok
17:58:58.0968 1144 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
17:58:58.0968 1144 WDC_SAM - ok
17:58:58.0984 1144 WDICA - ok
17:58:59.0015 1144 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:58:59.0015 1144 wdmaud - ok
17:58:59.0156 1144 WN111v2 (966860e5ea3591aa471ec9ced49dc8d2) C:\WINDOWS\system32\DRIVERS\WN111v2.sys
17:58:59.0171 1144 WN111v2 - ok
17:58:59.0203 1144 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:58:59.0218 1144 WpdUsb - ok
17:58:59.0265 1144 WSIMD (43f767d59bfc25d8f4fc2eb42043ec1e) C:\WINDOWS\system32\DRIVERS\wsimd.sys
17:58:59.0265 1144 WSIMD - ok
17:58:59.0296 1144 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:58:59.0296 1144 WSTCODEC - ok
17:58:59.0343 1144 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:58:59.0343 1144 WudfPf - ok
17:58:59.0343 1144 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:58:59.0343 1144 WudfRd - ok
17:58:59.0421 1144 zgwhsdiag (cd986c20e6475a8fa81601da8ebadaac) C:\WINDOWS\system32\DRIVERS\zgwhsdiag.sys
17:58:59.0421 1144 zgwhsdiag - ok
17:58:59.0468 1144 zgwhsmdm (d5030e0598d4108e26220490e97f7598) C:\WINDOWS\system32\DRIVERS\zgwhsmdm.sys
17:58:59.0468 1144 zgwhsmdm - ok
17:58:59.0500 1144 zgwhsnmea (cd986c20e6475a8fa81601da8ebadaac) C:\WINDOWS\system32\DRIVERS\zgwhsnmea.sys
17:58:59.0500 1144 zgwhsnmea - ok
17:58:59.0531 1144 ZTEusbmdm6k (1d4eb2e5fc4276cd5e9b862d349f68bd) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
17:58:59.0531 1144 ZTEusbmdm6k - ok
17:58:59.0546 1144 ZTEusbnmea (1d4eb2e5fc4276cd5e9b862d349f68bd) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
17:58:59.0562 1144 ZTEusbnmea - ok
17:58:59.0562 1144 ZTEusbser6k (1d4eb2e5fc4276cd5e9b862d349f68bd) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
17:58:59.0562 1144 ZTEusbser6k - ok
17:58:59.0625 1144 MBR (0x1B8) (bc59a2d2f5687192d3dc483130394af3) \Device\Harddisk0\DR0
17:59:00.0015 1144 \Device\Harddisk0\DR0 - ok
17:59:00.0031 1144 Boot (0x1200) (ed09bc9add5907b60f30a5e4aaab9de7) \Device\Harddisk0\DR0\Partition0
17:59:00.0031 1144 \Device\Harddisk0\DR0\Partition0 - ok
17:59:00.0031 1144 ============================================================
17:59:00.0031 1144 Scan finished
17:59:00.0031 1144 ============================================================
17:59:00.0062 2148 Detected object count: 0
17:59:00.0062 2148 Actual detected object count: 0

/// GMER Log ///

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-05 09:32:53
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e ST3500418AS rev.CC38
Running: i04187eg.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\awldrkow.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF764787E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7647BFE]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2546A6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDB98 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E569F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[1488] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2546A6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDB98 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E569F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2546A6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDB98 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E569F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\IEXPLORE.EXE[552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\IEXPLORE.EXE[3132] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\IEXPLORE.EXE[3280] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Library C:\WINDOWS\system32\wbem\wmiaprpl.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Open WmiOpenPerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Collect WmiCollectPerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Close WmiClosePerfData
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Counter 11538
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Counter 11508
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Help 11509
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Object List 11508 11508 11514 11514 11522 11522

---- Files - GMER 1.0.15 ----

File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04770259.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790257.E 24796 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04830251.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04720258.E 86573 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04720259.E 146172 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04720260.E 13683 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04730258.E 59166 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04730259.E 189637 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04730260.E 3599 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04740258.E 24332 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04740259.E 187693 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04740260.E 3245 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04750257.E 335 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04750258.E 85240 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04750259.E 104914 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04750260.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04760257.E 112813 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04760258.E 88631 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04760259.E 407 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04770256.E 23821 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04770257.E 170871 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04770258.E 160080 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780249.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780250.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780251.E 1183 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780252.E 63218 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780253.E 75272 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780254.E 18960 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780255.E 8303 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780256.E 43790 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780257.E 136666 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780258.E 69355 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04780259.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790249.E 10580 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790250.E 93425 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790251.E 66665 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790252.E 88144 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790253.E 91553 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790254.E 73669 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790255.E 68382 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790256.E 93074 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04790258.E 475 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04800247.E 8188 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04800248.E 127058 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04800249.E 163436 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04800250.E 60510 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04800251.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04810247.E 325 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04810248.E 23543 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04810249.E 135877 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04810250.E 141568 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04810251.E 43967 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04820248.E 21500 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04820249.E 113126 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04820250.E 98334 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04820251.E 5353 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04830247.E 2729 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04830248.E 28769 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04830249.E 88375 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04830250.E 19193 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04840247.E 3703 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04840248.E 98127 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04840249.E 93262 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04840250.E 144986 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04840251.E 42846 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04850247.E 22959 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04850248.E 34701 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04850249.E 58782 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04850250.E 59105 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04850251.E 11206 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04860240.E 4767 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04860241.E 51712 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04860242.E 29704 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04860243.E 36120 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04860244.E 6692 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04870240.E 814 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04870241.E 7950 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04870242.E 64061 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04870243.E 71536 bytes
File C:\Boat\CM93 Just in Case Upbleep\04500240\E\04870244.E 34050 bytes

---- EOF - GMER 1.0.15 ----

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:11:03 AM

Posted 06 February 2012 - 07:31 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:11:03 AM

Posted 16 February 2012 - 07:17 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users