Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

INFECTED!!! CentrixSearch hijaker... Spyware.nsKeyLogger...


  • This topic is locked This topic is locked
21 replies to this topic

#1 gozstar

gozstar

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 24 October 2013 - 03:29 PM

{Referred from here: http://www.bleepingcomputer.com/forums/t/511447/posible-infected/ ~ OB}
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 10.0.9200.16384
Run by GozStar at 17:20:59 on 2013-10-24
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.54.2057.18.3058.1989 [GMT -3:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
D:\Gabriel\SOFT\OpenHardwareMonitor\OpenHardwareMonitor.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_060a6d2998b13f25\TiWorker.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://192.168.1.22/
mWinlogon: Shell = explorer.exe /select,explorer.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [RTHDVCPL] "c:\program files\realtek\audio\hda\RtkNGUI.exe" -s
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\x86\CLIStart.exe" MSRun
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE -startup
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\users\gozstar\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1305AA9E-142B-4738-A80C-22D20C543A20} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.101\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-10-22 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-10-22 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-22 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-22 403440]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2013/10/22 13:03:03];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-8-30 209408]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2013-8-30 276992]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-11-20 48808]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-22 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-22 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-23 50344]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-10-22 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-10-22 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-10-22 171928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW83.sys [2013-7-5 113664]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt32.sys [2013-10-22 24664]
R3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\drivers\Rt630x86.sys [2013-10-22 671304]
S3 amdkmafd;AMD Audio Bus Lower Filter;c:\windows\system32\drivers\amdkmafd.sys [2012-9-22 15528]
.
=============== Created Last 30 ================
.
2013-10-23 14:09:19 -------- d-----w- c:\windows\ERUNT
2013-10-23 13:45:08 -------- d-----w- c:\users\gozstar\appdata\roaming\AVAST Software
2013-10-22 20:26:31 -------- d-----w- c:\program files\ESET
2013-10-22 20:12:45 1630 ----a-w- c:\windows\system32\tmp.reg
2013-10-22 19:16:28 -------- d-----w- C:\JRT
2013-10-22 19:02:56 -------- d-----w- C:\AdwCleaner
2013-10-22 18:43:10 -------- d-----w- C:\_AT-Destroyer
2013-10-22 18:20:07 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-22 18:19:53 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-10-22 18:19:49 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-10-22 18:19:36 -------- d-----w- c:\users\gozstar\appdata\roaming\Malwarebytes
2013-10-22 18:19:33 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-22 18:19:33 -------- d-----w- c:\programdata\Malwarebytes
2013-10-22 18:19:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-22 18:19:25 -------- d-----w- c:\users\gozstar\appdata\local\Programs
2013-10-22 18:18:56 101664 ----a-w- c:\windows\system32\BootDefrag.exe
2013-10-22 18:18:55 -------- d-----w- c:\users\gozstar\appdata\roaming\GlarySoft
2013-10-22 18:18:46 -------- d-----w- c:\program files\Glary Utilities 3
2013-10-22 18:18:24 -------- d-----w- c:\program files\COMODO
2013-10-22 18:16:06 -------- d-----w- c:\programdata\Arovax
2013-10-22 18:16:06 -------- d-----w- c:\program files\Arovax AntiSpyware
2013-10-22 18:08:58 -------- d-----w- c:\windows\pss
2013-10-22 17:56:32 -------- d-----w- c:\users\gozstar\appdata\local\Google
2013-10-22 17:56:10 -------- d-----w- c:\users\gozstar\appdata\local\Deployment
2013-10-22 17:56:10 -------- d-----w- c:\users\gozstar\appdata\local\Apps
2013-10-22 17:22:44 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-22 17:22:37 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-22 17:22:37 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-22 17:22:37 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-22 17:22:36 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-22 17:21:53 43152 ----a-w- c:\windows\avastSS.scr
2013-10-22 17:21:38 -------- d-----w- c:\program files\AVAST Software
2013-10-22 17:21:24 -------- d-----w- c:\programdata\AVAST Software
2013-10-22 17:20:49 22 ----a-w- c:\windows\system32\sycd5.dll
2013-10-22 17:20:41 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2013-10-22 17:20:41 47360 ----a-w- c:\users\gozstar\appdata\roaming\pcouffin.sys
2013-10-22 17:20:32 -------- d-----w- c:\programdata\DVDXStudio
2013-10-22 17:20:32 -------- d-----w- c:\program files\CloneDVD5
2013-10-22 17:15:53 -------- d-----w- c:\program files\PowerISO
2013-10-22 17:06:27 -------- d-----w- c:\programdata\Nero
2013-10-22 17:06:00 -------- d-----w- c:\program files\Nero
2013-10-22 16:42:25 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2013-10-22 16:42:20 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2013-10-22 16:42:16 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-10-22 16:42:11 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2013-10-22 16:42:07 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2013-10-22 16:02:56 -------- d-----w- c:\program files\common files\CyberLink
2013-10-22 16:02:04 505128 ----a-w- c:\windows\system32\msvcp71.dll
2013-10-22 16:02:04 353576 ----a-w- c:\windows\system32\msvcr71.dll
2013-10-22 16:02:04 29480 ----a-w- c:\windows\system32\msxml3a.dll
2013-10-22 15:53:38 -------- d-----w- c:\windows\system32\wbem\framework\root\OpenHardwareMonitor
2013-10-22 15:53:38 -------- d-----w- c:\windows\system32\wbem\framework\root
2013-10-22 15:53:38 -------- d-----w- c:\windows\system32\wbem\Framework
2013-10-22 15:52:28 -------- d-----w- c:\users\gozstar\appdata\roaming\FreeArc
2013-10-22 15:52:19 -------- d-----w- c:\program files\FreeArc
2013-10-22 15:50:22 -------- d-----w- c:\program files\WinZip Self-Extractor
2013-10-22 15:49:22 -------- d-----w- c:\program files\DsNET Corp
2013-10-22 15:48:47 -------- d-----w- c:\program files\CPUID
2013-10-22 15:48:21 -------- d-----w- c:\program files\Seagate
2013-10-22 15:47:47 -------- d-----w- c:\program files\VS Revo Group
2013-10-22 15:47:32 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-10-22 15:46:57 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2013-10-22 15:46:56 -------- d-----w- c:\program files\MagicDisc
2013-10-22 15:46:27 -------- d-----w- c:\program files\Unlocker
2013-10-22 15:45:22 17536 ----a-w- c:\programdata\microsoft\windowssampling\sqm\manifest\Sqm3.bin
2013-10-22 14:23:10 -------- d---a-w- C:\Windows Sidebar
2013-10-22 14:23:07 53248 ----a-w- c:\program files\windows sidebar\gadgets\mediacenter.gadget\MCESidebarCtrl.dll
2013-10-22 14:23:07 108544 ----a-w- c:\program files\windows sidebar\wlsrvc.dll
2013-10-22 14:23:06 82944 ----a-w- c:\program files\windows sidebar\sbdrop.dll
2013-10-22 14:23:06 1174016 ----a-w- c:\program files\windows sidebar\sidebar.exe
2013-10-22 14:21:39 1322 ----a-w- c:\windows\system32\install.cmd
2013-10-22 14:21:39 -------- d-----w- c:\windows\system32\files
2013-10-22 14:16:14 -------- d-----w- c:\users\gozstar\appdata\local\AMD
2013-10-22 14:16:11 -------- d-----w- c:\users\gozstar\appdata\local\ATI
2013-10-22 14:15:38 -------- d-----w- c:\program files\AMD AVT
2013-10-22 14:15:13 -------- d-----w- c:\programdata\AMD
2013-10-22 14:15:00 -------- d-----w- c:\program files\common files\ATI Technologies
2013-10-22 14:14:41 -------- d-----w- c:\programdata\Package Cache
2013-10-22 14:14:37 -------- d-----w- c:\program files\ATI
2013-10-22 14:14:20 -------- d-----w- c:\program files\ATI Technologies
2013-10-22 14:13:42 -------- d-----w- C:\AMD
2013-10-22 14:09:59 90624 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-10-22 14:06:57 -------- d-----w- c:\windows\LastGood.Tmp
2013-10-22 14:06:26 76872 ----a-w- c:\windows\system32\RtNicProp32.dll
2013-10-22 14:06:26 671304 ----a-w- c:\windows\system32\drivers\Rt630x86.sys
2013-10-22 14:06:22 -------- d-----w- c:\program files\Realtek
2013-10-22 01:25:18 -------- d-----w- c:\windows\AutoKMS
2013-10-22 01:24:50 -------- d-----w- c:\programdata\Microsoft Toolkit
2013-10-22 01:15:09 -------- d-----w- c:\windows\PCHEALTH
2013-10-22 01:14:03 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-10-22 01:13:46 -------- d-----w- c:\users\gozstar\appdata\local\Microsoft Help
2013-10-22 01:00:32 -------- d-----w- c:\windows\system32\es
2013-10-22 01:00:31 -------- d-----w- c:\windows\system32\XPSViewer
2013-10-22 01:00:31 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES
2013-10-22 01:00:31 -------- d-----w- c:\windows\system32\0C0A
2013-10-22 01:00:26 -------- d-----w- c:\windows\system32\drivers\es-ES
2013-10-22 01:00:04 -------- d-----w- c:\windows\system32\wbem\es-ES
2013-10-22 00:59:04 -------- d-----w- c:\windows\es-ES
2013-10-22 00:59:01 -------- d-----w- C:\sources
2013-10-22 00:53:54 -------- d-----w- C:\81b89579ec21d8e4b2498a2112a0e5c1
2013-10-22 00:05:41 0 ----a-w- c:\windows\ativpsrm.bin
2013-10-21 21:03:53 -------- d-----w- c:\windows\Panther
.
==================== Find3M  ====================
.
2013-10-22 00:57:58 5632 ----a-w- c:\windows\system32\drivers\es-es\rdbss.sys.mui
2013-08-31 00:14:06 71704 ----a-w- c:\windows\system32\atimpc32.dll
2013-08-31 00:14:02 71704 ----a-w- c:\windows\system32\amdpcom32.dll
2013-08-31 00:14:00 125824 ----a-w- c:\windows\system32\atiuxpag.dll
2013-08-31 00:13:56 97984 ----a-w- c:\windows\system32\atiu9pag.dll
2013-08-31 00:13:52 1027544 ----a-w- c:\windows\system32\aticfx32.dll
2013-08-31 00:13:44 8215992 ----a-w- c:\windows\system32\atidxx32.dll
2013-08-31 00:13:40 6176008 ----a-w- c:\windows\system32\atiumdva.dll
2013-08-31 00:13:34 6189416 ----a-w- c:\windows\system32\atiumdag.dll
2013-08-31 00:09:30 10925056 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-08-30 23:48:40 114688 ----a-w- c:\windows\system32\coinst_13.152.dll
2013-08-30 23:47:56 200704 ----a-w- c:\windows\system32\clinfo.exe
2013-08-30 23:47:50 995342 ----a-w- c:\windows\system32\amdocl_as32.exe
2013-08-30 23:47:50 798734 ----a-w- c:\windows\system32\amdocl_ld32.exe
2013-08-30 23:47:40 83456 ----a-w- c:\windows\system32\OpenVideo.dll
2013-08-30 23:47:30 73216 ----a-w- c:\windows\system32\OVDecode.dll
2013-08-30 23:45:04 23760896 ----a-w- c:\windows\system32\amdocl.dll
2013-08-30 23:43:08 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-08-30 23:18:20 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2013-08-30 23:18:10 52224 ----a-w- c:\windows\system32\aticalrt.dll
2013-08-30 23:18:00 49152 ----a-w- c:\windows\system32\aticalcl.dll
2013-08-30 23:14:36 14302208 ----a-w- c:\windows\system32\aticaldd.dll
2013-08-30 23:13:58 21400064 ----a-w- c:\windows\system32\atioglxx.dll
2013-08-30 22:59:02 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-08-30 22:58:48 25600 ----a-w- c:\windows\system32\atimuixx.dll
2013-08-30 22:58:20 480256 ----a-w- c:\windows\system32\atieclxx.exe
2013-08-30 22:57:40 209408 ----a-w- c:\windows\system32\atiesrxx.exe
2013-08-30 22:56:20 164352 ----a-w- c:\windows\system32\atitmmxx.dll
2013-08-30 22:53:48 38912 ----a-w- c:\windows\system32\kdbsdk32.dll
2013-08-30 22:33:10 594944 ----a-w- c:\windows\system32\atiadlxx.dll
2013-08-30 22:33:08 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-08-30 22:32:54 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2013-08-30 22:32:42 96768 ----a-w- c:\windows\system32\atigktxx.dll
2013-08-30 22:31:20 495104 ----a-w- c:\windows\system32\drivers\atikmpag.sys
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.2.9200 
.
CreateFile("\\.\PHYSICALDRIVE0"): El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
device: opened successfully
user: error reading MBR 
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys halmacpi.dll storahci.sys 
1 nt!IofCallDriver[0x818AAA3D] -> \Device\Harddisk0\DR0[0x857FE030]
3 CLASSPNP[0x82CC50C3] -> nt!IofCallDriver[0x818AAA3D] -> \Device\00000032[0x855EFB48]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0;  }
user != kernel MBR !!! 
.
============= FINISH: 17:21:33,23 ===============
 


attach.txt
 
{Merged topics then posts. ~ OB}


 

Attached Files


Edited by Orange Blossom, 24 October 2013 - 03:42 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 25 October 2013 - 12:48 AM


Hello gozstar

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 25 October 2013 - 06:51 AM

# AdwCleaner v3.010 - Report created 25/10/2013 at 08:32:28
# Updated 20/10/2013 by Xplode
# Operating System : Windows 8 Pro with Media Center  (32 bits)
# Username : GozStar - PHENOM720SRV
# Running from : D:\Gabriel\LIMPIAR\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16384
 
 
-\\ Google Chrome v30.0.1599.101
 
[ File : C:\Users\GozStar\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [882 octets] - [22/10/2013 16:02:58]
AdwCleaner[R1].txt - [941 octets] - [22/10/2013 16:04:35]
AdwCleaner[R2].txt - [937 octets] - [22/10/2013 17:09:26]
AdwCleaner[R3].txt - [1055 octets] - [23/10/2013 11:07:08]
AdwCleaner[R4].txt - [1116 octets] - [25/10/2013 08:31:10]
AdwCleaner[S0].txt - [981 octets] - [22/10/2013 16:04:51]
AdwCleaner[S1].txt - [997 octets] - [22/10/2013 17:10:06]
AdwCleaner[S2].txt - [1038 octets] - [25/10/2013 08:32:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1098 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 Pro with Media Center x86
Ran by GozStar on 25/10/2013 at  8:36:02,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/10/2013 at  8:37:00,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 25 October 2013 - 12:00 PM


Hello gozstar

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 26 October 2013 - 10:21 AM

ComboFix 13-10-26.01 - GozStar 26/10/2013  12:06:45.2.3 - x86 NETWORK
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.54.2057.18.3058.2221 [GMT -3:00]
Running from: c:\users\GozStar\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-09-26 to 2013-10-26  )))))))))))))))))))))))))))))))
.
.
2013-10-26 15:09 . 2013-10-26 15:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-23 14:09 . 2013-10-23 14:09 -------- d-----w- c:\windows\ERUNT
2013-10-22 20:26 . 2013-10-22 20:26 -------- d-----w- c:\program files\ESET
2013-10-22 19:16 . 2013-10-22 19:18 -------- d-----w- C:\JRT
2013-10-22 19:02 . 2013-10-25 11:32 -------- d-----w- C:\AdwCleaner
2013-10-22 18:43 . 2013-10-22 20:03 -------- d-----w- C:\_AT-Destroyer
2013-10-22 18:20 . 2013-10-22 19:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-22 18:19 . 2009-01-25 16:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-10-22 18:19 . 2013-10-22 18:28 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-10-22 18:19 . 2013-10-22 18:19 -------- d-----w- c:\programdata\Malwarebytes
2013-10-22 18:19 . 2013-10-22 18:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-22 18:19 . 2013-04-04 17:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-22 18:18 . 2013-08-20 09:21 101664 ----a-w- c:\windows\system32\BootDefrag.exe
2013-10-22 18:18 . 2013-10-22 20:01 -------- d-----w- c:\program files\Glary Utilities 3
2013-10-22 18:18 . 2013-10-22 18:18 -------- d-----w- c:\program files\COMODO
2013-10-22 18:16 . 2013-10-26 15:02 -------- d-----w- c:\program files\Arovax AntiSpyware
2013-10-22 18:16 . 2013-10-22 18:16 -------- d-----w- c:\programdata\Arovax
2013-10-22 17:56 . 2013-10-22 18:04 -------- d-----w- c:\program files\Google
2013-10-22 17:22 . 2013-10-23 13:37 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-22 17:22 . 2013-10-23 13:37 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-22 17:22 . 2013-10-23 13:37 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-22 17:22 . 2013-10-23 13:37 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-22 17:22 . 2013-10-23 13:37 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-22 17:22 . 2013-10-23 13:37 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-22 17:22 . 2013-10-23 13:37 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-22 17:22 . 2013-10-23 13:37 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-22 17:21 . 2013-10-23 13:37 43152 ----a-w- c:\windows\avastSS.scr
2013-10-22 17:21 . 2013-10-22 17:21 -------- d-----w- c:\program files\AVAST Software
2013-10-22 17:21 . 2013-10-23 13:34 -------- d-----w- c:\programdata\AVAST Software
2013-10-22 17:20 . 2013-10-22 17:20 22 ----a-w- c:\windows\system32\sycd5.dll
2013-10-22 17:20 . 2013-10-22 17:20 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2013-10-22 17:20 . 2013-10-22 17:20 -------- d-----w- c:\program files\CloneDVD5
2013-10-22 17:20 . 2013-10-22 17:20 -------- d-----w- c:\programdata\DVDXStudio
2013-10-22 17:15 . 2013-10-22 17:15 -------- d-----w- c:\program files\PowerISO
2013-10-22 17:06 . 2013-10-22 17:11 -------- d-----w- c:\programdata\Nero
2013-10-22 17:06 . 2013-10-22 17:06 -------- d-----w- c:\program files\Common Files\Nero
2013-10-22 17:06 . 2013-10-22 17:11 -------- d-----w- c:\program files\Nero
2013-10-22 16:42 . 2009-09-04 20:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2013-10-22 16:42 . 2009-09-04 20:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2013-10-22 16:42 . 2008-10-15 09:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-10-22 16:42 . 2007-07-19 21:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2013-10-22 16:42 . 2007-05-16 19:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2013-10-22 16:03 . 2013-10-22 16:03 -------- d-----w- c:\programdata\CyberLink
2013-10-22 16:02 . 2013-10-22 16:02 -------- d-----w- c:\program files\Common Files\CyberLink
2013-10-22 16:02 . 2013-10-22 16:03 -------- d-----w- c:\program files\CyberLink
2013-10-22 16:02 . 2013-10-22 15:54 29480 ----a-w- c:\windows\system32\msxml3a.dll
2013-10-22 16:02 . 2013-10-22 15:54 505128 ----a-w- c:\windows\system32\msvcp71.dll
2013-10-22 16:02 . 2013-10-22 15:54 353576 ----a-w- c:\windows\system32\msvcr71.dll
2013-10-22 15:53 . 2013-10-22 15:53 -------- d-----w- c:\windows\system32\wbem\Framework
2013-10-22 15:52 . 2013-10-22 15:52 -------- d-----w- c:\program files\FreeArc
2013-10-22 15:51 . 2013-10-22 15:52 -------- d-----w- c:\programdata\WinZip
2013-10-22 15:50 . 2013-10-22 15:50 -------- d-----w- c:\program files\WinZip Self-Extractor
2013-10-22 15:49 . 2013-10-22 15:49 -------- d-----w- c:\program files\DsNET Corp
2013-10-22 15:48 . 2013-10-22 15:48 -------- d-----w- c:\program files\CPUID
2013-10-22 15:48 . 2013-10-22 15:48 -------- d-----w- c:\program files\Seagate
2013-10-22 15:47 . 2013-10-22 15:47 -------- d-----w- c:\program files\VS Revo Group
2013-10-22 15:47 . 2013-10-22 15:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-10-22 15:46 . 2009-02-24 21:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2013-10-22 15:46 . 2013-10-22 15:47 -------- d-----w- c:\program files\MagicDisc
2013-10-22 15:46 . 2013-10-22 15:46 -------- d-----w- c:\program files\Unlocker
2013-10-22 15:45 . 2013-10-22 15:45 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-22 14:23 . 2013-10-22 14:23 -------- d---a-w- C:\Windows Sidebar
2013-10-22 14:23 . 2009-07-14 01:19 53248 ----a-w- c:\program files\Windows Sidebar\Gadgets\MediaCenter.Gadget\MCESidebarCtrl.dll
2013-10-22 14:23 . 2009-07-14 01:16 108544 ----a-w- c:\program files\Windows Sidebar\wlsrvc.dll
2013-10-22 14:23 . 2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
2013-10-22 14:23 . 2009-07-14 01:16 82944 ----a-w- c:\program files\Windows Sidebar\sbdrop.dll
2013-10-22 14:21 . 2013-10-22 14:22 -------- d-----w- c:\windows\system32\files
2013-10-22 14:18 . 2013-10-22 14:18 -------- d--h--r- c:\users\Public\AccountPictures
2013-10-22 14:16 . 2013-10-22 14:16 -------- d-----w- c:\programdata\ATI
2013-10-22 14:15 . 2013-10-22 14:15 -------- d-----w- c:\program files\AMD AVT
2013-10-22 14:15 . 2013-10-22 14:15 -------- d-----w- c:\programdata\AMD
2013-10-22 14:15 . 2013-10-22 14:15 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-10-22 14:14 . 2013-10-22 14:14 -------- d-----w- c:\programdata\Package Cache
2013-10-22 14:14 . 2013-10-22 14:14 -------- d-----w- c:\program files\ATI
2013-10-22 14:14 . 2013-10-22 14:15 -------- d-----w- c:\program files\ATI Technologies
2013-10-22 14:13 . 2013-10-22 14:13 -------- d-----w- C:\AMD
2013-10-22 14:09 . 2013-06-18 20:44 2388000 ----a-w- c:\windows\system32\FMAPO.dll
2013-10-22 14:09 . 2012-06-20 20:26 90624 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-10-22 14:09 . 2013-06-06 00:42 181960 ----a-w- c:\windows\system32\AERTACap.dll
2013-10-22 14:09 . 2012-03-08 14:47 95840 ----a-w- c:\windows\system32\AERTARen.dll
2013-10-22 14:09 . 2013-10-22 14:10 -------- d--h--w- c:\program files\Temp
2013-10-22 14:09 . 2013-06-10 18:44 2080472 ----a-w- c:\windows\RtlExUpd.dll
2013-10-22 14:09 . 2013-10-22 14:09 -------- d-----w- c:\program files\Common Files\InstallShield
2013-10-22 14:06 . 2013-10-22 14:15 -------- d-----w- c:\windows\LastGood.Tmp
2013-10-22 14:06 . 2013-04-10 14:09 76872 ----a-w- c:\windows\system32\RtNicProp32.dll
2013-10-22 14:06 . 2013-04-10 14:09 671304 ----a-w- c:\windows\system32\drivers\Rt630x86.sys
2013-10-22 14:06 . 2013-10-22 16:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2013-10-22 14:06 . 2013-10-22 14:09 -------- d-----w- c:\program files\Realtek
2013-10-22 01:25 . 2013-10-23 14:43 -------- d-----w- c:\windows\AutoKMS
2013-10-22 01:24 . 2013-10-22 01:24 -------- d-----w- c:\programdata\Microsoft Toolkit
2013-10-22 01:15 . 2013-10-22 01:15 -------- d-----w- c:\windows\PCHEALTH
2013-10-22 01:14 . 2013-10-22 01:14 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-10-22 01:13 . 2013-10-22 01:19 -------- d-----w- c:\programdata\Microsoft Help
2013-10-22 01:13 . 2013-10-22 01:13 -------- d-----r- C:\MSOCache
2013-10-22 01:00 . 2013-10-22 01:00 -------- d-----w- c:\windows\system32\es
2013-10-22 01:00 . 2013-10-22 01:00 -------- d-----w- c:\windows\system32\XPSViewer
2013-10-22 01:00 . 2013-10-22 01:00 -------- d-----w- c:\windows\system32\drivers\UMDF\es-ES
2013-10-22 01:00 . 2013-10-22 01:00 -------- d-----w- c:\windows\system32\0C0A
2013-10-22 01:00 . 2013-10-22 01:00 -------- d-----w- c:\windows\system32\drivers\es-ES
2013-10-22 01:00 . 2013-10-22 01:00 -------- d-----w- c:\windows\system32\wbem\es-ES
2013-10-22 00:59 . 2013-10-22 00:59 -------- d-----w- c:\windows\es-ES
2013-10-22 00:59 . 2012-11-26 16:35 -------- d-----w- C:\sources
2013-10-22 00:53 . 2013-10-22 00:53 -------- d-----w- C:\81b89579ec21d8e4b2498a2112a0e5c1
2013-10-22 00:10 . 2013-10-22 00:10 -------- d-----w- c:\programdata\PRICache
2013-10-22 00:10 . 2013-10-26 15:02 -------- d-----w- c:\users\GozStar
2013-10-22 00:05 . 2013-10-22 00:05 0 ----a-w- c:\windows\ativpsrm.bin
2013-10-21 21:03 . 2013-10-22 00:10 -------- d-----w- c:\windows\Panther
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\usbrpm.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 5120 ----a-w- c:\windows\system32\drivers\UMDF\es-ES\LocationProvider.dll.mui
2013-10-22 00:58 . 2013-10-22 00:58 25600 ----a-w- c:\windows\system32\drivers\es-ES\fvevol.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 46592 ----a-w- c:\windows\system32\drivers\es-ES\http.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\UMDF\es-ES\WpdMtpDr.dll.mui
2013-10-22 00:58 . 2013-10-22 00:58 2048 ----a-w- c:\windows\system32\drivers\es-ES\WpdUpFltr.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 6144 ----a-w- c:\windows\system32\drivers\es-ES\fwpkclnt.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 3584 ----a-w- c:\windows\system32\drivers\es-ES\sercx.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 3072 ----a-w- c:\windows\system32\drivers\es-ES\scsiport.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\mshidumdf.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2048 ----a-w- c:\windows\system32\drivers\es-ES\ks.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 3584 ----a-w- c:\windows\system32\drivers\es-ES\spbcx.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\wudfpf.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\mshidkmdf.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 7680 ----a-w- c:\windows\system32\drivers\es-ES\luafv.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 3072 ----a-w- c:\windows\system32\drivers\es-ES\rdpwd.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\scfilter.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 6656 ----a-w- c:\windows\system32\drivers\es-ES\ndiscap.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 3072 ----a-w- c:\windows\system32\drivers\es-ES\RNDISMP.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\volmgrx.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 8704 ----a-w- c:\windows\system32\drivers\es-ES\tunnel.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 4096 ----a-w- c:\windows\system32\drivers\es-ES\ipnat.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 3584 ----a-w- c:\windows\system32\drivers\es-ES\modem.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2560 ----a-w- c:\windows\system32\drivers\es-ES\wfplwfs.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 2048 ----a-w- c:\windows\system32\drivers\es-ES\ws2ifsl.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 18944 ----a-w- c:\windows\system32\drivers\es-ES\pacer.sys.mui
2013-10-22 00:58 . 2013-10-22 00:58 13312 ----a-w- c:\windows\system32\drivers\es-ES\NdisImPlatform.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\rdbss.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 37888 ----a-w- c:\windows\system32\drivers\es-ES\srv2.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\ndisuio.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\srv.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 21504 ----a-w- c:\windows\system32\drivers\es-ES\mrxsmb.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 9728 ----a-w- c:\windows\system32\drivers\es-ES\mslldp.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\qwavedrv.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 16896 ----a-w- c:\windows\system32\drivers\es-ES\nwifi.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\e100b325.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\bcm4sbxp.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\rdpdr.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 19456 ----a-w- c:\windows\system32\drivers\es-ES\E1G60I32.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 11264 ----a-w- c:\windows\system32\drivers\es-ES\k57nd60x.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 11264 ----a-w- c:\windows\system32\drivers\es-ES\b57nd60x.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 8192 ----a-w- c:\windows\system32\drivers\es-ES\wmbclass.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 7680 ----a-w- c:\windows\system32\drivers\es-ES\yk63x86.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4608 ----a-w- c:\windows\system32\drivers\es-ES\bthpan.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4096 ----a-w- c:\windows\system32\drivers\es-ES\portcls.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4096 ----a-w- c:\windows\system32\drivers\es-ES\hdaudbus.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3584 ----a-w- c:\windows\system32\drivers\es-ES\tsusbflt.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\rndismpx.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\rndismp6.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\hidi2c.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\HdAudio.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\getn63.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\bthhfenum.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\vwifibus.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\USBAUDIO.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\serscan.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\Rt630x86.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\BthAvrcpTg.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 22016 ----a-w- c:\windows\system32\drivers\es-ES\e1y6032.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 22016 ----a-w- c:\windows\system32\drivers\es-ES\e1e6032.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2048 ----a-w- c:\windows\system32\drivers\es-ES\BthhfHid.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2048 ----a-w- c:\windows\system32\drivers\es-ES\BthA2DP.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 8192 ----a-w- c:\windows\system32\drivers\es-ES\EhStorTcgDrv.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 7168 ----a-w- c:\windows\system32\drivers\UMDF\es-ES\WUDFUsbccidDriver.dll.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\BthLEEnum.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4096 ----a-w- c:\windows\system32\drivers\es-ES\pcmcia.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3584 ----a-w- c:\windows\system32\drivers\es-ES\atikmdag.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 32768 ----a-w- c:\windows\system32\drivers\es-ES\bthport.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\sdbus.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\hidbth.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\dumpsd.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\BTHUSB.SYS.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\BthMini.SYS.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\UMDF\es-ES\HidBthLE.dll.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\usbvideo.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\sdstor.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2560 ----a-w- c:\windows\system32\drivers\es-ES\pnpmem.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 2048 ----a-w- c:\windows\system32\drivers\es-ES\bthenum.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 12288 ----a-w- c:\windows\system32\drivers\es-ES\e1i6332.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 10752 ----a-w- c:\windows\system32\drivers\es-ES\ltmdmnt.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 97792 ----a-w- c:\windows\system32\drivers\es-ES\ntfs.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 9216 ----a-w- c:\windows\system32\drivers\es-ES\pci.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 8704 ----a-w- c:\windows\system32\drivers\es-ES\tpm.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 8704 ----a-w- c:\windows\system32\drivers\es-ES\spaceport.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 8704 ----a-w- c:\windows\system32\drivers\es-ES\ataport.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 77312 ----a-w- c:\windows\system32\drivers\es-ES\tcpip.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 7168 ----a-w- c:\windows\system32\drivers\es-ES\battc.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 6656 ----a-w- c:\windows\system32\drivers\es-ES\IPMIDrv.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 6656 ----a-w- c:\windows\system32\drivers\es-ES\disk.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 64512 ----a-w- c:\windows\system32\drivers\es-ES\ndis.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\vhdmp.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\vdrvroot.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\sermouse.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5632 ----a-w- c:\windows\system32\drivers\es-ES\fltmgr.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 5120 ----a-w- c:\windows\system32\drivers\es-ES\kbdclass.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4608 ----a-w- c:\windows\system32\drivers\es-ES\mouclass.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4096 ----a-w- c:\windows\system32\drivers\es-ES\wacompen.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 4096 ----a-w- c:\windows\system32\drivers\es-ES\isapnp.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3584 ----a-w- c:\windows\system32\drivers\es-ES\parport.sys.mui
2013-10-22 00:57 . 2013-10-22 00:57 3072 ----a-w- c:\windows\system32\drivers\es-ES\usbehci.sys.mui
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-23 13:37 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2013-06-27 6323928]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-08-30 747264]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-04-03 1234216]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2012-08-17 336992]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-24 3567800]
.
c:\users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2013-10-22 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk * \0BootDefrag.exe\0\0sdnclean.exe
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-23 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-23 403440]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-08-30 209408]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 276992]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-11-20 48808]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-23 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-23 70384]
R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-05-16 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-05-16 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-05-15 171928]
R3 amdkmafd;AMD Audio Bus Lower Filter;c:\windows\System32\drivers\amdkmafd.sys [2012-09-23 15528]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW83.sys [2013-07-05 113664]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt32.sys [2009-11-18 24664]
R3 pcouffin;VSO Software pcouffin;c:\windows\System32\Drivers\pcouffin.sys [2013-10-22 47360]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x86.sys [2013-04-10 671304]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   TimeBroker SSDPSRV upnphost SCardSvr BthHFSrv QWAVE fdrespub wcncsvc WSService SensrSvc Mcx2Svc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-22 18:04 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-26 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2013-10-22 01:37]
.
2013-10-22 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-10-22 13:58]
.
2013-10-22 c:\windows\Tasks\GlaryInitialize 3.job
- c:\program files\Glary Utilities 3\Initialize.exe [2013-08-20 09:19]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-22 17:56]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-22 17:56]
.
2013-10-22 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-10-22 13:57]
.
2013-10-22 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-10-22 13:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://192.168.1.22/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-10-26  12:11:06
ComboFix-quarantined-files.txt  2013-10-26 15:11
ComboFix2.txt  2013-10-26 14:59
.
Pre-Run: 97.101.983.744 bytes free
Post-Run: 96.944.574.464 bytes libres
.
- - End Of File - - 54972FA3B24E7D83F1C468853C868BC7
A36C5E4F47E84449FF07ED3517B43A31
 
 
 
 
INFECTED...!!!!!
 
 
 
SEARCHCENTRIX
 
C:/Windows/system32/bi.dll
 
Spyware NSKEYLOGGER
 
C:/windows/system32/gdiplus.dll


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 26 October 2013 - 12:58 PM





Hello gozstar

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
  • •Internet access
    •Windows Update
    •Windows Firewall
9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.


--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from MBAR and Roguekiller and also let me know how the computer is doing at this time.

Gringo






When you are complete please send me both reports

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 26 October 2013 - 02:00 PM

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : Shortcuts HJfix -- Date : 10/26/2013 15:47:29
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 7 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 2 / Fail 0
Backup: [NOT FOUND]
 
Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume4 -- 0x2 --> Restored
[F:] \Device\CdRom0 -- 0x5 --> Skipped
[G:] \Device\CdRom1 -- 0x5 --> Skipped
 
¤¤¤ Infection :  ¤¤¤
 
Finished : << RKreport[0]_SC_10262013_154729.txt >>
RKreport[0]_D_10262013_154705.txt;RKreport[0]_H_10262013_154710.txt;RKreport[0]_S_10262013_154652.txt
 
 
Malware bytes AntyRootkit    not FOUND...!!!


#8 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 26 October 2013 - 07:46 PM

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : Scan -- Date : 10/26/2013 15:46:52
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EARS-00Y5B1 +++++
--- User ---
[MBR] 21012faddefeac88a4973f735580fd0d
[BSP] bb8b88f0e58e2c6306d488cdbc368f88 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 113518 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 233203712 | Size: 839998 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_10262013_154652.txt >>

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : Shortcuts HJfix -- Date : 10/26/2013 15:47:29
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 7 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 2 / Fail 0
Backup: [NOT FOUND]
 
Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume4 -- 0x2 --> Restored
[F:] \Device\CdRom0 -- 0x5 --> Skipped
[G:] \Device\CdRom1 -- 0x5 --> Skipped
 
¤¤¤ Infection :  ¤¤¤
 
Finished : << RKreport[0]_SC_10262013_154729.txt >>
RKreport[0]_D_10262013_154705.txt;RKreport[0]_H_10262013_154710.txt;RKreport[0]_S_10262013_154652.txt

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : DNSFix -- Date : 10/26/2013 15:47:14
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
Finished : << RKreport[0]_DN_10262013_154714.txt >>
RKreport[0]_D_10262013_154705.txt;RKreport[0]_H_10262013_154710.txt;RKreport[0]_S_10262013_154652.txt

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : ProxyFix -- Date : 10/26/2013 15:47:12
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
Finished : << RKreport[0]_PR_10262013_154712.txt >>
RKreport[0]_D_10262013_154705.txt;RKreport[0]_H_10262013_154710.txt;RKreport[0]_S_10262013_154652.txt

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : HOSTSFix -- Date : 10/26/2013 15:47:10
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost
 
 
Finished : << RKreport[0]_H_10262013_154710.txt >>
RKreport[0]_D_10262013_154705.txt;RKreport[0]_S_10262013_154652.txt

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 32 bits version
Started in : Safe mode with network support
User : GozStar [Admin rights]
Mode : Remove -- Date : 10/26/2013 15:47:05
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EARS-00Y5B1 +++++
--- User ---
[MBR] 21012faddefeac88a4973f735580fd0d
[BSP] bb8b88f0e58e2c6306d488cdbc368f88 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 113518 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 233203712 | Size: 839998 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_10262013_154705.txt >>
RKreport[0]_S_10262013_154652.txt


#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 26 October 2013 - 08:49 PM



Hello gozstar

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 27 October 2013 - 05:56 PM

OTL logfile created on: 27/10/2013 19:49:34 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\GozStar\Desktop
 An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16384)
Locale: 00002c0a | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy
 
2,99 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 70,23% Memory free
5,99 Gb Paging File | 4,94 Gb Available in Paging File | 82,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110,86 Gb Total Space | 90,30 Gb Free Space | 81,45% Space Free | Partition Type: NTFS
Drive D: | 820,31 Gb Total Space | 646,69 Gb Free Space | 78,83% Space Free | Partition Type: NTFS
Drive F: | 4,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PHENOM720SRV | User Name: GozStar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\GozStar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - D:\Gabriel\SOFT\OpenHardwareMonitor\OpenHardwareMonitor.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceMan446ca0e5#\6d8ba393ec3eb55299751c43146ad06c\ResourceManagement.Foundation.Implementation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Implementation\1bc19c3f164174865244989db68a4e54\MOM.Implementation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM\e1dc887ed5806c9f511d5bf97dfda27f\MOM.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\273389de0b6e286cb2bdc83ecb428704\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat03490438#\3f0fa645353338c8f07db382792f7690\LOG.Foundation.Implementation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0812\09522a3e7111a48b69b6dc8c5210f886\DEM.Graphics.I0812.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0805\acd0dd9e481cc1346cdceb5c506f7109\DEM.Graphics.I0805.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat60cdf5df#\c5d103683ef22ea6389f37dcb87c83cc\CLI.Foundation.XManifest.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone26c9c557#\cfd214fac4adcf61c1ba973e80a427e1\CLI.Component.Systemtray.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.73911eb5#\91d0e05d574eddcb51ab90c81afa6e80\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6692ca50#\790e2cbf65ba495784308d04fd555b25\CLI.Component.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ATICCCom\40d51349595a72df3d182236d1c12c9f\ATICCCom.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componeb4d0485c#\05662d65302b3fa883c2bd5339afde78\CLI.Component.Runtime.Extension.EEU.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone29e547cc#\5c94d4ecfe7f4ff23c0d3f4bb0d4f4ff\CLI.Component.Dashboard.ProfileManager2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6bf88b08#\742ab26ad7d6fb316bae0401108dec10\CLI.Component.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine7332395e#\0e8851bfb0a9cb579639ab7a287dbd4a\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.382a3def#\d5b2abad8ccb4c461ac6cfa608b91a7d\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0703\42adeaf0aa1bdb30306440ce7dbad6b7\DEM.Graphics.I0703.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine0616f305#\3ff75b6c7e17ce359ca4cad255878e5e\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combinee84f0351#\1d2a0b9bff8aaf997350abbe3064bed6\CLI.Combined.Fusion.Aspects.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pdb36d56e#\ea5c95c2cd1e0f6cdfde53a3784f6c06\CLI.Caste.Platform.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H18c99613#\b7049c6dd5729de45551ae3750e0f3c9\CLI.Caste.HydraVision.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pac40511b#\abeb421257aa46f65fabe0f1d4d9b9e4\CLI.Caste.Platform.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H92ba4e46#\d5c794954b06a9697912c63825ac394d\CLI.Caste.HydraVision.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Hbb906c0b#\8efab6507053abb04f1838828ad1083d\CLI.Caste.HydraVision.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pfeefa2b6#\2e4c5e3f1ce6b98408ea1eaef9f72b78\CLI.Caste.Platform.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G962aa464#\5ed26b7d56a8aa1ef7d32d4550707618\CLI.Caste.Graphics.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I1010\614b9f2d144a004eaa09ea037b5212b9\DEM.Graphics.I1010.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0906\3ddcbee148351468b053943bd9347787\DEM.Graphics.I0906.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F36b07a2b#\5b62fc96e61fa21643544ec8736f8358\CLI.Caste.Fuel.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Fuel.Foundation\a712dd98cc50ceb7f20306b394471117\Fuel.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Runtime\c3a22e10a3b9f672418f5702dd5d7d80\CLI.Caste.A4.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Ff3085433#\f2a8b0e8884b2cb959fc1f1a9f1605ec\CLI.Caste.Fuel.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Af820fedc#\3b415c57191bff2987055dc5a65d7d35\CLI.Caste.A4.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.648b65fc#\c2a0e1870716305e4858dcaf99126798\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c2a2b491#\ec4d3dc81eae3d83f00e161318fb867c\CLI.Aspect.WiFi.Fuel.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.d7e090dc#\69040e31eac37515bf169665bb2a8822\CLI.Aspect.User.Fuel.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3a6f1658#\7aaecae7dcf6930e9d5937b87e5c186b\CLI.Aspect.TransCode.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4bbb0755#\3d00797440020b28b216ba0d52d39ac2\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ef3eaa4d#\5bee2aeb697566889dd39b394b77be2b\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e9fd7406#\d312a8f5cb737d3e0391a536d6d4531f\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8d333b6b#\9854dbe3e0b2fef0e30c1825371e43a0\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c7aaa0f8#\42b1e104dd2c2a2bc847ee0d71a666ed\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.87ad5c75#\d2dc872ad607fc8236603c5945c17228\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.846fa813#\c07e980818b68534839cd476d719f375\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e8635fc7#\e6c567e9c91ebf50fc0bc6f43b1d9062\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.5a772e69#\aef7163777575878605b72695839a34c\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.caa5cc64#\fe42819d7e8925f41a8aae85142f0e79\CLI.Aspect.Fets.Fuel.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0709\253b35fe821a31984d3f64171549a3bc\DEM.Graphics.I0709.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60338cc0#\71ed3b3a5f805ab098cdc4e971f6a4b2\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4ede500c#\f3b0aa197b525e8f515c4757eb7b91fe\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.f45bd021#\c4a55d11255d900c9012b3fe6e0659d9\CLI.Aspect.DPPE.Fuel.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ae5e117c#\625ec3935fdf5a9508336c877720d40c\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.b0a7c1fb#\f5a93483da6627d4c37c277a8ea8f15f\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0804\843ded765ec5d0632abdd9e6b4e59d26\DEM.Graphics.I0804.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.9b707b25#\71d4752d9a71a0a7d580b23acfc35450\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0912\ca3c9532318c8e2a2d028ba6edb00e31\DEM.Graphics.I0912.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0706\e8e7c3db6179f53ff229cda56299d458\DEM.Graphics.I0706.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0712\45ed2efbbe090a66d8e149fbf918c85c\DEM.Graphics.I0712.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.aa59351a#\05c93b9d3d90abf6648719b5f5474b29\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e6d9f3a8#\df23264af12d201194eee467ebb92f59\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.eda8935e#\d88b8399903f9c9bf4e1b8a95788c476\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8e996306#\5d08288d687a27c4a507d0ed31b01971\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.2042675f#\76503fb8e1bd23bf3adaaab66b2bf9b1\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.efd83192#\459ec47e60c6fa838c4e9bf46d4191ae\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F24de14fe#\1278b5e2de16b92d015422c978fdefc4\CLI.Caste.Fuel.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c854b457#\2fe4d07042b3bc7680dba2f8f3ab35db\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4542c692#\19bce02602634b32d6007309c3b789a1\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.a0ae52bc#\4b714b76ccf18f083ac47aad96f5c37d\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.37d3d968#\aaa43abe3c5fa1990d04be0c4240a680\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gee7d2dbc#\927a8e9b1f11ffe151344ba92992cde9\CLI.Caste.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.acb9d930#\4d866bbce12b6bebce935bdadd30a4a7\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gd9d9b43b#\04cb55ff948ca88c99450f941fded30e\CLI.Caste.Graphics.Dashboard.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.7ec2db45#\96ff039e0c90a462fb0d4fd4ce218266\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3399d0ec#\6c628fdd6dd2289312ed4797d1111568\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone59f353b4#\86864726d246403b2fcbc40b3563a5ba\CLI.Component.Runtime.Shared.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ec8786e5#\61664a00ad2c57c9505a70d549165d36\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Wfbf9373c#\37f2a4dcff50ba63659d6717fa3bced0\Microsoft.WindowsAPICodePack.Shell.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Shared\607ead76e556e4de11ee14474b04a1da\CLI.Caste.A4.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.W8090224c#\57f2331a9214108cc94253ca37098b79\Microsoft.WindowsAPICodePack.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundatd3771151#\3cc306f4864db36b03c9d1a34cca5017\CLI.Foundation.Client.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\8ea4f2a14f034a52843ddf37991c9f6d\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone168638d1#\949a9bfe53f4eafdb182bd0707849334\CLI.Component.Client.Shared.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef4cf054f#\c691f027a02277d632cb6913ea36f285\CLI.Component.Dashboard.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceManf163905a#\a4b3a9bbda6e5c4ba42d2a56469af8b3\ResourceManagement.Foundation.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef1fd67b2#\0c08a74b402b1d5bdd49d3da62e0c46e\CLI.Component.Client.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componec89c3bec#\74754175ecf8fd83de18b7985a70ce64\CLI.Component.Dashboard.Shared.Private.ni.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC.Implementation\a3d6fe7f0835acd46fd2eaa08437f5e1\CCC.Implementation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundatcaafa75b#\95b0e05e278899b01ae410569ab36c22\LOG.Foundation.Implementation.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Foundation\1a519dd02adadffe714b4743988f6ac8\MOM.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60a7b4d1#\63425896a3df6ef8378d0cb8a1c12e78\CLI.Caste.Graphics.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC\daf78b26a05d1ddbc2ae89e116c7b9b2\CCC.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Localizatio01dbc1c0#\acc5e4b89c4a6a23eab1ccc6e16419d2\Localization.Foundation.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Server\798add96d7073d0cc81647c0e51f200a\APM.Server.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat3d5d3945#\261876c985905b0835cad3d8f7f9c44a\CLI.Foundation.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Foundation\d5bebe9d43f5f09d158c0026ca30955e\APM.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server\3543cc273a48830b4d1e621104de0585\AEM.Server.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundation\2fa118a05b26fa896cc1dc20de0f403b\CLI.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.674d2b8a#\89b5cc65ff127f7605ebc08c2125587c\AEM.Plugin.WinMessages.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone1b4a8c97#\6b9172e5016305644adca7f4d4f44004\CLI.Component.Runtime.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.5d945b6b#\b0c08b5db49970fa616bac5e1c9cf9f8\AEM.Plugin.Source.Kit.Server.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat619559bd#\2ff70e10412ef71009817c5447112564\CLI.Foundation.CoreAudioAPI.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Foundation\37d7d640940dafcfccbeb43660de2b70\DEM.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics\09c06da4623ec0412543e2f976f4f4b0\DEM.Graphics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0601\df3f336072ab4a99c2534624eebd612f\DEM.Graphics.I0601.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server.Shared\2d98f37e246c8dfe90f67f780d58e679\AEM.Server.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.2b6a6775#\907ea98bca3a7ac712a90c1ff17bafad\AEM.Plugin.Hotkeys.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.54d8abe3#\ab5221e37636e97cb14a500a5c8360f4\AEM.Plugin.DPPE.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.0a1309f7#\bcd51feb502cfc69db8ceaf57f2e7a5e\AEM.Plugin.EEU.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.88aba5d2#\b9b6e0280e11c85dafeae2f4796b7af0\AEM.Plugin.REG.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.GD.Shared\0cce98c9bea6511e41b7f49686e18d34\AEM.Plugin.GD.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ADL.Foundation\47e42df917bbbef32f98a6e314834994\ADL.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\NEWAEM.Foundation\99a0e4d7a8eb7d0a1010c48f5c9acf3d\NEWAEM.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Actions5dc83b46#\66825a1d61097d1026e358d5a5c187eb\AEM.Actions.CCAA.Shared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundation\c7333b2abcc83fa8a99ce68cdf1c600a\LOG.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat5023f8e7#\5688872b83ae07ea4f1361ebc41feb29\LOG.Foundation.Private.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\A4.Foundation\e5381070a351c181633f921b60285e4d\A4.Foundation.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\97e6b67983d07a066b68b3ae8be2f53d\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\0823f2b72e9e64ed1c4561c58df5de48\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b52bc540630c3aa5de542c382af35c20\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\95623e12dc6a64d28bad5b85f4c730ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\4cfa42c8b69a64e192f3255ec900457d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22ae167d586450ad3a9b9a9ee43ebc86\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\72269ea7cc6281139e4d155e7c57dc67\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9ba07396ae369d010c5c3927a82ef426\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\28586400bcaf94c13a9fd0dff4a1e090\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\cd235caf797fb017f140016be88f33b7\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cc4d9093563dadee370788bbc3ecf4fb\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\1c848be9e1295409ae35d244cafcb5d0\System.Configuration.Install.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b9f7adbc90a2bcbe8eb9e6e8d2bb975b\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\e40da7a49f8c3f0108e7c835b342f382\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll ()
MOD - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\30.0.1599.101\libglesv2.dll ()
MOD - C:\Program Files\Google\Chrome\Application\30.0.1599.101\libegl.dll ()
MOD - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - D:\Gabriel\SOFT\OpenHardwareMonitor\OpenHardwareMonitor.exe ()
MOD - C:\Program Files\Unlocker\UnlockerCOM.dll ()
MOD - C:\Program Files\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV - (AllUserInstallAgent) -- C:\Windows\System32\AUInstallAgent.dll (Microsoft Corporation)
SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WinRing0_1_2_0) -- C:\Users\GozStar\AppData\Local\Temp\tmpC1C8.tmp File not found
DRV - (TrueSight) -- C:\Windows\system32\TrueSight.sys File not found
DRV - (catchme) -- C:\Users\GozStar\AppData\Local\Temp\catchme.sys File not found
DRV - (BootDefragDriver) -- System32\drivers\BootDefragDriver.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\Drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\Drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswRdr) -- C:\Windows\System32\Drivers\aswRdr2.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\Drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswFsBlk) -- C:\Windows\System32\Drivers\aswFsBlk.sys (AVAST Software)
DRV - (amdkmdag) -- C:\Windows\System32\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\Drivers\AtihdW83.sys (Advanced Micro Devices)
DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek                                            )
DRV - (AODDriver4.2) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys (Advanced Micro Devices)
DRV - (amdkmafd) -- C:\Windows\System32\Drivers\amdkmafd.sys (Advanced Micro Devices, Inc.)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (Power Software Ltd)
DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation)
DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation)
DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation)
DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation)
DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI)
DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation)
DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation)
DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation)
DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation)
DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation)
DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation)
DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation)
DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation)
DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation)
DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation)
DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation)
DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation)
DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation)
DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation)
DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation)
DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation)
DRV - (FETNDIS) -- C:\Windows\System32\Drivers\fetn63.sys (VIA Technologies, Inc.              )
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (MBfilt) -- C:\Windows\System32\Drivers\MBfilt32.sys (Creative Technology Ltd.)
DRV - (mcdbus) -- C:\Windows\System32\Drivers\mcdbus.sys (MagicISO, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://192.168.1.22/
IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-AR,es;q=0.5
IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 AB 73 A8 4F CF CE 01  [binary data]
IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
 
O1 HOSTS File: ([2013/10/26 15:47:10 | 000,000,741 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - Startup: C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1305AA9E-142B-4738-A80C-22D20C543A20}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/26 03:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/07/26 05:51:34 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (BootDefrag.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/10/27 19:45:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\GozStar\Desktop\OTL.exe
[2013/10/26 15:51:41 | 000,105,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013/10/26 15:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/10/26 15:50:56 | 000,075,992 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/10/26 15:45:26 | 000,000,000 | ---D | C] -- C:\Users\GozStar\Desktop\RK_Quarantine
[2013/10/26 12:11:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/10/26 12:11:08 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\temp
[2013/10/26 12:10:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/10/26 11:53:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/10/26 11:53:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/10/26 11:53:13 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2013/10/26 11:53:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/10/26 11:52:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/26 11:52:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/10/24 17:18:30 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\GozStar\Desktop\dds.com
[2013/10/23 11:09:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/23 10:45:08 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\AVAST Software
[2013/10/23 10:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/10/22 17:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/10/22 16:16:28 | 000,000,000 | ---D | C] -- C:\JRT
[2013/10/22 16:02:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/22 15:43:10 | 000,000,000 | ---D | C] -- C:\_AT-Destroyer
[2013/10/22 15:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/10/22 15:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/10/22 15:19:53 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/10/22 15:19:49 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/10/22 15:19:36 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Malwarebytes
[2013/10/22 15:19:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/10/22 15:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/22 15:19:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/22 15:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/22 15:19:25 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Programs
[2013/10/22 15:18:56 | 000,101,664 | ---- | C] (Glarysoft Ltd) -- C:\Windows\System32\BootDefrag.exe
[2013/10/22 15:18:55 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\GlarySoft
[2013/10/22 15:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3
[2013/10/22 15:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities 3
[2013/10/22 15:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2013/10/22 15:18:24 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013/10/22 15:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arovax AntiSpyware
[2013/10/22 15:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\Arovax AntiSpyware
[2013/10/22 15:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Arovax
[2013/10/22 15:08:58 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/10/22 15:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/10/22 14:57:41 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Macromedia
[2013/10/22 14:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/10/22 14:56:32 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Google
[2013/10/22 14:56:10 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Deployment
[2013/10/22 14:56:10 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Apps
[2013/10/22 14:30:44 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Nero
[2013/10/22 14:22:45 | 000,403,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/10/22 14:22:45 | 000,035,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/10/22 14:22:44 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/10/22 14:22:37 | 000,774,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/10/22 14:22:36 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/10/22 14:22:35 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/10/22 14:21:53 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/10/22 14:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/10/22 14:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/10/22 14:20:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\GozStar\AppData\Roaming\pcouffin.sys
[2013/10/22 14:20:41 | 000,000,000 | ---D | C] -- C:\Users\GozStar\Documents\PcSetup
[2013/10/22 14:20:40 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Vso
[2013/10/22 14:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CloneDVD5
[2013/10/22 14:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DVDXStudio
[2013/10/22 14:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\CloneDVD5
[2013/10/22 14:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/10/22 14:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2013/10/22 14:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/10/22 14:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2013/10/22 14:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013/10/22 14:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2013/10/22 13:42:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013/10/22 13:42:20 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013/10/22 13:42:16 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013/10/22 13:42:11 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013/10/22 13:42:07 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013/10/22 13:42:03 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2013/10/22 13:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/10/22 13:03:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
[2013/10/22 13:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2013/10/22 13:02:04 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2013/10/22 13:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2013/10/22 12:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/10/22 12:52:28 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\FreeArc
[2013/10/22 12:52:27 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
[2013/10/22 12:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
[2013/10/22 12:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\FreeArc
[2013/10/22 12:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2013/10/22 12:51:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013/10/22 12:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2013/10/22 12:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Self-Extractor
[2013/10/22 12:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip Self-Extractor
[2013/10/22 12:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2013/10/22 12:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp
[2013/10/22 12:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2013/10/22 12:48:47 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2013/10/22 12:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2013/10/22 12:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2013/10/22 12:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/10/22 12:47:47 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013/10/22 12:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/10/22 12:47:09 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2013/10/22 12:46:57 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\Windows\System32\drivers\mcdbus.sys
[2013/10/22 12:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\MagicDisc
[2013/10/22 12:46:27 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013/10/22 12:46:27 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013/10/22 11:23:10 | 000,000,000 | ---D | C] -- C:\Windows Sidebar
[2013/10/22 11:21:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\files
[2013/10/22 11:16:14 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\AMD
[2013/10/22 11:16:11 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\ATI
[2013/10/22 11:16:11 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\ATI
[2013/10/22 11:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/10/22 11:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
[2013/10/22 11:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/10/22 11:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/10/22 11:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/10/22 11:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/10/22 11:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/10/22 11:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/10/22 11:13:42 | 000,000,000 | ---D | C] -- C:\AMD
[2013/10/22 11:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013/10/22 11:10:05 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013/10/22 11:10:05 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013/10/22 11:10:05 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013/10/22 11:10:05 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013/10/22 11:10:05 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013/10/22 11:10:03 | 002,536,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013/10/22 11:10:03 | 001,596,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013/10/22 11:10:03 | 000,121,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2013/10/22 11:10:03 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2013/10/22 11:10:02 | 003,289,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013/10/22 11:10:02 | 000,769,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013/10/22 11:10:02 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013/10/22 11:10:02 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013/10/22 11:10:02 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013/10/22 11:10:02 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013/10/22 11:10:02 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013/10/22 11:10:02 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013/10/22 11:10:01 | 000,563,992 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBTHX32.dll
[2013/10/22 11:10:01 | 000,071,808 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll
[2013/10/22 11:10:01 | 000,024,664 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\MBfilt32.sys
[2013/10/22 11:10:00 | 001,932,032 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013/10/22 11:10:00 | 000,788,224 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2013/10/22 11:10:00 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013/10/22 11:10:00 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013/10/22 11:09:59 | 002,388,000 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013/10/22 11:09:59 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2013/10/22 11:09:58 | 000,181,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013/10/22 11:09:58 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013/10/22 11:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Temp
[2013/10/22 11:09:56 | 002,080,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/10/22 11:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/10/22 11:06:26 | 000,671,304 | ---- | C] (Realtek                                            ) -- C:\Windows\System32\drivers\Rt630x86.sys
[2013/10/22 11:06:26 | 000,076,872 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RtNicProp32.dll
[2013/10/22 11:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/10/22 11:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
[2013/10/21 22:25:18 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2013/10/21 22:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2013/10/21 22:24:44 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/10/21 22:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/10/21 22:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/10/21 22:15:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/10/21 22:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/10/21 22:13:46 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Microsoft Help
[2013/10/21 22:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/10/21 22:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/10/21 22:13:33 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013/10/21 22:06:25 | 000,000,000 | ---D | C] -- C:\Users\GozStar\Documents\WinTK
[2013/10/21 22:00:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\es
[2013/10/21 22:00:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2013/10/21 22:00:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A
[2013/10/21 22:00:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2013/10/21 21:59:04 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2013/10/21 21:59:01 | 000,000,000 | ---D | C] -- C:\sources
[2013/10/21 21:58:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbrpm.sys.mui
[2013/10/21 21:58:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\fvevol.sys.mui
[2013/10/21 21:58:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\http.sys.mui
[2013/10/21 21:58:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\WpdUpFltr.sys.mui
[2013/10/21 21:58:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\fwpkclnt.sys.mui
[2013/10/21 21:58:09 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sercx.sys.mui
[2013/10/21 21:58:09 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\scsiport.sys.mui
[2013/10/21 21:58:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mshidumdf.sys.mui
[2013/10/21 21:58:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ks.sys.mui
[2013/10/21 21:58:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\spbcx.sys.mui
[2013/10/21 21:58:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wudfpf.sys.mui
[2013/10/21 21:58:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mshidkmdf.sys.mui
[2013/10/21 21:58:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\luafv.sys.mui
[2013/10/21 21:58:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rdpwd.sys.mui
[2013/10/21 21:58:04 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\scfilter.sys.mui
[2013/10/21 21:58:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ndiscap.sys.mui
[2013/10/21 21:58:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\RNDISMP.sys.mui
[2013/10/21 21:58:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\volmgrx.sys.mui
[2013/10/21 21:58:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pacer.sys.mui
[2013/10/21 21:58:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\NdisImPlatform.sys.mui
[2013/10/21 21:58:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tunnel.sys.mui
[2013/10/21 21:58:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ipnat.sys.mui
[2013/10/21 21:58:02 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\modem.sys.mui
[2013/10/21 21:58:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wfplwfs.sys.mui
[2013/10/21 21:58:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ws2ifsl.sys.mui
[2013/10/21 21:57:58 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\srv2.sys.mui
[2013/10/21 21:57:58 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mrxsmb.sys.mui
[2013/10/21 21:57:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rdbss.sys.mui
[2013/10/21 21:57:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ndisuio.sys.mui
[2013/10/21 21:57:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\srv.sys.mui
[2013/10/21 21:57:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\nwifi.sys.mui
[2013/10/21 21:57:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mslldp.sys.mui
[2013/10/21 21:57:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\qwavedrv.sys.mui
[2013/10/21 21:57:55 | 000,019,456 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\E1G60I32.sys.mui
[2013/10/21 21:57:55 | 000,011,264 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\es-ES\k57nd60x.sys.mui
[2013/10/21 21:57:55 | 000,011,264 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\es-ES\b57nd60x.sys.mui
[2013/10/21 21:57:55 | 000,005,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e100b325.sys.mui
[2013/10/21 21:57:55 | 000,005,632 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\es-ES\bcm4sbxp.sys.mui
[2013/10/21 21:57:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rdpdr.sys.mui
[2013/10/21 21:57:54 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e1y6032.sys.mui
[2013/10/21 21:57:54 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e1e6032.sys.mui
[2013/10/21 21:57:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wmbclass.sys.mui
[2013/10/21 21:57:54 | 000,007,680 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\es-ES\yk63x86.sys.mui
[2013/10/21 21:57:54 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthpan.sys.mui
[2013/10/21 21:57:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\portcls.sys.mui
[2013/10/21 21:57:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\hdaudbus.sys.mui
[2013/10/21 21:57:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tsusbflt.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | C] (VIA Technologies, Inc.              ) -- C:\Windows\System32\drivers\es-ES\getn63.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rndismpx.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rndismp6.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\hidi2c.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\HdAudio.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthhfenum.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | C] (Realtek                                            ) -- C:\Windows\System32\drivers\es-ES\Rt630x86.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vwifibus.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\USBAUDIO.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\serscan.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthAvrcpTg.sys.mui
[2013/10/21 21:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthhfHid.sys.mui
[2013/10/21 21:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthA2DP.sys.mui
[2013/10/21 21:57:53 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthport.sys.mui
[2013/10/21 21:57:53 | 000,012,288 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e1i6332.sys.mui
[2013/10/21 21:57:53 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\es-ES\ltmdmnt.sys.mui
[2013/10/21 21:57:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\EhStorTcgDrv.sys.mui
[2013/10/21 21:57:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthLEEnum.sys.mui
[2013/10/21 21:57:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pcmcia.sys.mui
[2013/10/21 21:57:53 | 000,003,584 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\es-ES\atikmdag.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sdbus.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\hidbth.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\dumpsd.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BTHUSB.SYS.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthMini.SYS.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbvideo.sys.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sdstor.sys.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pnpmem.sys.mui
[2013/10/21 21:57:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthenum.sys.mui
[2013/10/21 21:57:51 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ntfs.sys.mui
[2013/10/21 21:57:51 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tcpip.sys.mui
[2013/10/21 21:57:51 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ndis.sys.mui
[2013/10/21 21:57:51 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbport.sys.mui
[2013/10/21 21:57:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\volsnap.sys.mui
[2013/10/21 21:57:51 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\afd.sys.mui
[2013/10/21 21:57:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\USBHUB3.SYS.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\viac7.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\processr.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\intelppm.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\amdppm.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\amdk8.sys.mui
[2013/10/21 21:57:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbhub.sys.mui
[2013/10/21 21:57:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\UCX01000.SYS.mui
[2013/10/21 21:57:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\1394ohci.sys.mui
[2013/10/21 21:57:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\serial.sys.mui
[2013/10/21 21:57:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\i8042prt.sys.mui
[2013/10/21 21:57:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\acpi.sys.mui
[2013/10/21 21:57:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\USBXHCI.SYS.mui
[2013/10/21 21:57:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pci.sys.mui
[2013/10/21 21:57:51 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tpm.sys.mui
[2013/10/21 21:57:51 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\spaceport.sys.mui
[2013/10/21 21:57:51 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ataport.sys.mui
[2013/10/21 21:57:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\battc.sys.mui
[2013/10/21 21:57:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\IPMIDrv.sys.mui
[2013/10/21 21:57:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\disk.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vhdmp.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vdrvroot.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sermouse.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\fltmgr.sys.mui
[2013/10/21 21:57:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\kbdclass.sys.mui
[2013/10/21 21:57:51 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mouclass.sys.mui
[2013/10/21 21:57:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wacompen.sys.mui
[2013/10/21 21:57:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\isapnp.sys.mui
[2013/10/21 21:57:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\parport.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbehci.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\umbus.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\parvdm.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mssmbios.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mouhid.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wdf01000.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\VIAAGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ULIAGPKX.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\UAGP35.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\SISAGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\NV_AGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\MTConfig.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\kbdhid.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\GAGP30KX.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\cdrom.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\AMDAGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\AGP440.sys.mui
[2013/10/21 21:57:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wd.sys.mui
[2013/10/21 21:57:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pdc.sys.mui
[2013/10/21 21:57:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\partmgr.sys.mui
[2013/10/21 21:57:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mountmgr.sys.mui
[2013/10/21 21:53:54 | 000,000,000 | ---D | C] -- C:\81b89579ec21d8e4b2498a2112a0e5c1
[2013/10/21 21:52:01 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\WinRAR
[2013/10/21 21:52:01 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/10/21 21:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/10/21 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/10/21 21:10:51 | 000,000,000 | R--D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/10/21 21:10:51 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Searches
[2013/10/21 21:10:51 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Contacts
[2013/10/21 21:10:51 | 000,000,000 | R--D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/10/21 21:10:49 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Adobe
[2013/10/21 21:10:31 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\VirtualStore
[2013/10/21 21:10:28 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Packages
[2013/10/21 21:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013/10/21 21:10:22 | 000,000,000 | --SD | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Videos
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Saved Games
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Pictures
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Music
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Links
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Favorites
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Downloads
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Documents
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\Desktop
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/10/21 21:10:22 | 000,000,000 | R--D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/10/21 21:10:22 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Local\Microsoft
[2013/10/21 21:10:22 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Media Center Programs
[2013/10/21 21:10:22 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/10/21 21:10:22 | 000,000,000 | ---D | C] -- C:\Users\GozStar\AppData
[2013/10/21 21:10:21 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2013/10/21 21:04:59 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/10/21 21:04:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/10/21 18:03:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/10/27 19:43:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GozStar\Desktop\OTL.exe
[2013/10/27 19:42:13 | 000,795,878 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2013/10/27 19:42:13 | 000,710,046 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/27 19:42:13 | 000,162,282 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2013/10/27 19:42:13 | 000,132,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/27 19:40:25 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/10/27 19:39:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/27 19:37:43 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/27 19:37:21 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/10/27 19:37:20 | 2565,431,296 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/26 22:06:51 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/26 15:51:41 | 000,105,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013/10/26 15:50:56 | 000,075,992 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/10/26 15:47:10 | 000,000,741 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/10/24 17:18:34 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\GozStar\Desktop\dds.com
[2013/10/23 10:37:16 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/10/23 10:37:16 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/10/23 10:37:16 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/10/23 10:37:16 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/10/23 10:37:16 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/10/23 10:37:16 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/10/23 10:37:16 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/10/23 10:37:16 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/10/23 10:37:16 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/10/23 10:32:44 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/10/22 19:14:15 | 000,000,000 | ---- | M] () -- C:\Users\GozStar\AppData\Local\census.cache
[2013/10/22 19:14:15 | 000,000,000 | ---- | M] () -- C:\Users\GozStar\AppData\Local\ars.cache
[2013/10/22 17:16:50 | 000,000,036 | ---- | M] () -- C:\Users\GozStar\AppData\Local\housecall.guid.cache
[2013/10/22 17:02:51 | 000,000,131 | ---- | M] () -- C:\Windows\CRC.INI
[2013/10/22 17:01:42 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 3.job
[2013/10/22 15:19:56 | 000,000,644 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/10/22 15:19:56 | 000,000,616 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/10/22 15:19:56 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2013/10/22 15:04:38 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/22 14:20:49 | 000,000,022 | ---- | M] () -- C:\Windows\System32\sycd5.dll
[2013/10/22 14:20:41 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\GozStar\AppData\Roaming\pcouffin.sys
[2013/10/22 14:20:41 | 000,007,887 | ---- | M] () -- C:\Users\GozStar\AppData\Roaming\pcouffin.cat
[2013/10/22 14:20:41 | 000,001,144 | ---- | M] () -- C:\Users\GozStar\AppData\Roaming\pcouffin.inf
[2013/10/22 14:20:40 | 000,000,970 | ---- | M] () -- C:\Users\GozStar\Desktop\CloneDVD5.lnk
[2013/10/22 14:06:41 | 000,002,931 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2013/10/22 13:03:03 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2013/10/22 12:54:15 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2013/10/22 12:53:20 | 000,000,715 | ---- | M] () -- C:\Users\GozStar\Desktop\usb_format.lnk
[2013/10/22 12:49:39 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Video Search.lnk
[2013/10/22 12:49:39 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2013/10/22 12:48:48 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2013/10/22 12:47:09 | 000,000,964 | ---- | M] () -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2013/10/22 11:23:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/21 22:28:48 | 000,057,654 | ---- | M] () -- C:\Windows\System32\OEMLogo.bmp
[2013/10/21 22:21:58 | 000,430,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/21 21:58:35 | 000,346,536 | ---- | M] () -- C:\Windows\System32\perfi00A.dat
[2013/10/21 21:58:35 | 000,043,804 | ---- | M] () -- C:\Windows\System32\perfd00A.dat
[2013/10/21 21:58:25 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbrpm.sys.mui
[2013/10/21 21:58:22 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\fvevol.sys.mui
[2013/10/21 21:58:22 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UMDF\es-ES\LocationProvider.dll.mui
[2013/10/21 21:58:12 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\http.sys.mui
[2013/10/21 21:58:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UMDF\es-ES\WpdMtpDr.dll.mui
[2013/10/21 21:58:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\WpdUpFltr.sys.mui
[2013/10/21 21:58:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\fwpkclnt.sys.mui
[2013/10/21 21:58:09 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sercx.sys.mui
[2013/10/21 21:58:09 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\scsiport.sys.mui
[2013/10/21 21:58:09 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mshidumdf.sys.mui
[2013/10/21 21:58:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ks.sys.mui
[2013/10/21 21:58:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\spbcx.sys.mui
[2013/10/21 21:58:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wudfpf.sys.mui
[2013/10/21 21:58:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mshidkmdf.sys.mui
[2013/10/21 21:58:06 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\luafv.sys.mui
[2013/10/21 21:58:05 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rdpwd.sys.mui
[2013/10/21 21:58:04 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\scfilter.sys.mui
[2013/10/21 21:58:03 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ndiscap.sys.mui
[2013/10/21 21:58:03 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\RNDISMP.sys.mui
[2013/10/21 21:58:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\volmgrx.sys.mui
[2013/10/21 21:58:02 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pacer.sys.mui
[2013/10/21 21:58:02 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\NdisImPlatform.sys.mui
[2013/10/21 21:58:02 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tunnel.sys.mui
[2013/10/21 21:58:02 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ipnat.sys.mui
[2013/10/21 21:58:02 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\modem.sys.mui
[2013/10/21 21:58:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wfplwfs.sys.mui
[2013/10/21 21:58:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ws2ifsl.sys.mui
[2013/10/21 21:57:58 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\srv2.sys.mui
[2013/10/21 21:57:58 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mrxsmb.sys.mui
[2013/10/21 21:57:58 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rdbss.sys.mui
[2013/10/21 21:57:58 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ndisuio.sys.mui
[2013/10/21 21:57:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\srv.sys.mui
[2013/10/21 21:57:57 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\nwifi.sys.mui
[2013/10/21 21:57:57 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mslldp.sys.mui
[2013/10/21 21:57:57 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\qwavedrv.sys.mui
[2013/10/21 21:57:55 | 000,019,456 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\E1G60I32.sys.mui
[2013/10/21 21:57:55 | 000,011,264 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\es-ES\k57nd60x.sys.mui
[2013/10/21 21:57:55 | 000,011,264 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\es-ES\b57nd60x.sys.mui
[2013/10/21 21:57:55 | 000,005,632 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e100b325.sys.mui
[2013/10/21 21:57:55 | 000,005,632 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\es-ES\bcm4sbxp.sys.mui
[2013/10/21 21:57:55 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rdpdr.sys.mui
[2013/10/21 21:57:54 | 000,022,016 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e1y6032.sys.mui
[2013/10/21 21:57:54 | 000,022,016 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e1e6032.sys.mui
[2013/10/21 21:57:54 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wmbclass.sys.mui
[2013/10/21 21:57:54 | 000,007,680 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\es-ES\yk63x86.sys.mui
[2013/10/21 21:57:54 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthpan.sys.mui
[2013/10/21 21:57:54 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\portcls.sys.mui
[2013/10/21 21:57:54 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\hdaudbus.sys.mui
[2013/10/21 21:57:54 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tsusbflt.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | M] (VIA Technologies, Inc.              ) -- C:\Windows\System32\drivers\es-ES\getn63.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rndismpx.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\rndismp6.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\hidi2c.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\HdAudio.sys.mui
[2013/10/21 21:57:54 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthhfenum.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | M] (Realtek                                            ) -- C:\Windows\System32\drivers\es-ES\Rt630x86.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vwifibus.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\USBAUDIO.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\serscan.sys.mui
[2013/10/21 21:57:54 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthAvrcpTg.sys.mui
[2013/10/21 21:57:54 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthhfHid.sys.mui
[2013/10/21 21:57:54 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthA2DP.sys.mui
[2013/10/21 21:57:53 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthport.sys.mui
[2013/10/21 21:57:53 | 000,012,288 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\es-ES\e1i6332.sys.mui
[2013/10/21 21:57:53 | 000,010,752 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\es-ES\ltmdmnt.sys.mui
[2013/10/21 21:57:53 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\EhStorTcgDrv.sys.mui
[2013/10/21 21:57:53 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UMDF\es-ES\WUDFUsbccidDriver.dll.mui
[2013/10/21 21:57:53 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthLEEnum.sys.mui
[2013/10/21 21:57:53 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pcmcia.sys.mui
[2013/10/21 21:57:53 | 000,003,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\es-ES\atikmdag.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sdbus.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\hidbth.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\dumpsd.sys.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BTHUSB.SYS.mui
[2013/10/21 21:57:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\BthMini.SYS.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbvideo.sys.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sdstor.sys.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pnpmem.sys.mui
[2013/10/21 21:57:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UMDF\es-ES\HidBthLE.dll.mui
[2013/10/21 21:57:53 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\bthenum.sys.mui
[2013/10/21 21:57:51 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ntfs.sys.mui
[2013/10/21 21:57:51 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tcpip.sys.mui
[2013/10/21 21:57:51 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ndis.sys.mui
[2013/10/21 21:57:51 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbport.sys.mui
[2013/10/21 21:57:51 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\volsnap.sys.mui
[2013/10/21 21:57:51 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\afd.sys.mui
[2013/10/21 21:57:51 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\USBHUB3.SYS.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\viac7.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\processr.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\intelppm.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\amdppm.sys.mui
[2013/10/21 21:57:51 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\amdk8.sys.mui
[2013/10/21 21:57:51 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbhub.sys.mui
[2013/10/21 21:57:51 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\UCX01000.SYS.mui
[2013/10/21 21:57:51 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\1394ohci.sys.mui
[2013/10/21 21:57:51 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\serial.sys.mui
[2013/10/21 21:57:51 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\i8042prt.sys.mui
[2013/10/21 21:57:51 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\acpi.sys.mui
[2013/10/21 21:57:51 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\USBXHCI.SYS.mui
[2013/10/21 21:57:51 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pci.sys.mui
[2013/10/21 21:57:51 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\tpm.sys.mui
[2013/10/21 21:57:51 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\spaceport.sys.mui
[2013/10/21 21:57:51 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ataport.sys.mui
[2013/10/21 21:57:51 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\battc.sys.mui
[2013/10/21 21:57:51 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\IPMIDrv.sys.mui
[2013/10/21 21:57:51 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\disk.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vhdmp.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vdrvroot.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\sermouse.sys.mui
[2013/10/21 21:57:51 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\fltmgr.sys.mui
[2013/10/21 21:57:51 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\kbdclass.sys.mui
[2013/10/21 21:57:51 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mouclass.sys.mui
[2013/10/21 21:57:51 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wacompen.sys.mui
[2013/10/21 21:57:51 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\isapnp.sys.mui
[2013/10/21 21:57:51 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\parport.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\usbehci.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\umbus.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\parvdm.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mssmbios.sys.mui
[2013/10/21 21:57:51 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mouhid.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wdf01000.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\VIAAGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\ULIAGPKX.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\UAGP35.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\SISAGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\NV_AGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\MTConfig.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\kbdhid.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\GAGP30KX.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\cdrom.sys.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\AMDAGP.SYS.mui
[2013/10/21 21:57:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\AGP440.sys.mui
[2013/10/21 21:57:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\wd.sys.mui
[2013/10/21 21:57:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\pdc.sys.mui
[2013/10/21 21:57:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\partmgr.sys.mui
[2013/10/21 21:57:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\mountmgr.sys.mui
[2013/10/21 21:05:54 | 000,043,144 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013/10/21 21:05:41 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/10/21 21:05:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/10/26 11:53:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/10/26 11:53:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/10/26 11:53:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/10/26 11:53:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/10/26 11:53:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/10/23 15:14:05 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2013/10/22 19:14:15 | 000,000,000 | ---- | C] () -- C:\Users\GozStar\AppData\Local\census.cache
[2013/10/22 19:14:15 | 000,000,000 | ---- | C] () -- C:\Users\GozStar\AppData\Local\ars.cache
[2013/10/22 17:16:50 | 000,000,036 | ---- | C] () -- C:\Users\GozStar\AppData\Local\housecall.guid.cache
[2013/10/22 15:21:11 | 000,000,131 | ---- | C] () -- C:\Windows\CRC.INI
[2013/10/22 15:19:56 | 000,000,644 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/10/22 15:19:56 | 000,000,616 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/10/22 15:19:56 | 000,000,446 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2013/10/22 15:19:55 | 000,002,136 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/10/22 15:18:55 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 3.job
[2013/10/22 15:18:51 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3.lnk
[2013/10/22 15:04:38 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/22 14:56:38 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/22 14:56:37 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/22 14:22:37 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/10/22 14:22:37 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/10/22 14:20:49 | 000,000,022 | ---- | C] () -- C:\Windows\System32\sycd5.dll
[2013/10/22 14:20:41 | 000,007,887 | ---- | C] () -- C:\Users\GozStar\AppData\Roaming\pcouffin.cat
[2013/10/22 14:20:41 | 000,001,144 | ---- | C] () -- C:\Users\GozStar\AppData\Roaming\pcouffin.inf
[2013/10/22 14:20:40 | 000,000,970 | ---- | C] () -- C:\Users\GozStar\Desktop\CloneDVD5.lnk
[2013/10/22 14:06:41 | 000,002,931 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2013/10/22 13:03:03 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2013/10/22 12:53:20 | 000,000,715 | ---- | C] () -- C:\Users\GozStar\Desktop\usb_format.lnk
[2013/10/22 12:49:39 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Video Search.lnk
[2013/10/22 12:49:39 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2013/10/22 12:48:48 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2013/10/22 12:47:09 | 000,000,964 | ---- | C] () -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2013/10/22 11:23:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/22 11:23:12 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2013/10/22 11:15:32 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Mananger.lnk
[2013/10/22 11:10:02 | 000,615,249 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013/10/21 22:28:48 | 000,057,654 | ---- | C] () -- C:\Windows\System32\OEMLogo.bmp
[2013/10/21 22:02:11 | 000,795,878 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2013/10/21 22:02:11 | 000,346,536 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2013/10/21 22:02:11 | 000,162,282 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2013/10/21 22:02:11 | 000,043,804 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2013/10/21 21:10:49 | 000,001,430 | ---- | C] () -- C:\Users\GozStar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/10/21 21:06:42 | 2565,431,296 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/21 21:05:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/10/21 21:05:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/10/21 21:04:36 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013/08/30 20:47:56 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013/08/30 20:47:50 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2013/08/30 20:47:50 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013/08/30 19:53:48 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2013/08/30 19:50:04 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013/08/30 19:50:04 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013/08/27 16:06:16 | 000,233,652 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013/08/27 14:27:56 | 000,082,336 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2013/08/07 14:22:00 | 000,716,208 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/08/07 12:12:12 | 000,231,984 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2012/07/26 03:55:27 | 000,710,046 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2012/07/26 03:55:27 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2012/07/26 03:55:27 | 000,132,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2012/07/26 03:55:27 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2012/07/26 03:53:47 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2012/07/26 03:53:46 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2012/07/26 03:03:55 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 03:00:17 | 000,430,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/25 22:20:38 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2012/07/25 22:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2012/07/25 21:48:53 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2012/07/25 17:41:36 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 17:24:47 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2012/07/13 23:00:46 | 000,043,882 | ---- | C] () -- C:\Windows\System32\srms.dat
[2012/06/02 17:25:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat
[2012/06/02 11:31:24 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2012/06/02 11:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== ZeroAccess Check ==========
 
[2013/10/21 22:06:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/07/26 00:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 00:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 00:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
< End of report >


#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 27 October 2013 - 07:56 PM


Hello gozstar

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script
  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.
    :OTL
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
     IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://192.168.1.22/
    IE - HKU\S-1-5-21-2559246285-2480579463-896742482-1001\..\SearchScopes,DefaultScope = 
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.


Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 28 October 2013 - 06:32 AM

========== OTL ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKU\S-1-5-21-2559246285-2480579463-896742482-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2559246285-2480579463-896742482-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
========== FILES ==========
< ipconfig /flushdns /c >
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
D:\Gabriel\LIMPIAR\cmd.bat deleted successfully.
D:\Gabriel\LIMPIAR\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: GozStar
 
User: Public
 
Total Java Files Cleaned = 0,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: GozStar
->Flash cache emptied: 456 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 10282013_082524
 
 
SearchCentrix  and keylogger infected...


#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 28 October 2013 - 08:14 AM

Hello

"SearchCentrix and keylogger infected..." - what program is finding it and can you show me some type of report


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 28 October 2013 - 04:25 PM

  AROVAX

 

Arovax AntiSpyware



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:20 PM

Posted 28 October 2013 - 09:29 PM

can you show me a report or screen shot

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users