Inactive Cannot get to login, computer won't start

[Inactive] Cannot get to login, computer won't start

http://www.windowsbbs.com/windows-7...cant-get-past-system-restore-please-help.html

 

First step done...

Hey,

Sorry for the uber-delay... xD

It was kinda hard for me to get an actual CD around here.

Here are the results...

(Sorry in advance if I should`ve posted it in another format)





nOTL logfile created on: 1/19/2011 11:03:40 PM - Run
OTLPE by OldTimer - Version 3.1.44.0 Folder = X:\Programs\OTLPE
Windows 7 Ultimate (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 5.46 Gb Free Space | 2.35% Space Free | Partition Type: NTFS
Drive X: | 436.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2010/12/17 05:32:52 | 002,850,296 | ---- | M] (Emsi Software GmbH) [Auto] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010/12/07 10:50:27 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010/11/23 10:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 01:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/15 21:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/04 21:27:16 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\3.0.188\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/07/06 14:39:04 | 003,039,536 | ---- | M] (HideMyIP) [On_Demand] -- C:\Program Files\Hide My IP\HideMyIpSrv.exe -- (HideMyIpSRV)
SRV - [2010/06/07 15:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/04/27 01:00:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/07 17:19:59 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/02/04 16:15:14 | 000,121,344 | ---- | M] (Airytec) [Auto] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffWeb)
SRV - [2010/02/04 16:15:14 | 000,121,344 | ---- | M] (Airytec) [Auto] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffScheduler)
SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV)
SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/06/29 07:31:20 | 000,233,472 | ---- | M] (Teruten) [Auto] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 07:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot] -- -- (otclvpk)
DRV - [2011/01/16 19:26:58 | 000,000,000 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\pihrhmpo.sys -- (pihrhmpo)
DRV - [2010/12/08 01:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 10:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/10/01 08:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/09/19 04:57:36 | 000,072,808 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2010/09/13 12:27:54 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2010/09/07 00:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 00:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/09/05 08:25:22 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2010/08/19 17:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 17:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 17:42:36 | 000,021,072 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/06/09 14:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 14:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2010/06/07 18:57:00 | 010,888,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/05 05:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2010/04/22 16:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010/04/10 15:08:10 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/16 11:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/11/02 17:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\cng.sys -- (CNG)
DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (SrvHsfPCI)
DRV - [2009/07/13 17:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 17:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 17:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/29 07:31:20 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/01/14 05:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/09/17 13:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/05/02 09:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2007/05/02 09:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2007/05/02 09:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\MontySire_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.br/ [binary data]
IE - HKU\MontySire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skip-search.com/?cfg=2-82-0-0&engine_id=2&provider_id=2&product_id=82&country=BR
IE - HKU\MontySire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKU\MontySire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\MontySire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C3 F8 49 3F EA D8 CA 01 [binary data]
IE - HKU\MontySire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.astroburn-search.com/startpage
IE - HKU\MontySire_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\MontySire_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\MontySire_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\MontySire_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8075



FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/05 04:26:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/05 04:26:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/01/13 09:17:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 19:12:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 19:12:37 | 000,000,000 | ---D | M]

[2011/01/16 18:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/07 10:23:32 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/22 19:54:55 | 000,001,027 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\buscape.xml
[2010/07/22 19:54:55 | 000,001,212 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mercadolivre.xml
[2010/07/22 19:54:55 | 000,001,168 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-br.xml
[2010/07/22 19:54:55 | 000,000,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (coldHelper Class) - {7C7DCF5B-46DB-4ed8-AD11-DAE6C4FE9F60} - C:\Users\MontySire\AppData\Local\ColdPlay\coldplie.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (Barra de Ferramentas do Yahoo!) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\MontySire_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\MontySire_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avp] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Chris PC-Lock] File not found
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NliaClient] C:\Program Files\NLIA\Netpia.exe (Netpia International Corp.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PC-Clean] C:\Program Files\PC-Clean\PC-Clean.exe (Netpia.com, Inc.)
O4 - HKLM..\Run: [Windows® NetMeeting] C:\Program Files\NetMeeting\ca32.exe ()
O4 - HKU\MontySire_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\MontySire_ON_C..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\MontySire_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\MontySire_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\MontySire_ON_C..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\MontySire_ON_C..\Run: [Windows® NetMeeting] C:\Program Files\NetMeeting\ca32.exe ()
O4 - HKU\Administrador_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows® NetMeeting = C:\Program Files\NetMeeting\ca32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows® NetMeeting = C:\Program Files\NetMeeting\ca32.exe ()
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKU\MontySire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkStation = 0
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\HMIPCore.dll (My Privacy Tools, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.6.2.28 201.6.2.30 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~2\AVP11\mzvkbd3.dll) - C:\ProgramData\AVP11\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/16 18:16:35 | 000,139,264 | ---- | C] (Netpia.com, Inc.) -- C:\Windows\System32\NliaControl.cpl
[2011/01/16 18:16:35 | 000,036,864 | ---- | C] (Netpia.com, Inc.) -- C:\Windows\System32\NliaControlRes.dll
[2011/01/16 18:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\PC-Clean
[2011/01/16 18:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\NLIA
[2011/01/16 18:15:58 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Roaming\Malwarebytes
[2011/01/16 18:15:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/01/16 18:15:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/01/16 18:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/13 09:40:07 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/01/13 09:19:09 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Roaming\AVG10
[2011/01/13 09:17:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/01/13 09:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/01/13 09:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011/01/12 20:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011/01/12 20:00:32 | 000,000,000 | ---D | C] -- C:\Users\MontySire\Documents\Anti-Malware
[2011/01/12 18:18:11 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/01/12 12:25:16 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/01/12 03:06:18 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Local\ColdPlay
[2011/01/12 03:06:16 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Roaming\updates
[2011/01/10 19:53:51 | 000,070,144 | RHS- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\dfrguiu.dll
[2011/01/05 04:26:10 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Roaming\Local
[2011/01/05 04:24:13 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Roaming\DivX
[2011/01/05 04:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/01/03 17:32:18 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011/01/03 17:32:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011/01/03 17:32:17 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011/01/03 17:32:17 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011/01/03 17:32:16 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011/01/03 17:32:16 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011/01/03 17:32:16 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011/01/03 17:32:16 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011/01/03 17:32:15 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011/01/03 17:32:15 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011/01/03 17:32:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011/01/03 17:32:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011/01/03 17:31:37 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2011/01/03 17:31:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2011/01/03 09:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\The Creative Assembly
[2011/01/03 06:05:48 | 059,638,418 | ---- | C] (Macrovision Corporation) -- C:\Users\MontySire\Desktop\rome_total_war_patch_1-6.exe
[2010/12/24 19:39:23 | 000,000,000 | ---D | C] -- C:\Users\MontySire\AppData\Roaming\DiskAid
[2010/12/24 19:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\DigiDNA
[2010/12/23 12:40:31 | 000,000,000 | ---D | C] -- C:\Users\MontySire\Documents\Remote Assistance Logs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/17 02:36:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/16 19:27:01 | 2414,727,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/16 19:26:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\pihrhmpo.sys
[2011/01/16 19:12:35 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/16 18:36:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/16 18:25:21 | 000,000,310 | -HS- | M] () -- C:\Windows\tasks\Nbhluaqzu.job
[2011/01/16 17:27:39 | 104,416,855 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/01/16 17:26:11 | 000,013,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/16 17:26:11 | 000,013,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/13 09:03:44 | 000,000,036 | ---- | M] () -- C:\Users\MontySire\AppData\Local\housecall.guid.cache
[2011/01/13 08:37:15 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2011/01/12 18:05:19 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2011/01/12 11:56:53 | 000,000,482 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for MontySire.job
[2011/01/10 19:53:51 | 000,070,144 | RHS- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\dfrguiu.dll
[2011/01/09 08:55:21 | 000,666,670 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2011/01/09 08:55:21 | 000,618,664 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/09 08:55:21 | 000,130,608 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2011/01/09 08:55:21 | 000,108,240 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/07 22:58:38 | 000,274,379 | ---- | M] () -- C:\Users\MontySire\Documents\Yeah.wma
[2011/01/05 04:28:44 | 000,002,187 | ---- | M] () -- C:\Users\MontySire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/05 04:26:12 | 000,001,593 | ---- | M] () -- C:\Users\MontySire\Desktop\DivX Movies.lnk
[2011/01/03 17:28:20 | 000,001,037 | ---- | M] () -- C:\Users\MontySire\Desktop\Super Meat Boy.lnk
[2011/01/02 16:49:57 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/16 17:27:39 | 104,416,855 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/01/13 09:03:44 | 000,000,036 | ---- | C] () -- C:\Users\MontySire\AppData\Local\housecall.guid.cache
[2011/01/12 03:06:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\pihrhmpo.sys
[2011/01/10 19:53:51 | 000,000,310 | -HS- | C] () -- C:\Windows\tasks\Nbhluaqzu.job
[2011/01/07 22:58:38 | 000,274,379 | ---- | C] () -- C:\Users\MontySire\Documents\Yeah.wma
[2011/01/05 04:28:44 | 000,002,187 | ---- | C] () -- C:\Users\MontySire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/05 04:23:35 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/05 04:22:47 | 000,001,034 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/02 16:49:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2010/12/14 20:27:13 | 000,000,097 | ---- | C] () -- C:\Users\MontySire\AppData\Local\fusioncache.dat
[2010/11/09 19:03:18 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/11/09 19:03:16 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010/11/09 19:03:16 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/11/09 19:03:16 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/11/09 19:03:15 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/09/28 19:23:42 | 000,007,605 | ---- | C] () -- C:\Users\MontySire\AppData\Local\Resmon.ResmonCfg
[2010/06/29 08:45:24 | 000,000,165 | ---- | C] () -- C:\Users\MontySire\AppData\Roaming\PLGComp.ini
[2010/06/07 14:34:33 | 000,014,336 | ---- | C] () -- C:\Users\MontySire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/25 19:36:47 | 000,001,127 | ---- | C] () -- C:\Windows\System32\ansiq13.sys
[2010/04/19 19:53:14 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/04/19 19:53:14 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/11/16 11:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009/07/13 19:02:54 | 000,245,248 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/07 06:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2007/10/25 15:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

========== LOP Check ==========

[2010/12/06 20:10:57 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\.minecraft
[2010/05/09 09:01:25 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Advanced Chemistry Development
[2010/05/04 20:56:22 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Airytec
[2010/10/01 14:54:46 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Astroburn Lite
[2011/01/13 09:19:09 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\AVG10
[2011/01/16 19:19:52 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\BitTorrent
[2010/04/10 15:14:32 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\DAEMON Tools Lite
[2010/12/24 20:10:18 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\DiskAid
[2011/01/16 19:13:37 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Dropbox
[2010/04/12 20:56:13 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\GetRightToGo
[2010/04/24 21:10:28 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\LimeWire
[2010/09/17 07:37:01 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Lionhead Studios
[2011/01/05 04:26:10 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Local
[2010/06/14 17:50:36 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Longbow Digital Arts
[2010/04/26 14:13:24 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Lost Marble
[2010/05/03 14:03:41 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\ManyCam
[2010/08/26 16:10:23 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Mount&Blade
[2010/09/29 15:08:22 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2010/12/07 14:25:10 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\NetMeeting
[2010/04/19 20:19:04 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\PC Suite
[2010/04/19 19:53:05 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\Samsung
[2010/05/08 18:55:36 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\SPORE
[2010/10/28 11:41:08 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\The Creative Assembly
[2011/01/12 20:31:57 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\updates
[2011/01/16 18:16:24 | 000,000,000 | ---D | M] -- C:\Users\MontySire\AppData\Roaming\uTorrent
[2011/01/16 18:25:21 | 000,000,310 | -HS- | M] () -- C:\Windows\Tasks\Nbhluaqzu.job
[2011/01/12 18:05:19 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2011/01/13 08:37:15 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2010/08/21 08:26:08 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >







P.S. Thank you!

 

Just for the record, the infected PC is running ie just fine. Can I do all of the above mentioned from it?


(P.S. Ill take a while to answer, probably 12 hours. What is a good time for you guys? Im at GMT -2, just so I can make this quick for you and disturb you no more)

 

XD. Sorry. Totally not what I meant. It runs fine WHEN I BOOT WITH THE CD...

 

Second step done!

OK, so I ran the fix as told to, but no log appeared... Instead, a .tmp file was created (h2r1F.tmp) and when I clicked the OK button as to show the log, nothing showed up...

I`m gonna try to restart the PC normally right now and will post what happened.

 

Yep, now the computer boots normally to windows. Slow as a snail though... And AVG continues to detect viruses, something about win32.dll, i had to restart it to get rid of the infection... What next?

 

Yeah, I'm running the scans. Does the GMER take this long? Cause its been like 30 mins already...

And btw, what if i want to remove kaspersky?

 

So I uninstalled the Kaspersky as told to. Ran the scans. I'm sorry, but I ran the GMER TWICE! The first time the power went off in my neighbourhood so I had to restart it. The second time, I waited 17 hours for the thing to finish, and then the computer just restarted randomly. If it's really that necessary, I'll redo it, but please let me know...

(All of the logs are in portuguese, sorry, but it's the default language xD. If you have any trouble, ask me)

So the logs are:


(1st Malwarebytes log, right after I turned the PC on for the first time)

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Versão da Base de Dados: 5534

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

16/01/2011 22:26:07
mbam-log-2011-01-16 (22-26-07).txt

Tipo de Verificação: Verificação Rápida
Objetos escaneados: 155804
Tempo decorrido: 3 minuto(s), 26 segundo(s)

Processos de Memória Infectados: 0
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 14
Valores de Registro Infectados: 4
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 7

Processos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
HKEY_CLASSES_ROOT\CLSID\{D03B6018-E880-4A89-99A2-7354FE52DDAE} (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{287E0AA2-78E5-4822-BE91-DA0B4DAD82B3} (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{46A7DB2C-585F-4846-8C1C-D2C91FD872A2} (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\NLIA.Web.1 (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\NLIA.Web (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D03B6018-E880-4A89-99A2-7354FE52DDAE} (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D03B6018-E880-4A89-99A2-7354FE52DDAE} (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{FD16D053-9FE3-4bc1-BBDF-4D0FE927B9B2} (Adware.LastShopping) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\D9L83679SM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\yr87fk3d2dnszapq2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Valores de Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\JP595IR86O (Trojan.FakeAlert) -> Value: JP595IR86O -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\engel (Backdoor.Bot) -> Value: engel -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\nysqbkwb (Trojan.FakeAlert.Gen) -> Value: nysqbkwb -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Agent) -> Value: Taskman -> Quarantined and deleted successfully.

Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
c:\program files\NLIA\Nlia.dll (BHO.EasyAddressHelper) -> Quarantined and deleted successfully.
c:\Users\montysire\AppData\Local\Temp\appchk.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\montysire\AppData\Local\Temp\Rtn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\montysire\AppData\Roaming\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

(The second Malwarebytes I ran showed no infected files)





(MBRcheck)



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Foxconn
BIOS Manufacturer: Phoenix Technologies, LTD
System Manufacturer: OEM
System Product Name: OEM
Logical Drives Mask: 0x000001fd

Kernel Drivers (total 178):
0x82A54000 \SystemRoot\system32\ntkrnlpa.exe
0x82A1D000 \SystemRoot\system32\halmacpi.dll
0x80B9C000 \SystemRoot\system32\kdcom.dll
0x83A20000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x83A98000 \SystemRoot\system32\PSHED.dll
0x83AA9000 \SystemRoot\system32\BOOTVID.dll
0x83AB1000 \SystemRoot\system32\CLFS.SYS
0x83AF3000 \SystemRoot\system32\CI.dll
0x8B410000 \SystemRoot\system32\DRIVERS\kl1.sys
0x8B932000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8B9A3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8BA29000 \SystemRoot\System32\Drivers\spxc.sys
0x8BB1C000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8BB25000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8BB4B000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8BB93000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8BB9B000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8BBA6000 \SystemRoot\system32\DRIVERS\pci.sys
0x8BBD0000 \SystemRoot\System32\drivers\partmgr.sys
0x8BBE1000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8B9B1000 \SystemRoot\System32\drivers\volmgrx.sys
0x8BBF1000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8BA00000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8BA0E000 \SystemRoot\System32\drivers\mountmgr.sys
0x8B400000 \SystemRoot\system32\DRIVERS\atapi.sys
0x83B9E000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x83BC1000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x83BCA000 \SystemRoot\system32\drivers\fltmgr.sys
0x83A00000 \SystemRoot\system32\drivers\fileinfo.sys
0x8BC03000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BD32000 \SystemRoot\System32\Drivers\msrpc.sys
0x8BD5D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8BD70000 \SystemRoot\System32\Drivers\cng.sys
0x8BDCD000 \SystemRoot\System32\drivers\pcw.sys
0x8BDDB000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8BE2C000 \SystemRoot\system32\drivers\ndis.sys
0x8BEE3000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BF21000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8C02C000 \SystemRoot\System32\drivers\tcpip.sys
0x8C175000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C1A6000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8C1AF000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8C1EE000 \SystemRoot\System32\Drivers\spldr.sys
0x8BF46000 \SystemRoot\System32\drivers\rdyboost.sys
0x8C000000 \SystemRoot\System32\Drivers\mup.sys
0x8C010000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8BF73000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8C018000 \SystemRoot\system32\DRIVERS\disk.sys
0x8BFA5000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8C1F6000 \SystemRoot\system32\DRIVERS\avgrkx86.sys
0x8BFCA000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x92201000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x92220000 \SystemRoot\system32\DRIVERS\avgmfx86.sys
0x9222C000 \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
0x92235000 \SystemRoot\system32\DRIVERS\klif.sys





(DDS)



DDS (Ver_10-12-12.02) - NTFSx86
Run by MontySire at 21:13:35,72 on 21/01/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.3070.2014 [GMT -2:00]

AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Airytec\Switch Off\swoff.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\Hide My IP\HideMyIpSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\PC-Clean\PC-Clean.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\McAfee Security Scan\3.0.188\SSScheduler.exe
C:\Users\MontySire\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MontySire\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.skip-search.com/?cfg=2-82-0-0&engine_id=2&provider_id=2&product_id=82&country=BR
uURLSearchHooks: Barra de Ferramentas do Yahoo!: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: coldHelper Class: {7c7dcf5b-46db-4ed8-ad11-dae6c4fe9f60} - c:\users\montysire\appdata\local\coldplay\coldplie.dll
BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Barra de Ferramentas do Yahoo!: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe "
uRun: [Windows® NetMeeting] c:\program files\netmeeting\ca32.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [Windows® NetMeeting] c:\program files\netmeeting\ca32.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [NliaClient] c:\program files\nlia\Netpia.exe
mRun: [PC-Clean] c:\program files\pc-clean\PC-Clean.exe /h
uExplorerRun: [Windows® NetMeeting] c:\program files\netmeeting\ca32.exe
mExplorerRun: [Windows® NetMeeting] c:\program files\netmeeting\ca32.exe
StartupFolder: c:\users\montys~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\montysire\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\montys~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenote 2007 screen clipper and launcher.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee security scan plus.lnk - c:\program files\mcafee security scan\3.0.188\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\HMIPCore.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {85233830-VHQ7-616E-BUVN-76P0L33731EC} - c:\program files\netmeeting\ca32.exe

================= FIREFOX ===================

FF - ProfilePath - c:\users\montys~1\appdata\roaming\mozilla\firefox\profiles\o64vavww.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.http - 109.110.97.192:3128
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\users\montysire\appdata\roaming\mozilla\firefox\profiles\o64vavww.default\extensions\{10bce720-4c50-42c6-9af9-8185ec2febbb}\components\ColdPlayFF.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
FF - Ext: ColdPlayFF Module: {10BCE720-4C50-42c6-9AF9-8185EC2FEBBB} - %profile%\extensions\{10BCE720-4C50-42c6-9AF9-8185EC2FEBBB}
FF - Ext: ColdPlayFF: {10BCE720-4C50-42c6-9AF9-8185EC2FEBBB} - %profile%\extensions\{10BCE720-4C50-42c6-9AF9-8185EC2FEBBB}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2011-1-12 41928]
R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2011-1-12 11776]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2011-1-12 72808]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 21072]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-4-19 36608]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

=============== Created Last 30 ================

2011-01-21 02:02:30 -------- d-----w- c:\users\montysire\dwhelper
2011-01-20 19:15:17 -------- d-----w- c:\users\montys~1\appdata\local\Apps
2011-01-20 19:15:16 -------- d-----w- c:\users\montys~1\appdata\local\Deployment
2011-01-20 16:23:27 -------- d-----w- C:\_OTL
2011-01-16 23:16:35 36864 ----a-w- c:\windows\system32\NliaControlRes.dll
2011-01-16 23:16:35 139264 ----a-w- c:\windows\system32\NliaControl.cpl
2011-01-16 23:16:35 -------- d-----w- c:\program files\PC-Clean
2011-01-16 23:16:35 -------- d-----w- c:\program files\NLIA
2011-01-16 23:16:15 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2011-01-16 23:16:15 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2011-01-16 23:16:15 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2011-01-16 23:16:15 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2011-01-16 23:16:14 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2011-01-16 23:16:14 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2011-01-16 23:16:14 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2011-01-16 23:15:58 -------- d-----w- c:\users\montys~1\appdata\roaming\Malwarebytes
2011-01-16 23:15:51 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-16 23:15:48 -------- d-----w- c:\progra~2\Malwarebytes
2011-01-16 23:15:45 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 23:15:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-13 14:40:07 -------- d--h--w- C:\$AVG
2011-01-13 14:19:09 -------- d-----w- c:\users\montys~1\appdata\roaming\AVG10
2011-01-13 14:18:07 -------- d--h--w- c:\progra~2\Common Files
2011-01-13 14:17:14 -------- d-----w- c:\windows\system32\drivers\AVG
2011-01-13 14:17:14 -------- d-----w- c:\progra~2\AVG10
2011-01-13 14:16:53 -------- d-----w- c:\program files\AVG
2011-01-13 14:14:06 -------- d-----w- c:\progra~2\MFAData
2011-01-13 14:05:14 -------- d-----w- c:\progra~2\McAfee Security Scan
2011-01-13 14:05:03 -------- d-----w- c:\program files\McAfee Security Scan
2011-01-13 01:00:32 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2011-01-12 23:18:11 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 23:18:11 573440 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 23:18:11 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 23:18:11 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 23:18:11 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 08:06:18 -------- d-----w- c:\users\montys~1\appdata\local\ColdPlay
2011-01-12 08:06:16 -------- d-----w- c:\users\montys~1\appdata\roaming\updates
2011-01-09 05:56:56 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{21d8180e-2d3b-428c-93ff-be01a5b4184b}\mpengine.dll
2011-01-05 09:26:10 -------- d-----w- c:\users\montys~1\appdata\roaming\Local
2011-01-05 09:22:37 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-01-03 22:32:18 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-01-03 22:32:18 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-01-03 22:32:17 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-01-03 22:32:17 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-01-03 22:32:16 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-01-03 22:32:16 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-01-03 22:32:16 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-01-03 22:32:16 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-01-03 22:32:15 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-01-03 22:32:15 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-01-03 22:32:15 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-01-03 22:32:15 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-01-03 22:31:33 -------- d-----w- c:\windows\system32\directx
2011-01-03 14:41:29 -------- d-----w- c:\program files\The Creative Assembly
2011-01-03 00:46:34 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2011-01-03 00:46:34 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2011-01-03 00:46:34 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2011-01-03 00:46:34 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-01-03 00:46:34 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2011-01-03 00:46:34 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2011-01-03 00:46:27 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2011-01-03 00:46:27 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2010-12-25 00:39:23 -------- d-----w- c:\users\montys~1\appdata\roaming\DiskAid
2010-12-25 00:39:17 -------- d-----w- c:\program files\DigiDNA

==================== Find3M ====================

2010-12-15 01:22:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

============= FINISH: 21:15:32,79 ===============






That's it.

 

Thanks.

Here the attach.txt:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 10/04/2010 16:58:36
System Uptime: 21/01/2011 20:31:54 (4 hours ago)

Motherboard: Foxconn | | 45GM/45CM/45CM-S
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz | Socket 775 | 2200/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 22,429 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID:
Description:
Device ID: ACPI\PNP0510\4&2ED86B4E&0
Manufacturer:
Name:
PNP Device ID: ACPI\PNP0510\4&2ED86B4E&0
Service:

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Lexmark X422
Device ID: ROOT\IMAGE\0000
Manufacturer: Lexmark
Name: Lexmark X422
PNP Device ID: ROOT\IMAGE\0000
Service: usbscan

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

ACD/Labs Software in C:\Program Files\ACDFREE12\
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 - Português
Airytec Switch Off
Anime Studio 5.6
AoA Audio Extractor
AP Guitar Tuner 1.02
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arquivo do WinRAR
Ask Toolbar
Assistente de Conexão do Windows Live
Astroburn Lite
Astroburn Toolbar
µTorrent
aTube Catcher
AVG 2011
BareBonesWars_Full
Barra de Ferramentas do Yahoo!
BitTorrent
Bonjour
Capitalism II
CCleaner
Chris PC-Lock 2.95
City Life 2008
ColdPlay
Combat Arms
Convert VOB to AVI 1.7
DAEMON Tools Toolbar
Digital Guitar Tuner 2.3
Disk Space Finder
DiskAid 4.5
DoremiSoft AVI to MP4 Converter 1.0
Dropbox
DVD to VCD AVI DivX Converter v3.2 (build 069)
EA Download Manager UI
Emsisoft Anti-Malware 5.1
Europa Universalis III
Ferramenta de Carregamento do Windows Live
FM Screen Capture Codec (Remove Only)
Focus Magic 3.02
For the Glory
Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
Free WMV to AVI MPEG Converter v1.2
Gerenciador de Downloads da EA
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Great Invasions v.1.07b
Hegemony: Philip of Macedon
Hide My IP 5.2
HPSSupply
Instalação do DivX
iTunes
Java Auto Updater
Java(TM) 6 Update 18
K-Lite Codec Pack 4.0.0 (Full)
LimeWire 4.18.8
Lionheart Kings Crusade
MagicCamera 6.4.0
Making History II
Malwarebytes' Anti-Malware
ManyCam 2.4 (remove only)
McAfee Security Scan Plus
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual J# .NET Redistributable Package 1.1
Monopoly Tycoon
Mount&Blade
Mozilla Firefox (3.6.13)
MPEG TO AVI version 3.1.1
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Security Scan
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OJOsoft Total Video Converter
Pacote de Driver do Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
Pacote de Driver do Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Pacote de Driver do Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Pacote de Driver do Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
PasswordTools
PC-Clean
PC Connectivity Solution
QuickTime
Redtube Video Downloader 3.25
RegCure
Rome - Total War
Safari
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile Modem V2 Software
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
Samsung New PC Studio USB Driver Installer
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
SPOREâ„¢
System Requirements Lab
The Battle for Middle-earth (tm) II
Third Age - Total War 1.0 Part1
Third Age - Total War 1.0 Part2
Third Age - Total War Hotfix1
Third Age - Total War Patch 1.1
Third Age - Total War Patch 1.2
Third Age - Total War Patch 1.3
Third Age - Total War Patch 1.4
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2483110)
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.1.0-rc
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sync
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinPcap 4.1.1
WinX Free WMV to MP4 Converter 2.0.5
WMV TO AVI CONVERTER version 3.1.1
xVideos Video Downloader 3.24
Yenka

==== End Of File ===========================





And the second run of MBR:




MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Foxconn
BIOS Manufacturer: Phoenix Technologies, LTD
System Manufacturer: OEM
System Product Name: OEM
Logical Drives Mask: 0x000001fd

Kernel Drivers (total 173):
0x82A4D000 \SystemRoot\system32\ntkrnlpa.exe
0x82A16000 \SystemRoot\system32\halmacpi.dll
0x80BBD000 \SystemRoot\system32\kdcom.dll
0x8AC13000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8AC8B000 \SystemRoot\system32\PSHED.dll
0x8AC9C000 \SystemRoot\system32\BOOTVID.dll
0x8ACA4000 \SystemRoot\system32\CLFS.SYS
0x8ACE6000 \SystemRoot\system32\CI.dll
0x8AE03000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8AE74000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8AE82000 \SystemRoot\System32\Drivers\spcm.sys
0x8AF75000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8AF7E000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8AFA4000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8AFEC000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8AFF4000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8AD91000 \SystemRoot\system32\DRIVERS\pci.sys
0x8ADBB000 \SystemRoot\System32\drivers\partmgr.sys
0x8ADCC000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8B007000 \SystemRoot\System32\drivers\volmgrx.sys
0x8B052000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8B059000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8B067000 \SystemRoot\System32\drivers\mountmgr.sys
0x8B07D000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8B086000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8B0A9000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8B0B2000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B0E6000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B22E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B35D000 \SystemRoot\System32\Drivers\msrpc.sys
0x8B388000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B39B000 \SystemRoot\System32\Drivers\cng.sys
0x8B200000 \SystemRoot\System32\drivers\pcw.sys
0x8B20E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8B0F7000 \SystemRoot\system32\drivers\ndis.sys
0x8B1AE000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B411000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B436000 \SystemRoot\System32\drivers\tcpip.sys
0x8B57F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B5B0000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8B5B9000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8B5F8000 \SystemRoot\System32\Drivers\spldr.sys
0x8B630000 \SystemRoot\System32\drivers\rdyboost.sys
0x8B65D000 \SystemRoot\System32\Drivers\mup.sys
0x8B66D000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8B675000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8B6A7000 \SystemRoot\system32\DRIVERS\disk.sys
0x8B6B8000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8B6DD000 \SystemRoot\system32\DRIVERS\avgrkx86.sys
0x8B6E2000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x8B71D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B73C000 \SystemRoot\system32\DRIVERS\avgmfx86.sys
0x8B748000 \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
0x8B751000 \SystemRoot\System32\Drivers\Null.SYS
0x8B758000 \SystemRoot\System32\Drivers\Beep.SYS
0x8B75F000 \SystemRoot\System32\drivers\vga.sys
0x8B76B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8B78C000 \SystemRoot\System32\drivers\watchdog.sys
0x8B799000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8B7A1000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8B7A9000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8B7B1000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8B7BC000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8B7CA000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8B7E1000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x91635000 \SystemRoot\system32\DRIVERS\avgtdix.sys
0x9167D000 \SystemRoot\System32\DRIVERS\netbt.sys
0x916AF000 \SystemRoot\system32\drivers\afd.sys
0x91709000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x91712000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x91719000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91738000 \SystemRoot\system32\DRIVERS\netbios.sys
0x91746000 \SystemRoot\system32\DRIVERS\serial.sys
0x91760000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x91773000 \SystemRoot\system32\DRIVERS\termdd.sys
0x91783000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x917C4000 \SystemRoot\system32\drivers\nsiproxy.sys
0x917CE000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x917D8000 \SystemRoot\System32\drivers\discache.sys
0x91838000 \SystemRoot\system32\drivers\csc.sys
0x9189C000 \SystemRoot\System32\Drivers\dfsc.sys
0x918B4000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x918C2000 \SystemRoot\system32\DRIVERS\avgldx86.sys
0x918FE000 \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
0x91900000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x91921000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x9241D000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x92E7E000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x92E80000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x92F37000 \SystemRoot\System32\drivers\dxgmms1.sys
0x92F70000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x92F8F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x92F9A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x92FE5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x91933000 \SystemRoot\system32\DRIVERS\VSTBS23.SYS
0x9197F000 \SystemRoot\system32\DRIVERS\ks.sys
0x91E28000 \SystemRoot\system32\DRIVERS\VSTDPV3.SYS
0x91F2A000 \SystemRoot\system32\DRIVERS\VSTCNXT3.SYS
0x91FDF000 \SystemRoot\system32\drivers\modem.sys
0x91FEC000 \SystemRoot\system32\DRIVERS\Rtnicxp.sys
0x91E00000 \SystemRoot\system32\DRIVERS\fdc.sys
0x91E0B000 \SystemRoot\system32\DRIVERS\serenum.sys
0x92400000 \SystemRoot\system32\DRIVERS\parport.sys
0x919B3000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91E15000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x91E22000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x92030000 \SystemRoot\System32\Drivers\a1d79tv8.SYS
0x92069000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x92086000 \SystemRoot\system32\DRIVERS\ManyCam.sys
0x9208C000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x9209A000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x920AC000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x920C4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x920CF000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x920F1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x92109000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x92120000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x92137000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x92141000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x9214E000 \SystemRoot\system32\DRIVERS\swenum.sys
0x92150000 \SystemRoot\system32\DRIVERS\umbus.sys
0x9215E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x921A2000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0x921AC000 \SystemRoot\system32\drivers\HdAudio.sys
0x92000000 \SystemRoot\system32\drivers\portcls.sys
0x919CB000 \SystemRoot\system32\drivers\drmk.sys
0x919E4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x91800000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x92076000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x92078000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x91817000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x92FF4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9182A000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x917E4000 \SystemRoot\System32\Drivers\crashdmp.sys
0x919F5000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x917F1000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x91600000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x98E70000 \SystemRoot\System32\win32k.sys
0x91611000 \SystemRoot\System32\drivers\Dxapi.sys
0x9161B000 \SystemRoot\system32\DRIVERS\monitor.sys
0x990D0000 \SystemRoot\System32\TSDDD.dll
0x99100000 \SystemRoot\System32\cdd.dll
0x8B600000 \SystemRoot\system32\drivers\luafv.sys
0x8B6EB000 \SystemRoot\system32\drivers\WudfPf.sys
0x8B705000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8B7EC000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9DA16000 \SystemRoot\system32\drivers\HTTP.sys
0x9DA9B000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9DAB4000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9DAC6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9DAE9000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9DB24000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9DB3F000 \SystemRoot\system32\DRIVERS\parvdm.sys
0x9DB46000 \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys
0x9DB4F000 \SystemRoot\system32\drivers\npf.sys
0x9DB5E000 \SystemRoot\system32\drivers\peauth.sys
0x9DBF5000 \SystemRoot\System32\Drivers\secdrv.SYS
0x8ADDC000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9DA00000 \SystemRoot\System32\drivers\tcpipreg.sys
0x91626000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0x9EC21000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9EC70000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0x9EC98000 \SystemRoot\System32\DRIVERS\srv.sys
0x9ECE9000 \SystemRoot\System32\Drivers\fastfat.SYS
0x9ED13000 \??\C:\Windows\system32\FsUsbExDisk.SYS
0x9ED1C000 \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
0x9ED2C000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x9ED4D000 \SystemRoot\system32\drivers\spsys.sys
0x9EDDC000 \??\C:\Users\MONTYS~1\AppData\Local\Temp\mbr.sys
0x77680000 \Windows\System32\ntdll.dll
0x48390000 \Windows\System32\smss.exe
0x778C0000 \Windows\System32\apisetschema.dll
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll

Processes (total 77):
0 System Idle Process
4 SYSTEM
240 C:\Windows\System32\smss.exe
292 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
476 csrss.exe
536 C:\Windows\System32\wininit.exe
552 csrss.exe
592 C:\Windows\System32\services.exe
608 C:\Windows\System32\lsass.exe
616 C:\Windows\System32\lsm.exe
708 C:\Windows\System32\winlogon.exe
804 C:\Windows\System32\svchost.exe
868 C:\Program Files\Emsisoft Anti-Malware\a2service.exe
936 C:\Windows\System32\nvvsvc.exe
976 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1128 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\svchost.exe
1292 C:\Windows\System32\svchost.exe
1472 C:\Windows\System32\nvvsvc.exe
1608 C:\Windows\System32\spoolsv.exe
1644 C:\Windows\System32\svchost.exe
1700 C:\Windows\System32\svchost.exe
1764 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1856 C:\Windows\System32\taskeng.exe
1888 C:\Windows\System32\rundll32.exe
1896 C:\Program Files\AVG\AVG10\avgwdsvc.exe
1928 C:\Program Files\Bonjour\mDNSResponder.exe
1964 C:\Windows\System32\svchost.exe
2036 C:\Windows\System32\FsUsbExService.Exe
344 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
684 C:\Program Files\Airytec\Switch Off\swoff.exe
1680 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
2892 C:\Program Files\AVG\AVG10\avgnsx.exe
3876 C:\Program Files\Hide My IP\HideMyIpSrv.exe
3932 C:\Windows\System32\svchost.exe
2320 WUDFHost.exe
3264 C:\Windows\System32\sppsvc.exe
3328 C:\Program Files\Windows Media Player\wmpnetwk.exe
3380 C:\Windows\System32\SearchIndexer.exe
1784 C:\PROGRA~1\AVG\AVG10\avgrsx.exe
3116 C:\Program Files\AVG\AVG10\avgcsrvx.exe
3428 C:\Windows\System32\taskhost.exe
1148 C:\Windows\System32\dwm.exe
2740 C:\Windows\explorer.exe
1780 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2684 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1948 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
348 C:\Program Files\iTunes\iTunesHelper.exe
3808 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
3056 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
3232 C:\Program Files\AVG\AVG10\avgtray.exe
4300 C:\Program Files\PC-Clean\PC-Clean.exe
4344 C:\Program Files\DAEMON Tools Lite\DTLite.exe
4368 C:\Program Files\uTorrent\uTorrent.exe
4556 C:\Windows\System32\wuauclt.exe
4592 C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
4680 C:\Program Files\iPod\bin\iPodService.exe
4712 C:\Program Files\BitTorrent\BitTorrent.exe
4744 C:\Program Files\McAfee Security Scan\3.0.188\SSScheduler.exe
4996 C:\Users\MontySire\AppData\Roaming\Dropbox\bin\Dropbox.exe
5112 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
5168 C:\Windows\System32\conhost.exe
5176 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
5964 C:\Windows\System32\svchost.exe
5520 C:\Program Files\Mozilla Firefox\firefox.exe
5936 C:\Program Files\Mozilla Firefox\plugin-container.exe
3656 C:\Windows\System32\taskhost.exe
4176 C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe
1416 C:\Windows\System32\audiodg.exe
2396 C:\Windows\System32\svchost.exe
3228 C:\Windows\System32\SearchProtocolHost.exe
4928 C:\Windows\System32\SearchFilterHost.exe
2552 C:\Windows\explorer.exe
736 C:\Users\MontySire\Desktop\MBRCheck.exe
3756 C:\Windows\System32\conhost.exe
4152 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHD250HJ, Rev: FH100-06

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!


Thank you in advance...

 

And here's the report from RkU:



RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows 7
Version 6.1.7600
Number of processors #2
==============================================
>Drivers
==============================================
0x9241D000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 10883072 bytes (NVIDIA Corporation, NVIDIA Windows Kernel Mode Driver, Version 257.21 )
0x82A4D000 C:\Windows\system32\ntkrnlpa.exe 4259840 bytes (Microsoft Corporation, NT Kernel & System)
0x82A4D000 PnpManager 4259840 bytes
0x82A4D000 RAW 4259840 bytes
0x82A4D000 WMIxWDM 4259840 bytes
0x98E70000 Win32k 2404352 bytes
0x98E70000 C:\Windows\System32\win32k.sys 2404352 bytes (Microsoft Corporation, Driver Win32 multiusuário)
0x8B436000 C:\Windows\System32\drivers\tcpip.sys 1347584 bytes (Microsoft Corporation, Driver TCP/IP)
0x8B22E000 C:\Windows\System32\Drivers\Ntfs.sys 1241088 bytes (Microsoft Corporation, Driver do Sistema de Arquivos NT)
0x91E28000 C:\Windows\system32\DRIVERS\VSTDPV3.SYS 1056768 bytes (Conexant Systems, Inc., HSF_DP driver)
0x8AE82000 PCI_PNP4427 995328 bytes
0x8AE82000 C:\Windows\System32\Drivers\spcm.sys 995328 bytes
0x8AE82000 sptd 995328 bytes
0x92E80000 C:\Windows\System32\drivers\dxgkrnl.sys 749568 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8B0F7000 C:\Windows\system32\drivers\ndis.sys 749568 bytes (Microsoft Corporation, Driver NDIS 6.20)
0x91F2A000 C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x8ACE6000 C:\Windows\system32\CI.dll 700416 bytes (Microsoft Corporation, Code Integrity Module)
0x9DB5E000 C:\Windows\system32\drivers\peauth.sys 618496 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9DA16000 C:\Windows\system32\drivers\HTTP.sys 544768 bytes (Microsoft Corporation, Pilha do protocolo HTTP)
0x8AC13000 C:\Windows\system32\mcupdate_GenuineIntel.dll 491520 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x8AE03000 C:\Windows\system32\drivers\Wdf01000.sys 462848 bytes (Microsoft Corporation, Tempo de Execução da Estrutura de Driver em Modo Kernel)
0x9ED4D000 C:\Windows\system32\drivers\spsys.sys 434176 bytes (Microsoft Corporation, security processor)
0x91838000 C:\Windows\system32\drivers\csc.sys 409600 bytes (Microsoft Corporation, Windows Client Side Caching Driver)
0x8B39B000 C:\Windows\System32\Drivers\cng.sys 380928 bytes (Microsoft Corporation, Kernel Cryptography, Next Generation)
0x916AF000 C:\Windows\system32\drivers\afd.sys 368640 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x9EC98000 C:\Windows\System32\DRIVERS\srv.sys 331776 bytes (Microsoft Corporation, Server driver)
0x921AC000 C:\Windows\system32\drivers\HdAudio.sys 327680 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x9EC21000 C:\Windows\System32\DRIVERS\srv2.sys 323584 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x91933000 C:\Windows\system32\DRIVERS\VSTBS23.SYS 311296 bytes (Conexant Systems, Inc., HSF_HWB2 WDM driver)
0x92F9A000 C:\Windows\system32\DRIVERS\USBPORT.SYS 307200 bytes (Microsoft Corporation, Driver de Porta USB 1.1 e 2.0)
0x8B007000 C:\Windows\System32\drivers\volmgrx.sys 307200 bytes (Microsoft Corporation, Driver de Extensão do Gerenciador de Volumes)
0x8AFA4000 C:\Windows\system32\DRIVERS\ACPI.sys 294912 bytes (Microsoft Corporation, ACPI Driver for NT)
0x91635000 C:\Windows\system32\DRIVERS\avgtdix.sys 294912 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0x9215E000 C:\Windows\system32\DRIVERS\usbhub.sys 278528 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x8ACA4000 C:\Windows\system32\CLFS.SYS 270336 bytes (Microsoft Corporation, Common Log File System Driver)
0x91783000 C:\Windows\system32\DRIVERS\rdbss.sys 266240 bytes (Microsoft Corporation, Driver do Subsistema de Buffer da Unidade Redirecionado)
0x8B5B9000 C:\Windows\system32\DRIVERS\volsnap.sys 258048 bytes (Microsoft Corporation, Driver de cópia de sombra de volume)
0x8B1AE000 C:\Windows\system32\drivers\NETIO.SYS 253952 bytes (Microsoft Corporation, Network I/O Subsystem)
0x918C2000 C:\Windows\system32\DRIVERS\avgldx86.sys 245760 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0x9DAE9000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 241664 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x92030000 C:\Windows\System32\Drivers\a1d79tv8.SYS 233472 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x92F37000 C:\Windows\System32\drivers\dxgmms1.sys 233472 bytes (Microsoft Corporation, DirectX Graphics MMS)
0x82A16000 ACPI_HAL 225280 bytes
0x82A16000 C:\Windows\system32\halmacpi.dll 225280 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8B0B2000 C:\Windows\system32\drivers\fltmgr.sys 212992 bytes (Microsoft Corporation, Gerenciador de Filtro do Filesystem Microsoft)
0x9197F000 C:\Windows\system32\DRIVERS\ks.sys 212992 bytes (Microsoft Corporation, Kernel CSA Library)
0x8B675000 C:\Windows\System32\DRIVERS\fvevol.sys 204800 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x9167D000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8B57F000 C:\Windows\System32\drivers\fwpkclnt.sys 200704 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x92000000 C:\Windows\system32\drivers\portcls.sys 192512 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8B630000 C:\Windows\System32\drivers\rdyboost.sys 184320 bytes (Microsoft Corporation, ReadyBoost Driver)
0x8B35D000 C:\Windows\System32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x9ECE9000 C:\Windows\System32\Drivers\fastfat.SYS 172032 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8AD91000 C:\Windows\system32\DRIVERS\pci.sys 172032 bytes (Microsoft Corporation, Enumerador NT Plug and Play PCI)
0x9EC70000 C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 163840 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Driver.)
0x8AF7E000 C:\Windows\System32\Drivers\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8B6B8000 C:\Windows\system32\DRIVERS\CLASSPNP.SYS 151552 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8B411000 C:\Windows\System32\Drivers\ksecpkg.sys 151552 bytes (Microsoft Corporation, Kernel Security Support Provider Interface Packages)
0x8B086000 C:\Windows\system32\DRIVERS\ataport.SYS 143360 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x9DAC6000 C:\Windows\system32\DRIVERS\mrxsmb.sys 143360 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x920CF000 C:\Windows\system32\DRIVERS\ndiswan.sys 139264 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8ADDC000 C:\Windows\System32\DRIVERS\srvnet.sys 135168 bytes (Microsoft Corporation, Server Network driver)
0x91900000 C:\Windows\system32\DRIVERS\tunnel.sys 135168 bytes (Microsoft Corporation, Driver de Interface de Túnel Microsoft)
0x8B76B000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x9ED2C000 C:\Windows\system32\DRIVERS\WUDFRd.sys 135168 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0x8B71D000 C:\Windows\system32\DRIVERS\cdrom.sys 126976 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x92F70000 C:\Windows\system32\DRIVERS\HDAudBus.sys 126976 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x91719000 C:\Windows\system32\DRIVERS\pacer.sys 126976 bytes (Microsoft Corporation, Agendador de pacotes de serviço)
0x99100000 C:\Windows\System32\cdd.dll 122880 bytes (Microsoft Corporation, Canonical Display Driver)
0x8B600000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, Driver do Filtro de Virtualização do Arquivo LUA)
0x9DB24000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 110592 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x91746000 C:\Windows\system32\DRIVERS\serial.sys 106496 bytes (Microsoft Corporation, Driver de dispositivo serial)
0x8B6EB000 C:\Windows\system32\drivers\WudfPf.sys 106496 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x9DA9B000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x919CB000 C:\Windows\system32\drivers\drmk.sys 102400 bytes (Microsoft Corporation, Microsoft Trusted Audio Drivers)
0x9189C000 C:\Windows\System32\Drivers\dfsc.sys 98304 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x919B3000 C:\Windows\system32\DRIVERS\i8042prt.sys 98304 bytes (Microsoft Corporation, Driver de porta i8042)
0x92400000 C:\Windows\system32\DRIVERS\parport.sys 98304 bytes (Microsoft Corporation, Driver de porta paralela)
0x920AC000 C:\Windows\system32\DRIVERS\rasl2tp.sys 98304 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x920F1000 C:\Windows\system32\DRIVERS\raspppoe.sys 98304 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x92109000 C:\Windows\system32\DRIVERS\raspptp.sys 94208 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x92120000 C:\Windows\system32\DRIVERS\rassstp.sys 94208 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8B7CA000 C:\Windows\system32\DRIVERS\tdx.sys 94208 bytes (Microsoft Corporation, TDI Translation Driver)
0x91800000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 94208 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0x8B067000 C:\Windows\System32\drivers\mountmgr.sys 90112 bytes (Microsoft Corporation, Gerenciador de Pontos de Montagem)
0x91817000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 77824 bytes (Microsoft Corporation, Hid Class Library)
0x8B388000 C:\Windows\System32\Drivers\ksecdd.sys 77824 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x8B7EC000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x91760000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x9209A000 C:\Windows\system32\DRIVERS\AgileVpn.sys 73728 bytes (Microsoft Corporation, RAS Agile Vpn Miniport Call Manager)
0x91921000 C:\Windows\system32\DRIVERS\intelppm.sys 73728 bytes (Microsoft Corporation, Processor Device Driver)
0x9DAB4000 C:\Windows\System32\drivers\mpsdrv.sys 73728 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8B6A7000 C:\Windows\system32\DRIVERS\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x91600000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x8B0E6000 C:\Windows\system32\drivers\fileinfo.sys 69632 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x919E4000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8ADBB000 C:\Windows\System32\drivers\partmgr.sys 69632 bytes (Microsoft Corporation, Partition Management Driver)
0x8AC8B000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Driver de Erro de Hardware Específico da Plataforma)
0x9ED1C000 C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys 65536 bytes (Emsi Software GmbH, Emsisoft Anti-Malware File Guard)
0x8B705000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8B65D000 C:\Windows\System32\Drivers\mup.sys 65536 bytes (Microsoft Corporation, Multiple UNC Provider Driver)
0x91773000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Remote Desktop Server Driver)
0x8ADCC000 C:\Windows\system32\DRIVERS\volmgr.sys 65536 bytes (Microsoft Corporation, Volume Manager Driver)
0x9DB4F000 C:\Windows\system32\drivers\npf.sys 61440 bytes (CACE Technologies, Inc., npf.sys (NT5/6 x86) Kernel Driver)
0x91FEC000 C:\Windows\system32\DRIVERS\Rtnicxp.sys 61440 bytes (Realtek Semiconductor Corporation , Realtek 10/100 NDIS 5.1 Driver )
0x92FE5000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x918B4000 C:\Windows\system32\DRIVERS\blbdrive.sys 57344 bytes (Microsoft Corporation, BLB Drive Driver)
0x91738000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8B7BC000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8B059000 C:\Windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8B200000 C:\Windows\System32\drivers\pcw.sys 57344 bytes (Microsoft Corporation, Performance Counters for Windows Driver)
0x9208C000 C:\Windows\system32\DRIVERS\STREAM.SYS 57344 bytes (Microsoft Corporation, WDM CODEC Class Device Driver 2.0)
0x92150000 C:\Windows\system32\DRIVERS\umbus.sys 57344 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8AE74000 C:\Windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x92069000 C:\Windows\system32\DRIVERS\CompositeBus.sys 53248 bytes (Microsoft Corporation, Multi-Transport Composite Bus Enumerator)
0x917E4000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x91E15000 C:\Windows\system32\DRIVERS\kbdclass.sys 53248 bytes (Microsoft Corporation, Driver de Classe de Teclado)
0x91FDF000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Driver de dispositivo de modem)
0x92141000 C:\Windows\system32\DRIVERS\mouclass.sys 53248 bytes (Microsoft Corporation, Driver de classe modem)
0x9DA00000 C:\Windows\System32\drivers\tcpipreg.sys 53248 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8B78C000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8B73C000 C:\Windows\system32\DRIVERS\avgmfx86.sys 49152 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0x917D8000 C:\Windows\System32\drivers\discache.sys 49152 bytes (Microsoft Corporation, System Indexer/Cache Driver)
0x8B75F000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x919F5000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x91E00000 C:\Windows\system32\DRIVERS\fdc.sys 45056 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0x92078000 C:\Windows\system32\DRIVERS\hidusb.sys 45056 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x9161B000 C:\Windows\system32\DRIVERS\monitor.sys 45056 bytes (Microsoft Corporation, Monitor Driver)
0x9182A000 C:\Windows\system32\DRIVERS\mouhid.sys 45056 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x8B7B1000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x920C4000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8B7E1000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x92F8F000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8AFF4000 C:\Windows\system32\DRIVERS\vdrvroot.sys 45056 bytes (Microsoft Corporation, Enumerador Raiz de Unidade Virtual)
0x91626000 C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 40960 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Filter Driver.)
0x91611000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x921A2000 C:\Windows\system32\DRIVERS\flpydisk.sys 40960 bytes (Microsoft Corporation, Floppy Driver)
0x917CE000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x917C4000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x92137000 C:\Windows\system32\DRIVERS\rdpbus.sys 40960 bytes (Microsoft Corporation, Microsoft RDP Bus Device driver)
0x9DBF5000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x91E0B000 C:\Windows\system32\DRIVERS\serenum.sys 40960 bytes (Microsoft Corporation, Serial Port Enumerator)
0x8B748000 C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys 36864 bytes (Emsi Software GmbH, Emsisoft Anti-Malware Behavior Blocker)
0x8B0A9000 C:\Windows\system32\DRIVERS\amdxata.sys 36864 bytes (Advanced Micro Devices, Storage Filter Driver)
0x8B07D000 C:\Windows\system32\DRIVERS\atapi.sys 36864 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8B6E2000 C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 36864 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Helper Driver.)
0x9DB46000 C:\Windows\system32\DRIVERS\AVGIDSShim.Sys 36864 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Loader Driver.)
0x917F1000 C:\Windows\System32\Drivers\dump_atapi.sys 36864 bytes
0x9ED13000 C:\Windows\system32\FsUsbExDisk.SYS 36864 bytes
0x8B20E000 C:\Windows\System32\Drivers\Fs_Rec.sys 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x9EDE7000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x990D0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8B5B0000 C:\Windows\system32\DRIVERS\vmstorfl.sys 36864 bytes (Microsoft Corporation, Virtual Storage Filter Driver)
0x8AF75000 C:\Windows\System32\Drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x91709000 C:\Windows\system32\drivers\ws2ifsl.sys 36864 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0x8AC9C000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8B66D000 C:\Windows\System32\drivers\hwpolicy.sys 32768 bytes (Microsoft Corporation, Hardware Policy Driver)
0x80BBD000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Serial Kernel Debugger)
0x8AFEC000 C:\Windows\system32\DRIVERS\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8B799000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8B7A1000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Encoder Miniport)
0x8B7A9000 C:\Windows\system32\drivers\rdprefmp.sys 32768 bytes (Microsoft Corporation, RDP Reflector Driver Miniport)
0x8B5F8000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8B758000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x92FF4000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8B052000 C:\Windows\system32\DRIVERS\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x9EDDC000 C:\Users\MONTYS~1\AppData\Local\Temp\mbr.sys 28672 bytes
0x8B751000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x9DB3F000 C:\Windows\system32\DRIVERS\parvdm.sys 28672 bytes (Microsoft Corporation, Driver paralelo VDM)
0x91712000 C:\Windows\system32\DRIVERS\wfplwf.sys 28672 bytes (Microsoft Corporation, WFP NDIS 6.20 Lightweight Filter Driver)
0x91E22000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x92086000 C:\Windows\system32\DRIVERS\ManyCam.sys 24576 bytes (ManyCam LLC., ManyCam Virtual Webcam, WDM Video Capture Driver)
0x8B6DD000 C:\Windows\system32\DRIVERS\avgrkx86.sys 20480 bytes (AVG Technologies CZ, s.r.o., AVG Anti-Rootkit Driver)
0x918FE000 C:\Program Files\Emsisoft Anti-Malware\a2util32.sys 8192 bytes (Emsi Software GmbH, a-squared Malware-IDS utility driver)
0x92E7E000 C:\Windows\system32\DRIVERS\nvBridge.kmd 8192 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 257.21 )
0x9214E000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x92076000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0x85E391F8 unknown_irp_handler 3592 bytes
0x871DF1F8 unknown_irp_handler 3592 bytes
0x85E371F8 unknown_irp_handler 3592 bytes
0x861021F8 unknown_irp_handler 3592 bytes
0x85E381F8 unknown_irp_handler 3592 bytes
0x861A01F8 unknown_irp_handler 3592 bytes
0x85E351F8 unknown_irp_handler 3592 bytes
0x86240500 unknown_irp_handler 2816 bytes
0x8621C500 unknown_irp_handler 2816 bytes
0x863A2500 unknown_irp_handler 2816 bytes
0x86333500 unknown_irp_handler 2816 bytes
0x86320500 unknown_irp_handler 2816 bytes
==============================================
>Stealth
==============================================
WARNING: File locked for read access [C:\Windows\system32\drivers\sptd.sys]

 

OK, this might sound a bit retarded, but how do I close AVG again? Cause there's no "exit" option from clicking on the tray icon... :/