Solved Computer Slow After Cleaning By Malwarebytes

flyboy1565 · 2010/10/14

[Resolved] Computer Slow After Cleaning By Malwarebytes

This is my grandma's computer. She uses it most for games and email. She is unaware of the possible threats to her computer. I had to get help from you guys with scareware on her computer. We used malwarebytes and haven't had any issues. I've noticed that its gotten really bogged down, it is like 5yrs old. I just want to make sure everything is in order. Any help will do. I'm posting a new DDS log, and i do have a copy of the old log.

DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 14:01:24.14 on Thu 10/14/2010
Internet Explorer: 8.0.6001.18975
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.1014.122 [GMT -7:00]

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Users\Owner\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\Imgtask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
c:\Users\Owner\Documents\New Folder\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.att.net/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://att.net
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: eGames Toolbar: {4e7bd74f-2b8d-469e-85b2-bc27fe9aae2e} -
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 - "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB5; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; yie8)" - "http://games.bigfishgames.com/en_mahjongtowersetern/online/ "
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Acer Tour]
mRun: [PLFSet] rundll32.exe c:\windows\PLFSet.dll,PLFDefSetting
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe "
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe "
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe "
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Acer Assist Launcher] c:\program files\acer assist\launcher.exe
mRun: [Acer Product Registration] "c:\program files\acer registration\ACE1.exe" /startup
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll "
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Skytel] Skytel.exe
mRun: [ImgTask] c:\windows\Imgtask.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe "
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\iwinde~1.lnk - c:\programdata\iwin games\desktopalerts\DesktopAlerts.exe
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/World%20Mosaics/Images/armhelper.ocx
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-9-11 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-9-11 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-9-11 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-9-11 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-9-11 308136]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-2-8 179712]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-11-3 21504]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-5-19 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-11-3 16896]

=============== Created Last 30 ================

2010-10-12 22:35:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-12 22:34:34 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-12 22:34:34 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-12 22:34:34 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-12 22:34:26 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-12 22:34:25 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-12 22:34:02 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-12 22:32:46 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-09-28 20:34:57 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-16 02:05:31 0 d-----w- C:\0fc5922dcb93c10bd9be0312f110305c
2010-09-14 23:29:08 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-14 23:29:00 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 23:28:55 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-14 23:28:26 739328 ----a-w- c:\windows\system32\inetcomm.dll

==================== Find3M ====================

2010-09-11 22:28:46 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-09-11 22:28:44 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-09-11 22:28:32 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-08-31 15:46:37 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46:37 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44:31 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27:38 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-08-26 16:37:45 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-07-31 03:50:03 86016 ----a-w- c:\windows\inf\infstor.dat
2010-07-31 03:50:03 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-31 03:50:03 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-18 01:50:40 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-01-15 00:53:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-10-27 22:46:59 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 14:05:50.97 ===============

Admin. · 2010/10/14

You'd also have to post Attach.txt

broni · 2010/10/15

Also, you're running two AV programs, Norton and AVG.
One of them has to go.
If AVG, use AVG Remover: http://www.avg.com/us-en/download-tools
If Norton, use Norton Removal Tool: http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN

flyboy1565 · 2010/10/15

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/27/2008 2:54:14 PM
System Uptime: 10/14/2010 10:39:14 PM (1 hours ago)

Motherboard: Acer | | Columbia
Processor: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz | U2E1 | 1000/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 142.758 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Broadcom NetLink (TM) Gigabit Ethernet
Device ID: PCI\VEN_14E4&DEV_1693&SUBSYS_011C1025&REV_02\4&87CE153&0&00E0
Manufacturer: Broadcom
Name: Broadcom NetLink (TM) Gigabit Ethernet
PNP Device ID: PCI\VEN_14E4&DEV_1693&SUBSYS_011C1025&REV_02\4&87CE153&0&00E0
Service: b57nd60x

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: HP Officejet J6400
Device ID: ROOT\IMAGE\0000
Manufacturer: Hewlett-Packard
Name: HP Officejet J6400
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet J6400 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet J6400 series
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\PRINTER\0000
Service:

==== System Restore Points ===================

==== Installed Programs ======================

32 Bit HP CIO Components Installer
6400_Help
Acer Assist
Acer Crystal Eye webcam
Acer eDataSecurity Management
Acer eLock Management
Acer Empowering Technology
Acer eNet Management
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer GridVista
Acer Mobility Center Plug-In
Acer Registration
Acer ScreenSaver
Acer Tour
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Agatha Christie - Murder on the Orient Express
Alex Gordon
AVG Free 9.0
Big City Adventure San Francisco
Big Fish Games: Game Manager
bpd_scan
BPDSoftware
BPDSoftware_Ini
Broadcom Gigabit Integrated Controller
BufferChm
Cassandra's Journey: The Legacy of Nostradamus
Coupon Printer for Windows
Creative Vado HD Codec
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocMgr
DocProc
DocProcQFolder
eGames Toolbar
eSupportQFolder
Fax
Ghost Hunters Majesty Manor
Google Toolbar for Internet Explorer
Google Updater
GPBaseService
GPBaseService2
Harlequin Presents ™: Hidden Object of Desire
Haunted Hotel II: Believe the Lies
HDAUDIO Soft Data Fax Modem with SmartCP
Hidden Relics
Hide and Secret
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Document Manager 1.0
HP Imaging Device Functions 10.0
HP Officejet J6400 Series
HP Photosmart Essential 2.5
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HP_Network_UserGuide
HPProductAssistant
HPSSupply
InstallMgr
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Intel(R) PROSet/Wireless WiFi Software
iWin Games (remove only)
J6400
Jane Angel: Templar Mystery
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
Launch Manager
LightScribe 1.4.142.1
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Margrave Manor 2: The Lost Ship
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSN Toolbar
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Murder, She Wrote
Mystery Case Files - Huntsville (remove only)
Mystery Case Files: Madame Fate
Mystery P.I. - The Lottery Ticket 1.0.0.5
Mystery Solitaire: Secret Island (remove only)
Natalie Brooks: The Treasures of the Lost Kingdom
Network
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
NTI Shadow
OCR Software by I.R.I.S. 10.0
OGA Notifier 2.0.0048.0
PowerDVD
ProductContext
PSSWCORE
Realtek High Definition Audio Driver
Return to Mysterious Island
Samantha Swift and the Hidden Roses of Athena
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
ShopAtHome SelectRebates
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Sprill and Ritchie: Adventures in Time
Status
Steve The Sheriff ™
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
The Hidden Object Show Combo Pack
The Secret of Margrave Manor
TIPCI
Toolbox
TrayApp
Treasure Masters, Inc.
Treasure Seekers: The Enchanted Canvases
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Valerie Porter and the Scarlet Scandal
VideoToolkit01
Walmart Photo Manager
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
World Mosaics
Yahoo! BrowserPlus
Yahoo! Toolbar
Yard Sale Hidden Treasures: Sunnyville

==== End Of File ===========================

broni · 2010/10/15

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

broni · 2010/10/25

Reopened on user request.

broni · 2010/10/30

Reopened for no reason?

flyboy1565 · 2010/10/30

sorry broni, i haven't connected with my grandma in a couple of days. I'm at her house now, and i'll work on postings tonight i do apologize

flyboy1565 · 2010/10/30

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Acer
System Product Name: Extensa 5620
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 161):
0x82214000 \SystemRoot\system32\ntkrnlpa.exe
0x825CD000 \SystemRoot\system32\hal.dll
0x80407000 \SystemRoot\system32\kdcom.dll
0x8040E000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8047E000 \SystemRoot\system32\PSHED.dll
0x8048F000 \SystemRoot\system32\BOOTVID.dll
0x80497000 \SystemRoot\system32\CLFS.SYS
0x804D8000 \SystemRoot\system32\CI.dll
0x80603000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067F000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068C000 \SystemRoot\system32\drivers\acpi.sys
0x806D2000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DB000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E3000 \SystemRoot\system32\drivers\pci.sys
0x8070A000 \SystemRoot\System32\drivers\partmgr.sys
0x80719000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8071C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x80726000 \SystemRoot\system32\drivers\volmgr.sys
0x80735000 \SystemRoot\System32\drivers\volmgrx.sys
0x8077F000 \SystemRoot\system32\drivers\intelide.sys
0x80786000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x80794000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x807C1000 \SystemRoot\System32\drivers\mountmgr.sys
0x86005000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x860CC000 \SystemRoot\system32\drivers\atapi.sys
0x860D4000 \SystemRoot\system32\drivers\ataport.SYS
0x860F2000 \SystemRoot\system32\drivers\fltmgr.sys
0x86124000 \SystemRoot\system32\drivers\fileinfo.sys
0x86134000 \SystemRoot\system32\DRIVERS\psdfilter.sys
0x8613D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8620A000 \SystemRoot\system32\drivers\ndis.sys
0x86315000 \SystemRoot\system32\drivers\msrpc.sys
0x86340000 \SystemRoot\system32\drivers\NETIO.SYS
0x8640A000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8651A000 \SystemRoot\system32\drivers\volsnap.sys
0x86553000 \SystemRoot\System32\Drivers\spldr.sys
0x8655B000 \SystemRoot\system32\drivers\psdvdisk.sys
0x8656D000 \SystemRoot\system32\drivers\PSDNServ.sys
0x86576000 \SystemRoot\System32\Drivers\mup.sys
0x86585000 \SystemRoot\System32\drivers\ecache.sys
0x865AC000 \SystemRoot\system32\drivers\disk.sys
0x865BD000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x865DE000 \SystemRoot\system32\drivers\crcdisk.sys
0x8A2D4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8A2DF000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8A2E8000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8A2F7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8A404000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8AABF000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8AB60000 \SystemRoot\System32\drivers\watchdog.sys
0x8AB6C000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8AB77000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8ABB5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8A300000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8B003000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
0x8B38C000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8B39C000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8B3AA000 \SystemRoot\system32\drivers\tifm21.sys
0x8ABC4000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8B3F6000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8ABDE000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8ABF1000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8A38D000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8A398000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8B3FA000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8A3C3000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8A3CE000 \SystemRoot\system32\DRIVERS\nscirda.sys
0x8A3D6000 \SystemRoot\system32\drivers\irenum.sys
0x8A3DF000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B3FC000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0x8637B000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x863AA000 \SystemRoot\system32\DRIVERS\storport.sys
0x8A2C9000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x861AE000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x865F4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x861C5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x863EB000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x861E8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x807D1000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x807E6000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8B3FE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x805B8000 \SystemRoot\system32\DRIVERS\ks.sys
0x86400000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x805E2000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8B807000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8B83C000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8B84D000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8D002000 \SystemRoot\system32\drivers\portcls.sys
0x8D02F000 \SystemRoot\system32\drivers\drmk.sys
0x8D054000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8D091000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8D206000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x8D2BA000 \SystemRoot\system32\drivers\modem.sys
0x8D2C7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8D2D0000 \SystemRoot\System32\Drivers\Null.SYS
0x8D2D7000 \SystemRoot\System32\Drivers\Beep.SYS
0x8D2DE000 \SystemRoot\System32\drivers\vga.sys
0x8D2EA000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8D30B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8D313000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8D31B000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8D326000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8D334000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8D604000 \SystemRoot\System32\drivers\tcpip.sys
0x8D6EE000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D709000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D71F000 \SystemRoot\system32\DRIVERS\smb.sys
0x8D733000 \SystemRoot\System32\Drivers\avgtdix.sys
0x8D76D000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8D79F000 \SystemRoot\system32\drivers\afd.sys
0x8D7E7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8D33D000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8D34B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8D35E000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8D39A000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8D194000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8DC0E000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x8DDB5000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x8DDC2000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x8DDC9000 \SystemRoot\System32\Drivers\dfsc.sys
0x8DDE0000 \SystemRoot\System32\Drivers\avgmfx86.sys
0x8D3A4000 \SystemRoot\System32\Drivers\avgldx86.sys
0x8DDE6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8DC00000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8D3D8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8D3E8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8D3EF000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8D1F2000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8A200000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x92AF0000 \SystemRoot\System32\win32k.sys
0x865E7000 \SystemRoot\System32\drivers\Dxapi.sys
0x805EF000 \SystemRoot\system32\DRIVERS\monitor.sys
0x92D10000 \SystemRoot\System32\TSDDD.dll
0x92D30000 \SystemRoot\System32\cdd.dll
0xAA60A000 \SystemRoot\system32\drivers\luafv.sys
0xAA62D000 \SystemRoot\system32\DRIVERS\irda.sys
0xAA64B000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xAA65B000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xAA685000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAA68F000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xAA6A2000 \SystemRoot\system32\drivers\spsys.sys
0xAA752000 \SystemRoot\system32\drivers\HTTP.sys
0xAA7BF000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xAA7DC000 \SystemRoot\system32\DRIVERS\bowser.sys
0xAD80E000 \SystemRoot\System32\drivers\mpsdrv.sys
0xAD823000 \SystemRoot\system32\drivers\mrxdav.sys
0xAD844000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAD863000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xAD89C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAD8B4000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAD8DC000 \SystemRoot\System32\DRIVERS\srv.sys
0xAD942000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xAD958000 \??\C:\Windows\system32\drivers\int15.sys
0xAD969000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xB1E00000 \SystemRoot\system32\drivers\peauth.sys
0xB1EDE000 \SystemRoot\System32\Drivers\secdrv.SYS
0xB1EE8000 \SystemRoot\System32\drivers\tcpipreg.sys
0xB1EF4000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xB1EFC000 \??\C:\Program Files\CyberLink\PowerDVD\000.fcl
0xB1F02000 \SystemRoot\system32\DRIVERS\serscan.sys
0x775C0000 \Windows\System32\ntdll.dll

Processes (total 100):
0 System Idle Process
4 System
528 C:\Windows\System32\smss.exe
596 csrss.exe
664 csrss.exe
672 C:\Windows\System32\wininit.exe
684 C:\Program Files\AVG\AVG9\avgchsvx.exe
712 C:\Windows\System32\winlogon.exe
724 C:\Program Files\AVG\AVG9\avgrsx.exe
788 C:\Program Files\AVG\AVG9\avgcsrvx.exe
828 C:\Windows\System32\services.exe
848 C:\Windows\System32\lsass.exe
976 C:\Windows\System32\lsm.exe
1240 C:\Windows\System32\svchost.exe
1308 C:\Windows\System32\svchost.exe
1460 C:\Windows\System32\svchost.exe
1484 C:\Windows\System32\svchost.exe
1508 C:\Windows\System32\svchost.exe
1584 C:\Windows\System32\audiodg.exe
1600 C:\Windows\System32\svchost.exe
1624 C:\Windows\System32\SLsvc.exe
1704 C:\Windows\System32\svchost.exe
1856 C:\Windows\System32\svchost.exe
624 C:\Windows\System32\wlanext.exe
632 C:\Windows\System32\dwm.exe
1024 C:\Windows\explorer.exe
1080 C:\Windows\System32\taskeng.exe
1132 C:\Windows\System32\spoolsv.exe
1444 C:\Windows\System32\svchost.exe
2076 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
2132 C:\Program Files\AVG\AVG9\avgwdsvc.exe
2176 C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
2280 C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
2336 C:\Windows\RtHDVCpl.exe
2400 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2504 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2516 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
2588 C:\Program Files\AVG\AVG9\avgnsx.exe
2844 C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
2920 C:\Acer\Empowering Technology\eNet\eNet Service.exe
2992 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
3040 C:\Windows\System32\svchost.exe
3172 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
3208 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
3228 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
3244 C:\Acer\Mobility Center\MobilityService.exe
3272 C:\Windows\System32\svchost.exe
3388 C:\Windows\System32\svchost.exe
3400 C:\Windows\System32\svchost.exe
3420 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
3452 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
3484 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
3524 C:\Windows\System32\svchost.exe
3632 C:\Windows\System32\svchost.exe
3676 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
3768 C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
3800 C:\Windows\System32\SearchIndexer.exe
3840 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3920 C:\Windows\System32\drivers\XAudio.exe
3948 C:\Program Files\AVG\AVG9\avgemc.exe
3976 C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
4032 WmiPrvSE.exe
2256 C:\Program Files\AVG\AVG9\avgcsrvx.exe
2580 unsecapp.exe
2736 C:\Windows\System32\taskeng.exe
2300 C:\Users\Owner\AppData\Local\Temp\RtkBtMnt.exe
3740 C:\Windows\System32\svchost.exe
3004 C:\Program Files\Launch Manager\LManager.exe
1568 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
1788 C:\Windows\Imgtask.exe
4104 C:\Program Files\Common Files\Java\Java Update\jusched.exe
4124 C:\Windows\System32\igfxtray.exe
4136 C:\Windows\System32\hkcmd.exe
4144 C:\Windows\System32\igfxpers.exe
4152 C:\Program Files\AVG\AVG9\avgtray.exe
4160 C:\Program Files\Windows Sidebar\sidebar.exe
4200 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
4212 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
4228 C:\Windows\System32\igfxext.exe
4308 C:\Windows\System32\igfxsrvc.exe
4384 C:\Windows\System32\igfxsrvc.exe
4544 C:\Acer\Empowering Technology\eNet\eNMTray.exe
4560 C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
4572 C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
4604 WmiPrvSE.exe
5636 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
6068 C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
4600 C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
8100 C:\Windows\System32\svchost.exe
12176 C:\Windows\System32\taskeng.exe
12088 C:\Program Files\bfgclient\bfgclient.exe
10968 C:\Program Files\Internet Explorer\iexplore.exe
2220 C:\Program Files\Internet Explorer\iexplore.exe
12156 C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
12080 C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe
12636 C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OS95HJB\avg_free_stb_all_2011_1153_upgrade[1].exe
14224 C:\Users\Owner\AppData\Local\Temp\7zSD060.tmp\avgmfapx.exe
4468 C:\Windows\System32\msiexec.exe
13916 C:\Windows\System32\msiexec.exe
13560 C:\Users\Owner\Documents\Computer Helper\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: ST9250827AS, Rev: 3.AAA

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

Done!

here is the mbr report.
thanks for your time!

i also believe i have the same issue with norton on this computer. (that is that i can't unistall it completely)

broni · 2010/10/30

We can delete leftovers manually, but how exactly does it interfere?

flyboy1565 · 2010/10/31

well in an earlier post, u said pick one of the antivirus programs. i unistalled norton and it showed back up in my programs list.

broni · 2010/10/31

Don't worry about it. We'll remove leftovers manually.

broni · 2010/11/07

Topic reopened on user request.

flyboy1565 · 2010/11/07

ok broni what else, should i do. i try gmer and had issues with it. even in safe it rebooted the computer.

broni · 2010/11/07

Skip GMER for now.
I still need MBAM log.

flyboy1565 · 2010/11/08

Malwarebytes' Anti-Malware 1.44
Database version: 3754
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/8/2010 3:48:57 AM
mbam-log-2010-11-08 (03-48-36).txt

Scan type: Quick Scan
Objects scanned: 110284
Time elapsed: 30 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

broni · 2010/11/08

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.

Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

flyboy1565 · 2010/11/10

2010/11/10 08:45:53.0104 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
2010/11/10 08:45:53.0104 ================================================================================
2010/11/10 08:45:53.0104 SystemInfo:
2010/11/10 08:45:53.0104
2010/11/10 08:45:53.0104 OS Version: 6.0.6002 ServicePack: 2.0
2010/11/10 08:45:53.0104 Product type: Workstation
2010/11/10 08:45:53.0104 ComputerName: OWNER-PC
2010/11/10 08:45:53.0104 UserName: Owner
2010/11/10 08:45:53.0104 Windows directory: C:\Windows
2010/11/10 08:45:53.0104 System windows directory: C:\Windows
2010/11/10 08:45:53.0104 Processor architecture: Intel x86
2010/11/10 08:45:53.0104 Number of processors: 2
2010/11/10 08:45:53.0104 Page size: 0x1000
2010/11/10 08:45:53.0104 Boot type: Normal boot
2010/11/10 08:45:53.0104 ================================================================================
2010/11/10 08:46:05.0444 Initialize success
2010/11/10 08:46:11.0964 ================================================================================
2010/11/10 08:46:11.0964 Scan started
2010/11/10 08:46:11.0964 Mode: Manual;
2010/11/10 08:46:11.0964 ================================================================================
2010/11/10 08:46:18.0610 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/11/10 08:46:20.0045 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2010/11/10 08:46:20.0966 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2010/11/10 08:46:21.0356 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2010/11/10 08:46:21.0730 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2010/11/10 08:46:22.0510 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/11/10 08:46:23.0571 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2010/11/10 08:46:24.0070 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/11/10 08:46:24.0741 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2010/11/10 08:46:25.0209 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2010/11/10 08:46:25.0817 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2010/11/10 08:46:26.0519 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2010/11/10 08:46:27.0018 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2010/11/10 08:46:28.0142 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2010/11/10 08:46:28.0656 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2010/11/10 08:46:29.0031 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/10 08:46:29.0780 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/11/10 08:46:30.0185 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys
2010/11/10 08:46:31.0324 AVGIDSDriver (5f6c56305ea73760cdafc7604d64bbe0) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2010/11/10 08:46:32.0354 AVGIDSEH (20a2d48722cf055c846bdeafa4f733ce) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2010/11/10 08:46:33.0336 AVGIDSFilter (0a95333ca80ca8b79d612f3965466cc0) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2010/11/10 08:46:33.0773 AVGIDSShim (ab7e4b37126447ffe4fb639901012fb3) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
2010/11/10 08:46:34.0257 Avgldx86 (1119e5bec6e749e0d292f0f84d48edba) C:\Windows\system32\DRIVERS\avgldx86.sys
2010/11/10 08:46:34.0818 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\Windows\system32\DRIVERS\avgmfx86.sys
2010/11/10 08:46:35.0489 Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\Windows\system32\DRIVERS\avgrkx86.sys
2010/11/10 08:46:35.0957 Avgtdix (2fd3e3a57fb90679a3a83eeed0360cfd) C:\Windows\system32\DRIVERS\avgtdix.sys
2010/11/10 08:46:36.0628 b57nd60x (0b92ccf7bfcbe2b33838434f2f50cb61) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/11/10 08:46:37.0252 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/11/10 08:46:38.0250 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/10 08:46:39.0015 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/10 08:46:39.0935 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/11/10 08:46:40.0793 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/11/10 08:46:41.0698 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/11/10 08:46:42.0540 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/10 08:46:43.0414 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/11/10 08:46:44.0303 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/11/10 08:46:45.0317 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/10 08:46:46.0799 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/10 08:46:47.0564 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2010/11/10 08:46:48.0094 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/11/10 08:46:48.0780 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/10 08:46:49.0248 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2010/11/10 08:46:49.0716 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/10 08:46:50.0169 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2010/11/10 08:46:50.0356 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2010/11/10 08:46:50.0746 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/11/10 08:46:51.0042 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/11/10 08:46:51.0386 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2010/11/10 08:46:52.0088 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/11/10 08:46:52.0680 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/10 08:46:53.0133 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/11/10 08:46:53.0616 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/11/10 08:46:54.0162 eeCtrl (47ce4e650d91dc095a2fddb15631a78a) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/11/10 08:46:54.0693 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2010/11/10 08:46:55.0270 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/11/10 08:46:55.0878 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/11/10 08:46:56.0331 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/10 08:46:56.0970 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/11/10 08:46:57.0641 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/11/10 08:46:57.0891 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/10 08:46:58.0671 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/11/10 08:46:59.0295 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2010/11/10 08:46:59.0622 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/10 08:46:59.0856 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/10 08:47:00.0309 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2010/11/10 08:47:00.0824 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/10 08:47:01.0650 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/11/10 08:47:02.0430 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/11/10 08:47:02.0883 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/10 08:47:03.0366 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2010/11/10 08:47:03.0741 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2010/11/10 08:47:04.0178 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2010/11/10 08:47:04.0880 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2010/11/10 08:47:05.0348 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/11/10 08:47:05.0972 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2010/11/10 08:47:06.0190 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/10 08:47:06.0798 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/11/10 08:47:08.0608 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys
2010/11/10 08:47:09.0185 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2010/11/10 08:47:10.0449 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/11/10 08:47:11.0057 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/11/10 08:47:11.0588 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Windows\system32\drivers\int15.sys
2010/11/10 08:47:12.0165 IntcAzAudAddService (9438fe15da89c6aace8a79db2c6f60c1) C:\Windows\system32\drivers\RTKVHDA.sys
2010/11/10 08:47:12.0711 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/11/10 08:47:13.0241 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/10 08:47:13.0881 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/10 08:47:14.0208 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/10 08:47:14.0770 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/10 08:47:15.0472 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
2010/11/10 08:47:16.0065 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/11/10 08:47:16.0736 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2010/11/10 08:47:17.0188 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/10 08:47:17.0531 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/11/10 08:47:18.0015 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/11/10 08:47:19.0278 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/10 08:47:19.0590 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2010/11/10 08:47:20.0121 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/10 08:47:20.0994 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/10 08:47:21.0275 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/10 08:47:21.0478 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/10 08:47:21.0603 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/10 08:47:21.0681 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/11/10 08:47:22.0102 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2010/11/10 08:47:22.0414 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2010/11/10 08:47:22.0898 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/11/10 08:47:23.0459 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/10 08:47:23.0896 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/10 08:47:24.0286 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/10 08:47:24.0754 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/11/10 08:47:25.0253 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2010/11/10 08:47:25.0581 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/10 08:47:26.0236 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/10 08:47:27.0047 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/11/10 08:47:27.0312 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/10 08:47:28.0186 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/10 08:47:28.0467 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/10 08:47:28.0982 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2010/11/10 08:47:29.0340 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2010/11/10 08:47:29.0496 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/11/10 08:47:29.0684 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/11/10 08:47:29.0980 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/10 08:47:30.0510 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/10 08:47:30.0994 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/11/10 08:47:31.0290 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/11/10 08:47:31.0680 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/10 08:47:32.0195 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/11/10 08:47:32.0320 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/11/10 08:47:32.0523 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/10 08:47:32.0819 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/11/10 08:47:33.0053 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/10 08:47:33.0381 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/10 08:47:33.0880 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/10 08:47:34.0114 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/11/10 08:47:34.0379 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/10 08:47:34.0800 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/10 08:47:35.0487 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2010/11/10 08:47:36.0360 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/11/10 08:47:39.0792 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
2010/11/10 08:47:40.0713 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/11/10 08:47:41.0118 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/11/10 08:47:41.0274 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
2010/11/10 08:47:41.0384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/10 08:47:41.0680 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/11/10 08:47:41.0945 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2010/11/10 08:47:45.0393 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/11/10 08:47:45.0908 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/11/10 08:47:46.0142 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2010/11/10 08:47:46.0282 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2010/11/10 08:47:46.0594 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2010/11/10 08:47:47.0312 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/10 08:47:47.0655 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/11/10 08:47:47.0826 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/11/10 08:47:48.0154 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/11/10 08:47:48.0653 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/11/10 08:47:49.0043 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2010/11/10 08:47:49.0340 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/11/10 08:47:49.0870 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/11/10 08:47:50.0525 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/10 08:47:50.0993 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2010/11/10 08:47:51.0336 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/10 08:47:51.0773 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
2010/11/10 08:47:52.0257 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
2010/11/10 08:47:52.0522 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
2010/11/10 08:47:52.0912 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2010/11/10 08:47:53.0333 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/11/10 08:47:53.0630 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/10 08:47:53.0801 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/10 08:47:54.0441 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/10 08:47:54.0878 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/10 08:47:55.0174 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/10 08:47:55.0658 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/10 08:47:56.0360 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/10 08:47:56.0672 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2010/11/10 08:47:57.0077 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/10 08:47:57.0842 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/11/10 08:47:58.0232 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/10 08:47:58.0684 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
2010/11/10 08:47:59.0183 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/11/10 08:47:59.0604 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/10 08:47:59.0948 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/10 08:48:00.0338 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/11/10 08:48:00.0743 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/11/10 08:48:01.0289 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/11/10 08:48:01.0664 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/10 08:48:02.0241 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/10 08:48:02.0381 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/10 08:48:02.0834 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/11/10 08:48:03.0348 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2010/11/10 08:48:03.0692 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2010/11/10 08:48:04.0066 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2010/11/10 08:48:04.0347 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/11/10 08:48:05.0330 SNP2UVC (53d1e2ecbf26b313ffdd2b8ba3d2f66e) C:\Windows\system32\DRIVERS\snp2uvc.sys
2010/11/10 08:48:05.0751 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/11/10 08:48:06.0032 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2010/11/10 08:48:06.0656 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/10 08:48:07.0155 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/10 08:48:07.0997 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2010/11/10 08:48:08.0512 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/10 08:48:08.0871 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/11/10 08:48:09.0261 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/11/10 08:48:09.0542 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/11/10 08:48:09.0916 SynTP (f7a4250bb3e3afcd4af100e551509352) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/10 08:48:14.0846 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/11/10 08:48:15.0844 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/10 08:48:16.0343 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/10 08:48:17.0591 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/11/10 08:48:18.0246 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/11/10 08:48:18.0980 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/10 08:48:20.0009 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/10 08:48:21.0179 tifm21 (78213f01ce781f93180bef5eb5b3ad81) C:\Windows\system32\drivers\tifm21.sys
2010/11/10 08:48:22.0022 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/10 08:48:22.0692 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/10 08:48:23.0176 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/10 08:48:23.0862 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2010/11/10 08:48:24.0315 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/10 08:48:24.0923 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/10 08:48:25.0391 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2010/11/10 08:48:25.0968 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/11/10 08:48:26.0530 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/11/10 08:48:26.0967 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/10 08:48:27.0606 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/10 08:48:28.0433 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/11/10 08:48:29.0120 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/10 08:48:29.0650 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/10 08:48:30.0227 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/11/10 08:48:30.0680 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/10 08:48:31.0226 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/10 08:48:31.0631 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/10 08:48:31.0928 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/10 08:48:32.0442 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
2010/11/10 08:48:32.0942 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/10 08:48:33.0300 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/11/10 08:48:33.0690 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2010/11/10 08:48:34.0252 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2010/11/10 08:48:34.0970 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2010/11/10 08:48:35.0453 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/11/10 08:48:36.0124 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/11/10 08:48:36.0888 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/11/10 08:48:37.0419 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2010/11/10 08:48:37.0980 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/11/10 08:48:38.0682 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/10 08:48:38.0760 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/10 08:48:39.0104 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2010/11/10 08:48:39.0540 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/10 08:48:40.0570 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2010/11/10 08:48:42.0036 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/10 08:48:42.0738 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/11/10 08:48:43.0518 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/10 08:48:44.0002 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
2010/11/10 08:48:44.0782 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/10 08:48:45.0359 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2010/11/10 08:48:45.0780 {95808DC4-FA4A-4c74-92FE-5B863F82066B} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\CyberLink\PowerDVD\000.fcl
2010/11/10 08:48:45.0890 ================================================================================
2010/11/10 08:48:45.0890 Scan finished
2010/11/10 08:48:45.0890 ================================================================================
2010/11/10 08:45:53.0104 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
2010/11/10 08:45:53.0104

broni · 2010/11/10

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

[color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

[color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.pif
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.

If using Vista or Windows 7 right-click on it and choose Run As Administrator.

A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

If not, delete the file, then download and use the one provided in Link 2.

If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.

Do not reboot until instructed.

If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

flyboy1565 · 2010/11/11

ComboFix 10-11-10.03 - Owner 11/11/2010 8:15.1.2 - x86
Running from: c:\users\Owner\Documents\Computer Helper\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Owner\AppData\Roaming\TMInc
c:\users\Owner\AppData\Roaming\TMInc\game.cfg
c:\users\Owner\AppData\Roaming\TMInc\user1.sav
c:\windows\Temp\log.txt

.
((((((((((((((((((((((((( Files Created from 2010-10-11 to 2010-11-11 )))))))))))))))))))))))))))))))
.

2010-11-11 17:02 . 2010-11-11 17:06 -------- d-----w- c:\users\Owner\AppData\Local\temp
2010-11-11 17:02 . 2010-11-11 17:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-09 21:04 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-07 03:31 . 2010-11-07 03:31 -------- d-----w- c:\users\Owner\AppData\Local\Windows Live Writer
2010-11-07 03:31 . 2010-11-07 03:31 -------- d-----w- c:\users\Owner\AppData\Roaming\Windows Live Writer
2010-10-31 04:17 . 2010-10-31 04:17 -------- d-----w- c:\users\Owner\AppData\Roaming\AVG10
2010-10-31 04:13 . 2010-10-31 04:13 -------- d--h--w- c:\programdata\Common Files
2010-10-31 04:10 . 2010-11-11 16:05 -------- d-----w- c:\windows\system32\drivers\AVG
2010-10-31 04:10 . 2010-10-31 04:16 -------- d-----w- c:\programdata\AVG10
2010-10-31 03:19 . 2010-10-31 03:37 -------- d-----w- c:\programdata\MFAData
2010-10-26 22:09 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-26 22:09 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-26 22:09 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-22 04:39 . 2010-10-22 04:39 -------- d-----w- c:\windows\en
2010-10-22 04:38 . 2010-09-23 07:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-22 04:27 . 2009-09-05 00:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-10-22 04:27 . 2009-09-05 00:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-10-22 04:27 . 2009-09-05 00:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-10-22 04:27 . 2010-10-22 04:27 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\5e0bb82b1cb71a120\MeshBetaRemover.exe
2010-10-22 04:22 . 2010-10-22 04:22 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\bb5d72db1cb71a018\DSETUP.dll
2010-10-22 04:22 . 2010-10-22 04:22 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\bb5d72db1cb71a018\DXSETUP.exe
2010-10-22 04:22 . 2010-10-22 04:22 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\bb5d72db1cb71a018\dsetup32.dll
2010-10-22 04:22 . 2010-10-22 04:22 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\b821febb1cb71a017\DSETUP.dll
2010-10-22 04:22 . 2010-10-22 04:22 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\b821febb1cb71a017\DXSETUP.exe
2010-10-22 04:22 . 2010-10-22 04:22 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\b821febb1cb71a017\dsetup32.dll
2010-10-22 04:05 . 2010-11-11 15:49 -------- d-----w- c:\users\Owner\AppData\Local\Windows Live
2010-10-22 03:53 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-12 22:35 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-12 22:35 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-12 22:34 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-12 22:34 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-12 22:34 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-12 22:34 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-12 22:34 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-12 22:34 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-12 22:32 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-23 07:47 . 2010-09-23 07:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-23 07:32 . 2010-09-23 07:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-13 23:27 . 2010-09-13 23:27 25680 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2010-09-07 10:49 . 2010-09-07 10:49 298448 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-09-07 10:48 . 2010-09-07 10:48 34384 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-09-07 10:48 . 2010-09-07 10:48 249424 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-09-07 10:48 . 2010-09-07 10:48 26064 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-08-26 16:33 . 2010-10-26 22:09 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-26 22:09 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-26 22:09 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-26 22:09 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-20 04:42 . 2010-08-20 04:42 27216 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2010-08-20 04:42 . 2010-08-20 04:42 123472 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2010-08-20 04:42 . 2010-08-20 04:42 30288 ----a-w- c:\windows\system32\drivers\AVGIDSFilter.sys
2010-08-18 00:31 . 2010-09-11 21:42 5934416 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{66BC4E2A-127B-4560-9B31-9B83C1BE1594}\mpengine.dll
2010-08-17 14:11 . 2010-09-14 23:29 128000 ----a-w- c:\windows\system32\spoolsv.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Acer Tour Reminder "= "c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
"msnmsgr "= "c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-23 4240760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl "= "RtHDVCpl.exe" [2007-05-29 4472832]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"PLFSet "= "c:\windows\PLFSet.dll" [2007-04-24 45056]
"IAAnotif "= "c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"RemoteControl "= "c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut "= "c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"eDataSecurity Loader "= "c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"LManager "= "c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-15 850704]
"Acer Assist Launcher "= "c:\program files\Acer Assist\launcher.exe" [2007-02-02 1261568]
"Acer Product Registration "= "c:\program files\Acer Registration\ACE1.exe" [2007-02-02 3383296]
"Symantec PIF AlertEng "= "c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048]
"hpqSRMon "= "c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"Skytel "= "Skytel.exe" [2007-05-29 1826816]
"Microsoft Default Manager "= "c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"AVG_TRAY "= "c:\program files\AVG\AVG10\avgtray.exe" [2010-09-15 2745696]

c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OneNote Table Of Contents.onetoc2 [2010-8-6 3656]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-8-25 535336]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle "= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux "=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@= "Service "

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 16896]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-09-07 298448]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2010-09-10 265400]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-20 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-20 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-20 27216]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 11:32 128512 ----a-w- c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder

2010-11-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-04 01:54]

2010-11-11 c:\windows\Tasks\User_Feed_Synchronization-{8856CB8C-002E-4D02-8AB1-BAC45C22AAD2}.job
- c:\windows\system32\msfeedssync.exe [2010-10-12 04:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.att.net/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.us.acer.yahoo.com
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Acer Tour - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-11 09:06
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath "= "\??\c:\program files\CyberLink\PowerDVD\000.fcl "
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
Completion time: 2010-11-11 09:18:09
ComboFix-quarantined-files.txt 2010-11-11 17:17

Pre-Run: 151,155,388,416 bytes free
Post-Run: 152,012,234,752 bytes free

- - End Of File - - 89E1C128F1B7DFFA0E2BAA4B76C49FA0

Log in or Sign up

Solved Computer Slow After Cleaning By Malwarebytes

flyboy1565 Inactive Thread Starter

Admin. Administrator Administrator Staff

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Computer Slow After Cleaning By Malwarebytes

flyboy1565 Inactive Thread Starter

Admin. Administrator Administrator Staff

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

broni Moderator Malware Analyst

flyboy1565 Inactive Thread Starter

Share This Page

Useful Searches