View Full Version : Fake Antivirus pop up
A little history before the log. My wife had a fake antivirus software malware pop up, it also changed the desktop wallpaper to their virus found web page and locked out the option to change it. It appears the program itself is gone now (spybot and AVG) , but the option for changing the wallpaper, etc is gone, so we have some damage still there. Here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:02 AM, on 8/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: Shell=Explorer.exe logon.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [winupdate.exe] C:\WINDOWS\system32\winupdate.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8144 bytes
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar problems, please post a log in the HJT forum and wait for help.
Hello and welcome to the forums
My name is Katana and I will be helping you to remove any infection(s) that you may have.
Please observe these rules while we work:
Please Read All Instructions Carefully
If you don't understand something, stop and ask! Don't keep going on.
Please do not run any other tools or scans whilst I am helping you
Failure to reply within 5 days will result in the topic being closed.
Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)
If you can do those few things, everything should go smoothly http://www.countingcows.de/laechel.gif
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------
Download and Run RSIT
Please download Random's System Information Tool by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:
log.txt will be opened maximized.
info.txt will be opened minimized.
Please post the contents of both log.txt and info.txt.
( They can also be found in the C:\RSIT folder )
Please Download GMER to your desktop
Download GMER (http://www.gmer.net/gmer.zip) and extract it to your desktop.
***Please close any open programs ***
Double-click gmer.exe. The program will begin to run.
**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst
If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click Yes.
Once the scan is complete, you may receive another notice about rootkit activity.
Click OK.
GMER will produce a log. Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.
If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked. Click the Scan button and let the program do its work. GMER will produce a log.
Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.
DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !
----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
RSIT Logs
GMER Log
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2009-08-16 09:30:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 62 GB (81%) free of 76 GB
Total RAM: 1918 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:31:02 AM, on 8/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\my downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: Shell=Explorer.exe logon.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [winupdate.exe] C:\WINDOWS\system32\winupdate.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8222 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-16 333192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-07-28 882416]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - ZoneAlarm Spy Blocker Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-16 333192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2006-01-04 344064]
"SetRefresh"=C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2005-07-22 176128]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-10-23 233472]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2003-06-25 49152]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2008-12-12 157312]
"winupdate.exe"=C:\WINDOWS\system32\winupdate.exe []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced Virus Remover]
C:\Program Files\AdvancedVirusRemover\PAVRM.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
C:\Program Files\ALLPlayer\ALLUpdate.exe [2008-11-24 869888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6\ICQ.exe [2008-09-01 173304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-03-18 4363504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-01-05 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^IMVU.lnk]
C:\DOCUME~1\ADMINI~1\APPLIC~1\IMVUCL~1\IMVUCL~1.EXE [2009-01-26 49408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3
"IDriverT"=3
"ASKService"=2
"aawservice"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-05 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-08-16 09:30:43 ----D---- C:\rsit
2009-08-13 11:48:43 ----D---- C:\Program Files\Trend Micro
2009-08-13 11:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-08-13 03:02:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-13 03:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-13 03:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-13 03:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-13 03:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-13 03:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-13 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-13 03:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-13 03:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-10 18:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-08-10 18:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-10 00:03:18 ----D---- C:\Program Files\AskBarDis
2009-08-10 00:02:34 ----A---- C:\WINDOWS\system32\zpeng25.dll
2009-08-10 00:00:00 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-09 23:59:54 ----D---- C:\Program Files\MSBuild
2009-08-09 23:59:45 ----D---- C:\Program Files\Reference Assemblies
2009-08-09 23:59:13 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-09 23:59:13 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-09 23:59:13 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-09 23:59:13 ----D---- C:\ddd1fcc9e2fae00c404e3e3bb27d
2009-08-09 22:24:19 ----SHD---- C:\WINDOWS\system32\lowsec
2009-08-09 22:19:31 ----A---- C:\WINDOWS\system32\logon.exe
2009-08-09 22:19:19 ----A---- C:\WINDOWS\system32\SKYNETurohhxjn.dll
======List of files/folders modified in the last 1 months======
2009-08-16 09:30:50 ----D---- C:\WINDOWS\Prefetch
2009-08-16 09:30:36 ----D---- C:\my downloads
2009-08-16 09:29:19 ----D---- C:\WINDOWS\Temp
2009-08-16 09:28:20 ----D---- C:\Program Files\Mozilla Firefox
2009-08-16 09:17:57 ----D---- C:\WINDOWS\system32\drivers
2009-08-15 15:44:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-14 22:31:53 ----D---- C:\WINDOWS\Internet Logs
2009-08-13 11:48:43 ----RD---- C:\Program Files
2009-08-13 11:33:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-13 11:13:47 ----D---- C:\WINDOWS
2009-08-13 11:13:18 ----D---- C:\WINDOWS\system32
2009-08-13 11:11:56 ----HD---- C:\WINDOWS\inf
2009-08-13 11:11:52 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-08-13 11:11:02 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-13 10:16:39 ----RASH---- C:\boot.ini
2009-08-13 10:16:39 ----N---- C:\WINDOWS\system.ini
2009-08-13 10:16:39 ----A---- C:\WINDOWS\win.ini
2009-08-13 03:02:50 ----A---- C:\WINDOWS\imsins.BAK
2009-08-13 03:02:06 ----D---- C:\Program Files\Outlook Express
2009-08-10 18:32:18 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-10 18:26:21 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-10 18:24:53 ----SHD---- C:\WINDOWS\Installer
2009-08-10 00:22:21 ----RSD---- C:\WINDOWS\assembly
2009-08-10 00:13:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-10 00:13:22 ----D---- C:\WINDOWS\WinSxS
2009-08-10 00:04:52 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-08-09 23:59:55 ----D---- C:\WINDOWS\system32\en-US
2009-08-09 23:59:50 ----RSD---- C:\WINDOWS\Fonts
2009-08-09 23:59:30 ----D---- C:\WINDOWS\system32\spool
2009-08-09 23:57:21 ----D---- C:\Program Files\Internet Explorer
2009-08-09 23:52:46 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-09 23:47:34 ----D---- C:\WINDOWS\Help
2009-08-09 23:20:52 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-05 03:01:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-29 18:49:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-29 09:06:10 ----D---- C:\WINDOWS\ie7updates
2009-07-19 07:33:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-19 07:32:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-17 13:01:06 ----A---- C:\WINDOWS\system32\atl.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-05 1420288]
S1 0005c497.sys;0005c497.sys; \??\C:\WINDOWS\System32\drivers\0005c497.sys []
S1 006dc4ff.sys;006dc4ff.sys; \??\C:\WINDOWS\System32\drivers\006dc4ff.sys []
S1 00b5bd3f.sys;00b5bd3f.sys; \??\C:\WINDOWS\System32\drivers\00b5bd3f.sys []
S1 00c8bd52.sys;00c8bd52.sys; \??\C:\WINDOWS\System32\drivers\00c8bd52.sys []
S1 00d3c565.sys;00d3c565.sys; \??\C:\WINDOWS\System32\drivers\00d3c565.sys []
S1 016dbdf7.sys;016dbdf7.sys; \??\C:\WINDOWS\System32\drivers\016dbdf7.sys []
S1 029266be.sys;029266be.sys; \??\C:\WINDOWS\System32\drivers\029266be.sys []
S1 030ec7a0.sys;030ec7a0.sys; \??\C:\WINDOWS\System32\drivers\030ec7a0.sys []
S1 0366c7f8.sys;0366c7f8.sys; \??\C:\WINDOWS\System32\drivers\0366c7f8.sys []
S1 03b0c842.sys;03b0c842.sys; \??\C:\WINDOWS\System32\drivers\03b0c842.sys []
S1 0427c0b1.sys;0427c0b1.sys; \??\C:\WINDOWS\System32\drivers\0427c0b1.sys []
S1 053ec1c7.sys;053ec1c7.sys; \??\C:\WINDOWS\System32\drivers\053ec1c7.sys []
S1 058e227e.sys;058e227e.sys; \??\C:\WINDOWS\System32\drivers\058e227e.sys []
S1 0629c2b2.sys;0629c2b2.sys; \??\C:\WINDOWS\System32\drivers\0629c2b2.sys []
S1 06f66b22.sys;06f66b22.sys; \??\C:\WINDOWS\System32\drivers\06f66b22.sys []
S1 06fdc387.sys;06fdc387.sys; \??\C:\WINDOWS\System32\drivers\06fdc387.sys []
S1 0761cbf3.sys;0761cbf3.sys; \??\C:\WINDOWS\System32\drivers\0761cbf3.sys []
S1 07a6c430.sys;07a6c430.sys; \??\C:\WINDOWS\System32\drivers\07a6c430.sys []
S1 0908c591.sys;0908c591.sys; \??\C:\WINDOWS\System32\drivers\0908c591.sys []
S1 0a05c68f.sys;0a05c68f.sys; \??\C:\WINDOWS\System32\drivers\0a05c68f.sys []
S1 0a13cea5.sys;0a13cea5.sys; \??\C:\WINDOWS\System32\drivers\0a13cea5.sys []
S1 0af35dfd.sys;0af35dfd.sys; \??\C:\WINDOWS\System32\drivers\0af35dfd.sys []
S1 0b2ecfc0.sys;0b2ecfc0.sys; \??\C:\WINDOWS\System32\drivers\0b2ecfc0.sys []
S1 0c6fc8f9.sys;0c6fc8f9.sys; \??\C:\WINDOWS\System32\drivers\0c6fc8f9.sys []
S1 0c86c90f.sys;0c86c90f.sys; \??\C:\WINDOWS\System32\drivers\0c86c90f.sys []
S1 0c8ad11c.sys;0c8ad11c.sys; \??\C:\WINDOWS\System32\drivers\0c8ad11c.sys []
S1 0cf57121.sys;0cf57121.sys; \??\C:\WINDOWS\System32\drivers\0cf57121.sys []
S1 0d577183.sys;0d577183.sys; \??\C:\WINDOWS\System32\drivers\0d577183.sys []
S1 0d8d71b9.sys;0d8d71b9.sys; \??\C:\WINDOWS\System32\drivers\0d8d71b9.sys []
S1 0e32cabb.sys;0e32cabb.sys; \??\C:\WINDOWS\System32\drivers\0e32cabb.sys []
S1 0e77d309.sys;0e77d309.sys; \??\C:\WINDOWS\System32\drivers\0e77d309.sys []
S1 0e98cb22.sys;0e98cb22.sys; \??\C:\WINDOWS\System32\drivers\0e98cb22.sys []
S1 0ebbcb45.sys;0ebbcb45.sys; \??\C:\WINDOWS\System32\drivers\0ebbcb45.sys []
S1 0f25cbaf.sys;0f25cbaf.sys; \??\C:\WINDOWS\System32\drivers\0f25cbaf.sys []
S1 0fe8cc72.sys;0fe8cc72.sys; \??\C:\WINDOWS\System32\drivers\0fe8cc72.sys []
S1 1004cc8d.sys;1004cc8d.sys; \??\C:\WINDOWS\System32\drivers\1004cc8d.sys []
S1 1124d5b6.sys;1124d5b6.sys; \??\C:\WINDOWS\System32\drivers\1124d5b6.sys []
S1 11a1ce2b.sys;11a1ce2b.sys; \??\C:\WINDOWS\System32\drivers\11a1ce2b.sys []
S1 11e2d674.sys;11e2d674.sys; \??\C:\WINDOWS\System32\drivers\11e2d674.sys []
S1 13a5d02e.sys;13a5d02e.sys; \??\C:\WINDOWS\System32\drivers\13a5d02e.sys []
S1 1428d8ba.sys;1428d8ba.sys; \??\C:\WINDOWS\System32\drivers\1428d8ba.sys []
S1 147d78aa.sys;147d78aa.sys; \??\C:\WINDOWS\System32\drivers\147d78aa.sys []
S1 1552d9e5.sys;1552d9e5.sys; \??\C:\WINDOWS\System32\drivers\1552d9e5.sys []
S1 15cfd258.sys;15cfd258.sys; \??\C:\WINDOWS\System32\drivers\15cfd258.sys []
S1 16b2d33c.sys;16b2d33c.sys; \??\C:\WINDOWS\System32\drivers\16b2d33c.sys []
S1 17db7c07.sys;17db7c07.sys; \??\C:\WINDOWS\System32\drivers\17db7c07.sys []
S1 180dd497.sys;180dd497.sys; \??\C:\WINDOWS\System32\drivers\180dd497.sys []
S1 182dd4b6.sys;182dd4b6.sys; \??\C:\WINDOWS\System32\drivers\182dd4b6.sys []
S1 18391c00.sys;18391c00.sys; \??\C:\WINDOWS\System32\drivers\18391c00.sys []
S1 189ed528.sys;189ed528.sys; \??\C:\WINDOWS\System32\drivers\189ed528.sys []
S1 19b87de4.sys;19b87de4.sys; \??\C:\WINDOWS\System32\drivers\19b87de4.sys []
S1 1a77df09.sys;1a77df09.sys; \??\C:\WINDOWS\System32\drivers\1a77df09.sys []
S1 1a8cd715.sys;1a8cd715.sys; \??\C:\WINDOWS\System32\drivers\1a8cd715.sys []
S1 1a93df25.sys;1a93df25.sys; \??\C:\WINDOWS\System32\drivers\1a93df25.sys []
S1 1b587f84.sys;1b587f84.sys; \??\C:\WINDOWS\System32\drivers\1b587f84.sys []
S1 1e3e826a.sys;1e3e826a.sys; \??\C:\WINDOWS\System32\drivers\1e3e826a.sys []
S1 1e88db11.sys;1e88db11.sys; \??\C:\WINDOWS\System32\drivers\1e88db11.sys []
S1 1f7a83a6.sys;1f7a83a6.sys; \??\C:\WINDOWS\System32\drivers\1f7a83a6.sys []
S1 2028dcb2.sys;2028dcb2.sys; \??\C:\WINDOWS\System32\drivers\2028dcb2.sys []
S1 212d855a.sys;212d855a.sys; \??\C:\WINDOWS\System32\drivers\212d855a.sys []
S1 2257e6e9.sys;2257e6e9.sys; \??\C:\WINDOWS\System32\drivers\2257e6e9.sys []
S1 229edf28.sys;229edf28.sys; \??\C:\WINDOWS\System32\drivers\229edf28.sys []
S1 22d5df5e.sys;22d5df5e.sys; \??\C:\WINDOWS\System32\drivers\22d5df5e.sys []
S1 22f5e787.sys;22f5e787.sys; \??\C:\WINDOWS\System32\drivers\22f5e787.sys []
S1 2425e0af.sys;2425e0af.sys; \??\C:\WINDOWS\System32\drivers\2425e0af.sys []
S1 262deac0.sys;262deac0.sys; \??\C:\WINDOWS\System32\drivers\262deac0.sys []
S1 269ceb2e.sys;269ceb2e.sys; \??\C:\WINDOWS\System32\drivers\269ceb2e.sys []
S1 27b4e43e.sys;27b4e43e.sys; \??\C:\WINDOWS\System32\drivers\27b4e43e.sys []
S1 28388c64.sys;28388c64.sys; \??\C:\WINDOWS\System32\drivers\28388c64.sys []
S1 28afe538.sys;28afe538.sys; \??\C:\WINDOWS\System32\drivers\28afe538.sys []
S1 290feda1.sys;290feda1.sys; \??\C:\WINDOWS\System32\drivers\290feda1.sys []
S1 29f2e67b.sys;29f2e67b.sys; \??\C:\WINDOWS\System32\drivers\29f2e67b.sys []
S1 2a0fe699.sys;2a0fe699.sys; \??\C:\WINDOWS\System32\drivers\2a0fe699.sys []
S1 2b85f017.sys;2b85f017.sys; \??\C:\WINDOWS\System32\drivers\2b85f017.sys []
S1 2c60f0f2.sys;2c60f0f2.sys; \??\C:\WINDOWS\System32\drivers\2c60f0f2.sys []
S1 2dbbea44.sys;2dbbea44.sys; \??\C:\WINDOWS\System32\drivers\2dbbea44.sys []
S1 2e00f292.sys;2e00f292.sys; \??\C:\WINDOWS\System32\drivers\2e00f292.sys []
S1 2e19f2ab.sys;2e19f2ab.sys; \??\C:\WINDOWS\System32\drivers\2e19f2ab.sys []
S1 2ee2eb6c.sys;2ee2eb6c.sys; \??\C:\WINDOWS\System32\drivers\2ee2eb6c.sys []
S1 2f9aec24.sys;2f9aec24.sys; \??\C:\WINDOWS\System32\drivers\2f9aec24.sys []
S1 31559581.sys;31559581.sys; \??\C:\WINDOWS\System32\drivers\31559581.sys []
S1 31f0f682.sys;31f0f682.sys; \??\C:\WINDOWS\System32\drivers\31f0f682.sys []
S1 324feed9.sys;324feed9.sys; \??\C:\WINDOWS\System32\drivers\324feed9.sys []
S1 33449771.sys;33449771.sys; \??\C:\WINDOWS\System32\drivers\33449771.sys []
S1 3361efea.sys;3361efea.sys; \??\C:\WINDOWS\System32\drivers\3361efea.sys []
S1 3369f7fb.sys;3369f7fb.sys; \??\C:\WINDOWS\System32\drivers\3369f7fb.sys []
S1 33aff039.sys;33aff039.sys; \??\C:\WINDOWS\System32\drivers\33aff039.sys []
S1 3471f0fa.sys;3471f0fa.sys; \??\C:\WINDOWS\System32\drivers\3471f0fa.sys []
S1 3485f10e.sys;3485f10e.sys; \??\C:\WINDOWS\System32\drivers\3485f10e.sys []
S1 35d3f25d.sys;35d3f25d.sys; \??\C:\WINDOWS\System32\drivers\35d3f25d.sys []
S1 35f1f27b.sys;35f1f27b.sys; \??\C:\WINDOWS\System32\drivers\35f1f27b.sys []
S1 3736f3c0.sys;3736f3c0.sys; \??\C:\WINDOWS\System32\drivers\3736f3c0.sys []
S1 3785f40e.sys;3785f40e.sys; \??\C:\WINDOWS\System32\drivers\3785f40e.sys []
S1 37d6f45f.sys;37d6f45f.sys; \??\C:\WINDOWS\System32\drivers\37d6f45f.sys []
S1 3808f491.sys;3808f491.sys; \??\C:\WINDOWS\System32\drivers\3808f491.sys []
S1 3877fd09.sys;3877fd09.sys; \??\C:\WINDOWS\System32\drivers\3877fd09.sys []
S1 38d0f559.sys;38d0f559.sys; \??\C:\WINDOWS\System32\drivers\38d0f559.sys []
S1 3904f58d.sys;3904f58d.sys; \??\C:\WINDOWS\System32\drivers\3904f58d.sys []
S1 391ef5a8.sys;391ef5a8.sys; \??\C:\WINDOWS\System32\drivers\391ef5a8.sys []
S1 39c9f653.sys;39c9f653.sys; \??\C:\WINDOWS\System32\drivers\39c9f653.sys []
S1 3ad2ff64.sys;3ad2ff64.sys; \??\C:\WINDOWS\System32\drivers\3ad2ff64.sys []
S1 3b2fffc1.sys;3b2fffc1.sys; \??\C:\WINDOWS\System32\drivers\3b2fffc1.sys []
S1 3bdbf865.sys;3bdbf865.sys; \??\C:\WINDOWS\System32\drivers\3bdbf865.sys []
S1 3be6a013.sys;3be6a013.sys; \??\C:\WINDOWS\System32\drivers\3be6a013.sys []
S1 3e2102b4.sys;3e2102b4.sys; \??\C:\WINDOWS\System32\drivers\3e2102b4.sys []
S1 3fc9a3f5.sys;3fc9a3f5.sys; \??\C:\WINDOWS\System32\drivers\3fc9a3f5.sys []
S1 4015a442.sys;4015a442.sys; \??\C:\WINDOWS\System32\drivers\4015a442.sys []
S1 4086fd10.sys;4086fd10.sys; \??\C:\WINDOWS\System32\drivers\4086fd10.sys []
S1 424fa67c.sys;424fa67c.sys; \??\C:\WINDOWS\System32\drivers\424fa67c.sys []
S1 4329ffb2.sys;4329ffb2.sys; \??\C:\WINDOWS\System32\drivers\4329ffb2.sys []
S1 43d70062.sys;43d70062.sys; \??\C:\WINDOWS\System32\drivers\43d70062.sys []
S1 43fa0085.sys;43fa0085.sys; \??\C:\WINDOWS\System32\drivers\43fa0085.sys []
S1 446900f3.sys;446900f3.sys; \??\C:\WINDOWS\System32\drivers\446900f3.sys []
S1 46b60b49.sys;46b60b49.sys; \??\C:\WINDOWS\System32\drivers\46b60b49.sys []
S1 485a04e5.sys;485a04e5.sys; \??\C:\WINDOWS\System32\drivers\485a04e5.sys []
S1 48f50d88.sys;48f50d88.sys; \??\C:\WINDOWS\System32\drivers\48f50d88.sys []
S1 494a05d5.sys;494a05d5.sys; \??\C:\WINDOWS\System32\drivers\494a05d5.sys []
S1 49cb0e5e.sys;49cb0e5e.sys; \??\C:\WINDOWS\System32\drivers\49cb0e5e.sys []
S1 4be8b014.sys;4be8b014.sys; \??\C:\WINDOWS\System32\drivers\4be8b014.sys []
S1 4bea107d.sys;4bea107d.sys; \??\C:\WINDOWS\System32\drivers\4bea107d.sys []
S1 4cd41167.sys;4cd41167.sys; \??\C:\WINDOWS\System32\drivers\4cd41167.sys []
S1 4e1d12b0.sys;4e1d12b0.sys; \??\C:\WINDOWS\System32\drivers\4e1d12b0.sys []
S1 4e801313.sys;4e801313.sys; \??\C:\WINDOWS\System32\drivers\4e801313.sys []
S1 4f6213f5.sys;4f6213f5.sys; \??\C:\WINDOWS\System32\drivers\4f6213f5.sys []
S1 507eb4aa.sys;507eb4aa.sys; \??\C:\WINDOWS\System32\drivers\507eb4aa.sys []
S1 50d60d60.sys;50d60d60.sys; \??\C:\WINDOWS\System32\drivers\50d60d60.sys []
S1 51310dbb.sys;51310dbb.sys; \??\C:\WINDOWS\System32\drivers\51310dbb.sys []
S1 51741607.sys;51741607.sys; \??\C:\WINDOWS\System32\drivers\51741607.sys []
S1 5208169b.sys;5208169b.sys; \??\C:\WINDOWS\System32\drivers\5208169b.sys []
S1 52d80f63.sys;52d80f63.sys; \??\C:\WINDOWS\System32\drivers\52d80f63.sys []
S1 52e70f72.sys;52e70f72.sys; \??\C:\WINDOWS\System32\drivers\52e70f72.sys []
S1 540cb838.sys;540cb838.sys; \??\C:\WINDOWS\System32\drivers\540cb838.sys []
S1 545218e6.sys;545218e6.sys; \??\C:\WINDOWS\System32\drivers\545218e6.sys []
S1 545f18f2.sys;545f18f2.sys; \??\C:\WINDOWS\System32\drivers\545f18f2.sys []
S1 554411cf.sys;554411cf.sys; \??\C:\WINDOWS\System32\drivers\554411cf.sys []
S1 577313fe.sys;577313fe.sys; \??\C:\WINDOWS\System32\drivers\577313fe.sys []
S1 580b1c9e.sys;580b1c9e.sys; \??\C:\WINDOWS\System32\drivers\580b1c9e.sys []
S1 58eb1d7e.sys;58eb1d7e.sys; \??\C:\WINDOWS\System32\drivers\58eb1d7e.sys []
S1 58f8bd24.sys;58f8bd24.sys; \??\C:\WINDOWS\System32\drivers\58f8bd24.sys []
S1 5ac61750.sys;5ac61750.sys; \??\C:\WINDOWS\System32\drivers\5ac61750.sys []
S1 5b211fb4.sys;5b211fb4.sys; \??\C:\WINDOWS\System32\drivers\5b211fb4.sys []
S1 5b44bf70.sys;5b44bf70.sys; \??\C:\WINDOWS\System32\drivers\5b44bf70.sys []
S1 5dcd2260.sys;5dcd2260.sys; \??\C:\WINDOWS\System32\drivers\5dcd2260.sys []
S1 5e1f1aa9.sys;5e1f1aa9.sys; \??\C:\WINDOWS\System32\drivers\5e1f1aa9.sys []
S1 5e44c271.sys;5e44c271.sys; \??\C:\WINDOWS\System32\drivers\5e44c271.sys []
S1 5eff1b8a.sys;5eff1b8a.sys; \??\C:\WINDOWS\System32\drivers\5eff1b8a.sys []
S1 61481dd3.sys;61481dd3.sys; \??\C:\WINDOWS\System32\drivers\61481dd3.sys []
S1 61dc266f.sys;61dc266f.sys; \??\C:\WINDOWS\System32\drivers\61dc266f.sys []
S1 61f42687.sys;61f42687.sys; \??\C:\WINDOWS\System32\drivers\61f42687.sys []
S1 62931f1e.sys;62931f1e.sys; \??\C:\WINDOWS\System32\drivers\62931f1e.sys []
S1 631327a6.sys;631327a6.sys; \??\C:\WINDOWS\System32\drivers\631327a6.sys []
S1 635427e7.sys;635427e7.sys; \??\C:\WINDOWS\System32\drivers\635427e7.sys []
S1 63b0c7dc.sys;63b0c7dc.sys; \??\C:\WINDOWS\System32\drivers\63b0c7dc.sys []
S1 63df2872.sys;63df2872.sys; \??\C:\WINDOWS\System32\drivers\63df2872.sys []
S1 64862919.sys;64862919.sys; \??\C:\WINDOWS\System32\drivers\64862919.sys []
S1 65772a0a.sys;65772a0a.sys; \??\C:\WINDOWS\System32\drivers\65772a0a.sys []
S1 6643ca6f.sys;6643ca6f.sys; \??\C:\WINDOWS\System32\drivers\6643ca6f.sys []
S1 6687cab3.sys;6687cab3.sys; \??\C:\WINDOWS\System32\drivers\6687cab3.sys []
S1 66e52370.sys;66e52370.sys; \??\C:\WINDOWS\System32\drivers\66e52370.sys []
S1 6701238c.sys;6701238c.sys; \??\C:\WINDOWS\System32\drivers\6701238c.sys []
S1 675a23e5.sys;675a23e5.sys; \??\C:\WINDOWS\System32\drivers\675a23e5.sys []
S1 67742c07.sys;67742c07.sys; \??\C:\WINDOWS\System32\drivers\67742c07.sys []
S1 67d12c64.sys;67d12c64.sys; \??\C:\WINDOWS\System32\drivers\67d12c64.sys []
S1 68ea2574.sys;68ea2574.sys; \??\C:\WINDOWS\System32\drivers\68ea2574.sys []
S1 691825a3.sys;691825a3.sys; \??\C:\WINDOWS\System32\drivers\691825a3.sys []
S1 695a25e5.sys;695a25e5.sys; \??\C:\WINDOWS\System32\drivers\695a25e5.sys []
S1 69a92634.sys;69a92634.sys; \??\C:\WINDOWS\System32\drivers\69a92634.sys []
S1 6b5a27e5.sys;6b5a27e5.sys; \??\C:\WINDOWS\System32\drivers\6b5a27e5.sys []
S1 6c4830db.sys;6c4830db.sys; \??\C:\WINDOWS\System32\drivers\6c4830db.sys []
S1 6c4a30dd.sys;6c4a30dd.sys; \??\C:\WINDOWS\System32\drivers\6c4a30dd.sys []
S1 6cad2937.sys;6cad2937.sys; \??\C:\WINDOWS\System32\drivers\6cad2937.sys []
S1 6d6729f1.sys;6d6729f1.sys; \??\C:\WINDOWS\System32\drivers\6d6729f1.sys []
S1 6e6a2af5.sys;6e6a2af5.sys; \??\C:\WINDOWS\System32\drivers\6e6a2af5.sys []
S1 6e8b2b16.sys;6e8b2b16.sys; \??\C:\WINDOWS\System32\drivers\6e8b2b16.sys []
S1 6f0e33a1.sys;6f0e33a1.sys; \??\C:\WINDOWS\System32\drivers\6f0e33a1.sys []
S1 6f4d33e0.sys;6f4d33e0.sys; \??\C:\WINDOWS\System32\drivers\6f4d33e0.sys []
S1 70ef3582.sys;70ef3582.sys; \??\C:\WINDOWS\System32\drivers\70ef3582.sys []
S1 71f7368b.sys;71f7368b.sys; \??\C:\WINDOWS\System32\drivers\71f7368b.sys []
S1 72723705.sys;72723705.sys; \??\C:\WINDOWS\System32\drivers\72723705.sys []
S1 73052f90.sys;73052f90.sys; \??\C:\WINDOWS\System32\drivers\73052f90.sys []
S1 732437b7.sys;732437b7.sys; \??\C:\WINDOWS\System32\drivers\732437b7.sys []
S1 7360d78d.sys;7360d78d.sys; \??\C:\WINDOWS\System32\drivers\7360d78d.sys []
S1 73a63839.sys;73a63839.sys; \??\C:\WINDOWS\System32\drivers\73a63839.sys []
S1 74b03943.sys;74b03943.sys; \??\C:\WINDOWS\System32\drivers\74b03943.sys []
S1 75d53260.sys;75d53260.sys; \??\C:\WINDOWS\System32\drivers\75d53260.sys []
S1 761932a4.sys;761932a4.sys; \??\C:\WINDOWS\System32\drivers\761932a4.sys []
S1 76243ab7.sys;76243ab7.sys; \??\C:\WINDOWS\System32\drivers\76243ab7.sys []
S1 762b3abe.sys;762b3abe.sys; \??\C:\WINDOWS\System32\drivers\762b3abe.sys []
S1 763d32c7.sys;763d32c7.sys; \??\C:\WINDOWS\System32\drivers\763d32c7.sys []
S1 76e93b7d.sys;76e93b7d.sys; \??\C:\WINDOWS\System32\drivers\76e93b7d.sys []
S1 77823c15.sys;77823c15.sys; \??\C:\WINDOWS\System32\drivers\77823c15.sys []
S1 77c3344d.sys;77c3344d.sys; \??\C:\WINDOWS\System32\drivers\77c3344d.sys []
S1 79843e17.sys;79843e17.sys; \??\C:\WINDOWS\System32\drivers\79843e17.sys []
S1 7af1377c.sys;7af1377c.sys; \??\C:\WINDOWS\System32\drivers\7af1377c.sys []
S1 7b4837d2.sys;7b4837d2.sys; \??\C:\WINDOWS\System32\drivers\7b4837d2.sys []
S1 7b79400c.sys;7b79400c.sys; \??\C:\WINDOWS\System32\drivers\7b79400c.sys []
S1 7c3a38c4.sys;7c3a38c4.sys; \??\C:\WINDOWS\System32\drivers\7c3a38c4.sys []
S1 7db04243.sys;7db04243.sys; \??\C:\WINDOWS\System32\drivers\7db04243.sys []
S1 7e043a8f.sys;7e043a8f.sys; \??\C:\WINDOWS\System32\drivers\7e043a8f.sys []
S1 7e173aa1.sys;7e173aa1.sys; \??\C:\WINDOWS\System32\drivers\7e173aa1.sys []
S1 7e5d42f0.sys;7e5d42f0.sys; \??\C:\WINDOWS\System32\drivers\7e5d42f0.sys []
S1 7ed2e2fe.sys;7ed2e2fe.sys; \??\C:\WINDOWS\System32\drivers\7ed2e2fe.sys []
S1 81804613.sys;81804613.sys; \??\C:\WINDOWS\System32\drivers\81804613.sys []
S1 83e0406a.sys;83e0406a.sys; \??\C:\WINDOWS\System32\drivers\83e0406a.sys []
S1 840e48a2.sys;840e48a2.sys; \??\C:\WINDOWS\System32\drivers\840e48a2.sys []
S1 842840b3.sys;842840b3.sys; \??\C:\WINDOWS\System32\drivers\842840b3.sys []
S1 845c40e6.sys;845c40e6.sys; \??\C:\WINDOWS\System32\drivers\845c40e6.sys []
S1 846d4900.sys;846d4900.sys; \??\C:\WINDOWS\System32\drivers\846d4900.sys []
S1 85d8ea04.sys;85d8ea04.sys; \??\C:\WINDOWS\System32\drivers\85d8ea04.sys []
S1 863b4ace.sys;863b4ace.sys; \??\C:\WINDOWS\System32\drivers\863b4ace.sys []
S1 8642ea6f.sys;8642ea6f.sys; \??\C:\WINDOWS\System32\drivers\8642ea6f.sys []
S1 86d74b6b.sys;86d74b6b.sys; \??\C:\WINDOWS\System32\drivers\86d74b6b.sys []
S1 874f4be2.sys;874f4be2.sys; \??\C:\WINDOWS\System32\drivers\874f4be2.sys []
S1 87718b38.sys;87718b38.sys; \??\C:\WINDOWS\System32\drivers\87718b38.sys []
S1 87d64461.sys;87d64461.sys; \??\C:\WINDOWS\System32\drivers\87d64461.sys []
S1 880b4496.sys;880b4496.sys; \??\C:\WINDOWS\System32\drivers\880b4496.sys []
S1 88f24d85.sys;88f24d85.sys; \??\C:\WINDOWS\System32\drivers\88f24d85.sys []
S1 890a4595.sys;890a4595.sys; \??\C:\WINDOWS\System32\drivers\890a4595.sys []
S1 894a45d4.sys;894a45d4.sys; \??\C:\WINDOWS\System32\drivers\894a45d4.sys []
S1 8a3046ba.sys;8a3046ba.sys; \??\C:\WINDOWS\System32\drivers\8a3046ba.sys []
S1 8b114fa5.sys;8b114fa5.sys; \??\C:\WINDOWS\System32\drivers\8b114fa5.sys []
S1 8b2b47b5.sys;8b2b47b5.sys; \??\C:\WINDOWS\System32\drivers\8b2b47b5.sys []
S1 8bca505d.sys;8bca505d.sys; \??\C:\WINDOWS\System32\drivers\8bca505d.sys []
S1 8c5850eb.sys;8c5850eb.sys; \??\C:\WINDOWS\System32\drivers\8c5850eb.sys []
S1 8c8a4914.sys;8c8a4914.sys; \??\C:\WINDOWS\System32\drivers\8c8a4914.sys []
S1 8d1651a9.sys;8d1651a9.sys; \??\C:\WINDOWS\System32\drivers\8d1651a9.sys []
S1 8d5949e4.sys;8d5949e4.sys; \??\C:\WINDOWS\System32\drivers\8d5949e4.sys []
S1 8d6a51fd.sys;8d6a51fd.sys; \??\C:\WINDOWS\System32\drivers\8d6a51fd.sys []
S1 8d804a0b.sys;8d804a0b.sys; \??\C:\WINDOWS\System32\drivers\8d804a0b.sys []
S1 8da94a34.sys;8da94a34.sys; \??\C:\WINDOWS\System32\drivers\8da94a34.sys []
S1 8dbb524e.sys;8dbb524e.sys; \??\C:\WINDOWS\System32\drivers\8dbb524e.sys []
S1 8e154aa0.sys;8e154aa0.sys; \??\C:\WINDOWS\System32\drivers\8e154aa0.sys []
S1 8e174aa2.sys;8e174aa2.sys; \??\C:\WINDOWS\System32\drivers\8e174aa2.sys []
S1 8ebd4b48.sys;8ebd4b48.sys; \??\C:\WINDOWS\System32\drivers\8ebd4b48.sys []
S1 8f0a539d.sys;8f0a539d.sys; \??\C:\WINDOWS\System32\drivers\8f0a539d.sys []
S1 914f4dda.sys;914f4dda.sys; \??\C:\WINDOWS\System32\drivers\914f4dda.sys []
S1 915ef58a.sys;915ef58a.sys; \??\C:\WINDOWS\System32\drivers\915ef58a.sys []
S1 916c4df7.sys;916c4df7.sys; \??\C:\WINDOWS\System32\drivers\916c4df7.sys []
S1 91a04e2b.sys;91a04e2b.sys; \??\C:\WINDOWS\System32\drivers\91a04e2b.sys []
S1 9208569b.sys;9208569b.sys; \??\C:\WINDOWS\System32\drivers\9208569b.sys []
S1 923556c8.sys;923556c8.sys; \??\C:\WINDOWS\System32\drivers\923556c8.sys []
S1 929f4f2a.sys;929f4f2a.sys; \??\C:\WINDOWS\System32\drivers\929f4f2a.sys []
S1 9308f735.sys;9308f735.sys; \??\C:\WINDOWS\System32\drivers\9308f735.sys []
S1 933cf768.sys;933cf768.sys; \??\C:\WINDOWS\System32\drivers\933cf768.sys []
S1 935857eb.sys;935857eb.sys; \??\C:\WINDOWS\System32\drivers\935857eb.sys []
S1 93d65869.sys;93d65869.sys; \??\C:\WINDOWS\System32\drivers\93d65869.sys []
S1 948d5920.sys;948d5920.sys; \??\C:\WINDOWS\System32\drivers\948d5920.sys []
S1 969a5325.sys;969a5325.sys; \??\C:\WINDOWS\System32\drivers\969a5325.sys []
S1 974e5be1.sys;974e5be1.sys; \??\C:\WINDOWS\System32\drivers\974e5be1.sys []
S1 981b5cae.sys;981b5cae.sys; \??\C:\WINDOWS\System32\drivers\981b5cae.sys []
S1 98225cb5.sys;98225cb5.sys; \??\C:\WINDOWS\System32\drivers\98225cb5.sys []
S1 986754f2.sys;986754f2.sys; \??\C:\WINDOWS\System32\drivers\986754f2.sys []
S1 98fa5d8d.sys;98fa5d8d.sys; \??\C:\WINDOWS\System32\drivers\98fa5d8d.sys []
S1 9ab2fede.sys;9ab2fede.sys; \??\C:\WINDOWS\System32\drivers\9ab2fede.sys []
S1 9b32ff5e.sys;9b32ff5e.sys; \??\C:\WINDOWS\System32\drivers\9b32ff5e.sys []
S1 9b5757e2.sys;9b5757e2.sys; \??\C:\WINDOWS\System32\drivers\9b5757e2.sys []
S1 9b7b600e.sys;9b7b600e.sys; \??\C:\WINDOWS\System32\drivers\9b7b600e.sys []
S1 9b99ffc5.sys;9b99ffc5.sys; \??\C:\WINDOWS\System32\drivers\9b99ffc5.sys []
S1 9bc06054.sys;9bc06054.sys; \??\C:\WINDOWS\System32\drivers\9bc06054.sys []
S1 9bda5864.sys;9bda5864.sys; \??\C:\WINDOWS\System32\drivers\9bda5864.sys []
S1 9bfa608d.sys;9bfa608d.sys; \??\C:\WINDOWS\System32\drivers\9bfa608d.sys []
S1 9c5f58e9.sys;9c5f58e9.sys; \??\C:\WINDOWS\System32\drivers\9c5f58e9.sys []
S1 9cb36146.sys;9cb36146.sys; \??\C:\WINDOWS\System32\drivers\9cb36146.sys []
S1 9cea617d.sys;9cea617d.sys; \??\C:\WINDOWS\System32\drivers\9cea617d.sys []
S1 9d6f59fa.sys;9d6f59fa.sys; \??\C:\WINDOWS\System32\drivers\9d6f59fa.sys []
S1 9d7a620d.sys;9d7a620d.sys; \??\C:\WINDOWS\System32\drivers\9d7a620d.sys []
S1 9ee06373.sys;9ee06373.sys; \??\C:\WINDOWS\System32\drivers\9ee06373.sys []
S1 9f4863dc.sys;9f4863dc.sys; \??\C:\WINDOWS\System32\drivers\9f4863dc.sys []
S1 a05c0489.sys;a05c0489.sys; \??\C:\WINDOWS\System32\drivers\a05c0489.sys []
S1 a0ae6541.sys;a0ae6541.sys; \??\C:\WINDOWS\System32\drivers\a0ae6541.sys []
S1 a32467b7.sys;a32467b7.sys; \??\C:\WINDOWS\System32\drivers\a32467b7.sys []
S1 a60a6295.sys;a60a6295.sys; \??\C:\WINDOWS\System32\drivers\a60a6295.sys []
S1 a7306bc3.sys;a7306bc3.sys; \??\C:\WINDOWS\System32\drivers\a7306bc3.sys []
S1 a8de6569.sys;a8de6569.sys; \??\C:\WINDOWS\System32\drivers\a8de6569.sys []
S1 abc3684e.sys;abc3684e.sys; \??\C:\WINDOWS\System32\drivers\abc3684e.sys []
S1 ac2970bc.sys;ac2970bc.sys; \??\C:\WINDOWS\System32\drivers\ac2970bc.sys []
S1 acb0693b.sys;acb0693b.sys; \??\C:\WINDOWS\System32\drivers\acb0693b.sys []
S1 adb57248.sys;adb57248.sys; \??\C:\WINDOWS\System32\drivers\adb57248.sys []
S1 adec727f.sys;adec727f.sys; \??\C:\WINDOWS\System32\drivers\adec727f.sys []
S1 aeb17344.sys;aeb17344.sys; \??\C:\WINDOWS\System32\drivers\aeb17344.sys []
S1 aeed7380.sys;aeed7380.sys; \??\C:\WINDOWS\System32\drivers\aeed7380.sys []
S1 af7d6c07.sys;af7d6c07.sys; \??\C:\WINDOWS\System32\drivers\af7d6c07.sys []
S1 afc813f5.sys;afc813f5.sys; \??\C:\WINDOWS\System32\drivers\afc813f5.sys []
S1 b0a96d34.sys;b0a96d34.sys; \??\C:\WINDOWS\System32\drivers\b0a96d34.sys []
S1 b14c1579.sys;b14c1579.sys; \??\C:\WINDOWS\System32\drivers\b14c1579.sys []
S1 b2027695.sys;b2027695.sys; \??\C:\WINDOWS\System32\drivers\b2027695.sys []
S1 b37a780d.sys;b37a780d.sys; \??\C:\WINDOWS\System32\drivers\b37a780d.sys []
S1 b3b817e5.sys;b3b817e5.sys; \??\C:\WINDOWS\System32\drivers\b3b817e5.sys []
S1 b3e1706b.sys;b3e1706b.sys; \??\C:\WINDOWS\System32\drivers\b3e1706b.sys []
S1 b504718e.sys;b504718e.sys; \??\C:\WINDOWS\System32\drivers\b504718e.sys []
S1 b5e21a0f.sys;b5e21a0f.sys; \??\C:\WINDOWS\System32\drivers\b5e21a0f.sys []
S1 b6357ac8.sys;b6357ac8.sys; \??\C:\WINDOWS\System32\drivers\b6357ac8.sys []
S1 b69d7327.sys;b69d7327.sys; \??\C:\WINDOWS\System32\drivers\b69d7327.sys []
S1 b7417bd4.sys;b7417bd4.sys; \??\C:\WINDOWS\System32\drivers\b7417bd4.sys []
S1 b79c7427.sys;b79c7427.sys; \??\C:\WINDOWS\System32\drivers\b79c7427.sys []
S1 b7ef7c82.sys;b7ef7c82.sys; \??\C:\WINDOWS\System32\drivers\b7ef7c82.sys []
S1 b8047c98.sys;b8047c98.sys; \??\C:\WINDOWS\System32\drivers\b8047c98.sys []
S1 b81c1c49.sys;b81c1c49.sys; \??\C:\WINDOWS\System32\drivers\b81c1c49.sys []
S1 b8587cec.sys;b8587cec.sys; \??\C:\WINDOWS\System32\drivers\b8587cec.sys []
S1 b8b57d49.sys;b8b57d49.sys; \??\C:\WINDOWS\System32\drivers\b8b57d49.sys []
S1 b9011d2e.sys;b9011d2e.sys; \??\C:\WINDOWS\System32\drivers\b9011d2e.sys []
S1 b92975b4.sys;b92975b4.sys; \??\C:\WINDOWS\System32\drivers\b92975b4.sys []
S1 ba4d7ee1.sys;ba4d7ee1.sys; \??\C:\WINDOWS\System32\drivers\ba4d7ee1.sys []
S1 bcc97953.sys;bcc97953.sys; \??\C:\WINDOWS\System32\drivers\bcc97953.sys []
S1 bdba824d.sys;bdba824d.sys; \??\C:\WINDOWS\System32\drivers\bdba824d.sys []
S1 bf767c01.sys;bf767c01.sys; \??\C:\WINDOWS\System32\drivers\bf767c01.sys []
S1 bff87c82.sys;bff87c82.sys; \??\C:\WINDOWS\System32\drivers\bff87c82.sys []
S1 c0347cbe.sys;c0347cbe.sys; \??\C:\WINDOWS\System32\drivers\c0347cbe.sys []
S1 c04b7cd5.sys;c04b7cd5.sys; \??\C:\WINDOWS\System32\drivers\c04b7cd5.sys []
S1 c088851b.sys;c088851b.sys; \??\C:\WINDOWS\System32\drivers\c088851b.sys []
S1 c17925a7.sys;c17925a7.sys; \??\C:\WINDOWS\System32\drivers\c17925a7.sys []
S1 c1f8868b.sys;c1f8868b.sys; \??\C:\WINDOWS\System32\drivers\c1f8868b.sys []
S1 c25a7ee5.sys;c25a7ee5.sys; \??\C:\WINDOWS\System32\drivers\c25a7ee5.sys []
S1 c2f28785.sys;c2f28785.sys; \??\C:\WINDOWS\System32\drivers\c2f28785.sys []
S1 c3b48847.sys;c3b48847.sys; \??\C:\WINDOWS\System32\drivers\c3b48847.sys []
S1 c41588a8.sys;c41588a8.sys; \??\C:\WINDOWS\System32\drivers\c41588a8.sys []
S1 c54381cd.sys;c54381cd.sys; \??\C:\WINDOWS\System32\drivers\c54381cd.sys []
S1 c57429a1.sys;c57429a1.sys; \??\C:\WINDOWS\System32\drivers\c57429a1.sys []
S1 c81d84a8.sys;c81d84a8.sys; \??\C:\WINDOWS\System32\drivers\c81d84a8.sys []
S1 c9602d8d.sys;c9602d8d.sys; \??\C:\WINDOWS\System32\drivers\c9602d8d.sys []
S1 c97a8e0d.sys;c97a8e0d.sys; \??\C:\WINDOWS\System32\drivers\c97a8e0d.sys []
S1 c9b0863a.sys;c9b0863a.sys; \??\C:\WINDOWS\System32\drivers\c9b0863a.sys []
S1 c9ee8679.sys;c9ee8679.sys; \??\C:\WINDOWS\System32\drivers\c9ee8679.sys []
S1 ca2e86b9.sys;ca2e86b9.sys; \??\C:\WINDOWS\System32\drivers\ca2e86b9.sys []
S1 ca6086eb.sys;ca6086eb.sys; \??\C:\WINDOWS\System32\drivers\ca6086eb.sys []
S1 ca918f24.sys;ca918f24.sys; \??\C:\WINDOWS\System32\drivers\ca918f24.sys []
S1 caa48f37.sys;caa48f37.sys; \??\C:\WINDOWS\System32\drivers\caa48f37.sys []
S1 cad5875f.sys;cad5875f.sys; \??\C:\WINDOWS\System32\drivers\cad5875f.sys []
S1 cb4187cb.sys;cb4187cb.sys; \??\C:\WINDOWS\System32\drivers\cb4187cb.sys []
S1 cc7c30aa.sys;cc7c30aa.sys; \??\C:\WINDOWS\System32\drivers\cc7c30aa.sys []
S1 cd2191b4.sys;cd2191b4.sys; \??\C:\WINDOWS\System32\drivers\cd2191b4.sys []
S1 cd7d8a07.sys;cd7d8a07.sys; \??\C:\WINDOWS\System32\drivers\cd7d8a07.sys []
S1 ce8932b6.sys;ce8932b6.sys; \??\C:\WINDOWS\System32\drivers\ce8932b6.sys []
S1 ce918b1c.sys;ce918b1c.sys; \??\C:\WINDOWS\System32\drivers\ce918b1c.sys []
S1 ced68b60.sys;ced68b60.sys; \??\C:\WINDOWS\System32\drivers\ced68b60.sys []
S1 cf009393.sys;cf009393.sys; \??\C:\WINDOWS\System32\drivers\cf009393.sys []
S1 cf088b93.sys;cf088b93.sys; \??\C:\WINDOWS\System32\drivers\cf088b93.sys []
S1 cf769409.sys;cf769409.sys; \??\C:\WINDOWS\System32\drivers\cf769409.sys []
S1 cf8733b4.sys;cf8733b4.sys; \??\C:\WINDOWS\System32\drivers\cf8733b4.sys []
S1 cfbc8c47.sys;cfbc8c47.sys; \??\C:\WINDOWS\System32\drivers\cfbc8c47.sys []
S1 cfc49458.sys;cfc49458.sys; \??\C:\WINDOWS\System32\drivers\cfc49458.sys []
S1 d0568ce1.sys;d0568ce1.sys; \??\C:\WINDOWS\System32\drivers\d0568ce1.sys []
S1 d0fc958f.sys;d0fc958f.sys; \??\C:\WINDOWS\System32\drivers\d0fc958f.sys []
S1 d1b68e41.sys;d1b68e41.sys; \??\C:\WINDOWS\System32\drivers\d1b68e41.sys []
S1 d20a8e95.sys;d20a8e95.sys; \??\C:\WINDOWS\System32\drivers\d20a8e95.sys []
S1 d23796ca.sys;d23796ca.sys; \??\C:\WINDOWS\System32\drivers\d23796ca.sys []
S1 d3019794.sys;d3019794.sys; \??\C:\WINDOWS\System32\drivers\d3019794.sys []
S1 d39037bd.sys;d39037bd.sys; \??\C:\WINDOWS\System32\drivers\d39037bd.sys []
S1 d3b79042.sys;d3b79042.sys; \??\C:\WINDOWS\System32\drivers\d3b79042.sys []
S1 d53d99d0.sys;d53d99d0.sys; \??\C:\WINDOWS\System32\drivers\d53d99d0.sys []
S1 d6643a92.sys;d6643a92.sys; \??\C:\WINDOWS\System32\drivers\d6643a92.sys []
S1 d6c69b59.sys;d6c69b59.sys; \??\C:\WINDOWS\System32\drivers\d6c69b59.sys []
S1 d7e93c16.sys;d7e93c16.sys; \??\C:\WINDOWS\System32\drivers\d7e93c16.sys []
S1 d7f19c85.sys;d7f19c85.sys; \??\C:\WINDOWS\System32\drivers\d7f19c85.sys []
S1 d9449dd7.sys;d9449dd7.sys; \??\C:\WINDOWS\System32\drivers\d9449dd7.sys []
S1 d9719e04.sys;d9719e04.sys; \??\C:\WINDOWS\System32\drivers\d9719e04.sys []
S1 da7c9706.sys;da7c9706.sys; \??\C:\WINDOWS\System32\drivers\da7c9706.sys []
S1 dad59f68.sys;dad59f68.sys; \??\C:\WINDOWS\System32\drivers\dad59f68.sys []
S1 db1f9fb3.sys;db1f9fb3.sys; \??\C:\WINDOWS\System32\drivers\db1f9fb3.sys []
S1 db209fb3.sys;db209fb3.sys; \??\C:\WINDOWS\System32\drivers\db209fb3.sys []
S1 dc2398ad.sys;dc2398ad.sys; \??\C:\WINDOWS\System32\drivers\dc2398ad.sys []
S1 dd56a1e9.sys;dd56a1e9.sys; \??\C:\WINDOWS\System32\drivers\dd56a1e9.sys []
S1 ddcb41f8.sys;ddcb41f8.sys; \??\C:\WINDOWS\System32\drivers\ddcb41f8.sys []
S1 ddf9a28c.sys;ddf9a28c.sys; \??\C:\WINDOWS\System32\drivers\ddf9a28c.sys []
S1 de8c9b17.sys;de8c9b17.sys; \??\C:\WINDOWS\System32\drivers\de8c9b17.sys []
S1 df549bdf.sys;df549bdf.sys; \??\C:\WINDOWS\System32\drivers\df549bdf.sys []
S1 e0ffa592.sys;e0ffa592.sys; \??\C:\WINDOWS\System32\drivers\e0ffa592.sys []
S1 e1de460c.sys;e1de460c.sys; \??\C:\WINDOWS\System32\drivers\e1de460c.sys []
S1 e22ba6bf.sys;e22ba6bf.sys; \??\C:\WINDOWS\System32\drivers\e22ba6bf.sys []
S1 e3279fb1.sys;e3279fb1.sys; \??\C:\WINDOWS\System32\drivers\e3279fb1.sys []
S1 e39ca82f.sys;e39ca82f.sys; \??\C:\WINDOWS\System32\drivers\e39ca82f.sys []
S1 e41ca0a7.sys;e41ca0a7.sys; \??\C:\WINDOWS\System32\drivers\e41ca0a7.sys []
S1 e46c015e.sys;e46c015e.sys; \??\C:\WINDOWS\System32\drivers\e46c015e.sys []
S1 e58ea218.sys;e58ea218.sys; \??\C:\WINDOWS\System32\drivers\e58ea218.sys []
S1 e75cabf0.sys;e75cabf0.sys; \??\C:\WINDOWS\System32\drivers\e75cabf0.sys []
S1 e7dcac70.sys;e7dcac70.sys; \??\C:\WINDOWS\System32\drivers\e7dcac70.sys []
S1 e7ebac7e.sys;e7ebac7e.sys; \??\C:\WINDOWS\System32\drivers\e7ebac7e.sys []
S1 e89dad30.sys;e89dad30.sys; \??\C:\WINDOWS\System32\drivers\e89dad30.sys []
S1 ea3caecf.sys;ea3caecf.sys; \??\C:\WINDOWS\System32\drivers\ea3caecf.sys []
S1 ea42a6cc.sys;ea42a6cc.sys; \??\C:\WINDOWS\System32\drivers\ea42a6cc.sys []
S1 eaa6af39.sys;eaa6af39.sys; \??\C:\WINDOWS\System32\drivers\eaa6af39.sys []
S1 ec79b10d.sys;ec79b10d.sys; \??\C:\WINDOWS\System32\drivers\ec79b10d.sys []
S1 ec85b118.sys;ec85b118.sys; \??\C:\WINDOWS\System32\drivers\ec85b118.sys []
S1 ed1fa9aa.sys;ed1fa9aa.sys; \??\C:\WINDOWS\System32\drivers\ed1fa9aa.sys []
S1 ed7b51a8.sys;ed7b51a8.sys; \??\C:\WINDOWS\System32\drivers\ed7b51a8.sys []
S1 edc8b25b.sys;edc8b25b.sys; \??\C:\WINDOWS\System32\drivers\edc8b25b.sys []
S1 ee0daa98.sys;ee0daa98.sys; \??\C:\WINDOWS\System32\drivers\ee0daa98.sys []
S1 ee435271.sys;ee435271.sys; \??\C:\WINDOWS\System32\drivers\ee435271.sys []
S1 ee93ab1e.sys;ee93ab1e.sys; \??\C:\WINDOWS\System32\drivers\ee93ab1e.sys []
S1 f04e0d40.sys;f04e0d40.sys; \??\C:\WINDOWS\System32\drivers\f04e0d40.sys []
S1 f161adeb.sys;f161adeb.sys; \??\C:\WINDOWS\System32\drivers\f161adeb.sys []
S1 f190b623.sys;f190b623.sys; \??\C:\WINDOWS\System32\drivers\f190b623.sys []
S1 f211ae9b.sys;f211ae9b.sys; \??\C:\WINDOWS\System32\drivers\f211ae9b.sys []
S1 f224b6b7.sys;f224b6b7.sys; \??\C:\WINDOWS\System32\drivers\f224b6b7.sys []
S1 f248b6db.sys;f248b6db.sys; \??\C:\WINDOWS\System32\drivers\f248b6db.sys []
S1 f294b727.sys;f294b727.sys; \??\C:\WINDOWS\System32\drivers\f294b727.sys []
S1 f360b7f3.sys;f360b7f3.sys; \??\C:\WINDOWS\System32\drivers\f360b7f3.sys []
S1 f434b0be.sys;f434b0be.sys; \??\C:\WINDOWS\System32\drivers\f434b0be.sys []
S1 f476b909.sys;f476b909.sys; \??\C:\WINDOWS\System32\drivers\f476b909.sys []
S1 f489b91c.sys;f489b91c.sys; \??\C:\WINDOWS\System32\drivers\f489b91c.sys []
S1 f60fb29a.sys;f60fb29a.sys; \??\C:\WINDOWS\System32\drivers\f60fb29a.sys []
S1 f6c2b34d.sys;f6c2b34d.sys; \??\C:\WINDOWS\System32\drivers\f6c2b34d.sys []
S1 f6e3b36d.sys;f6e3b36d.sys; \??\C:\WINDOWS\System32\drivers\f6e3b36d.sys []
S1 f822bcb5.sys;f822bcb5.sys; \??\C:\WINDOWS\System32\drivers\f822bcb5.sys []
S1 f833bcc6.sys;f833bcc6.sys; \??\C:\WINDOWS\System32\drivers\f833bcc6.sys []
S1 f8675c95.sys;f8675c95.sys; \??\C:\WINDOWS\System32\drivers\f8675c95.sys []
S1 f8c5b54f.sys;f8c5b54f.sys; \??\C:\WINDOWS\System32\drivers\f8c5b54f.sys []
S1 f8c85cf5.sys;f8c85cf5.sys; \??\C:\WINDOWS\System32\drivers\f8c85cf5.sys []
S1 f92bbdbe.sys;f92bbdbe.sys; \??\C:\WINDOWS\System32\drivers\f92bbdbe.sys []
S1 f963b5ed.sys;f963b5ed.sys; \??\C:\WINDOWS\System32\drivers\f963b5ed.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-08 105472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-05 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-04 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-29 587096]
S4 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-10-16 464264]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-08-16 09:31:06
======Uninstall list======
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
ALLPlayer V3.X-->"C:\Program Files\ALLPlayer\unins000.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
hp deskjet 3500-->msiexec /x{C7EC0699-D82C-4451-B701-C98C330D43AF}
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.exe" -l0x9 -removeonly
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
MetaFrame Presentation Server Web Client for Win32-->C:\WINDOWS\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Plants vs. Zombies (remove only)-->"C:\Program Files\Yahoo! Games\Plants vs. Zombies\Uninstall.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Roxio CinePlayer-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
ZoneAlarm Spy Blocker Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune-->c:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}
======Hosts File======
127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090815-0]
FW: ZoneAlarm Firewall
======System event log======
Computer Name: JO
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 5440
Source Name: Tcpip
Time Written: 20080709161619.000000-360
Event Type: warning
User:
Computer Name: JO
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 5439
Source Name: Tcpip
Time Written: 20080709152142.000000-360
Event Type: warning
User:
Computer Name: JO
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Record Number: 5438
Source Name: W32Time
Time Written: 20080709091825.000000-360
Event Type: warning
User:
Computer Name: JO
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 5437
Source Name: Tcpip
Time Written: 20080709061034.000000-360
Event Type: warning
User:
Computer Name: JO
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 5436
Source Name: Tcpip
Time Written: 20080708220638.000000-360
Event Type: warning
User:
=====Application event log=====
Computer Name: JO
Event Code: 1002
Message: Hanging application IMVUClient.exe, version 371.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 1500
Source Name: Application Hang
Time Written: 20070428092104.000000-360
Event Type: error
User:
Computer Name: JO
Event Code: 1517
Message: Windows saved user JO\Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 1497
Source Name: Userenv
Time Written: 20070427161658.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: JO
Event Code: 1517
Message: Windows saved user JO\Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 1494
Source Name: Userenv
Time Written: 20070425160657.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: JO
Event Code: 1002
Message: Hanging application IMVUClient.exe, version 370.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 1493
Source Name: Application Hang
Time Written: 20070424203805.000000-360
Event Type: error
User:
Computer Name: JO
Event Code: 1517
Message: Windows saved user JO\Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 1490
Source Name: Userenv
Time Written: 20070424162410.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
-----------------EOF-----------------
Do you have the GMER log ?
GMER 1.0.15.15020 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-16 10:51:48
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB130C6B8]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwConnectPort [0xB14A3FC0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreatePort [0xB14A4580]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0xB14A4670]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteFile [0xB14A1210]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRenameKey [0xB14BC6F0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0xB14A3BE0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0xB14A4190]
---- Kernel code sections - GMER 1.0.15 ----
? srescan.sys The system cannot find the file specified. !
? system32\drivers\SKYNETkcxisymi.sys The system cannot find the path specified. !
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B14A8B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B14A8930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B14A9260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B14A6E90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B14A6E90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B14A8B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B14A8930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B14A9260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B14A8B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B14A6E90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B14A9260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B14A8930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B14A9260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B14A8930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B14A8B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B14A6E90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B14A8B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B14A8930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B14A9260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B14A8B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B14A6E90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B14A9260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B14A8930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[752] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[752] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [61A5C7E0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [61A5C7E0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [61A52910] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [61A54AD0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [61A54B20] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [61A54AE0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [61A5C7E0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] [7C8841F8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7C8841E9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7C8841E9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\Wininet.dll [KERNEL32.dll!CreateThread] [7C8841F8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\Wininet.dll [KERNEL32.dll!GetModuleHandleA] [7C8841EE] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\Wininet.dll [KERNEL32.dll!GetModuleHandleW] [7C8841F3] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1372] @ C:\WINDOWS\system32\Wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7C8841E9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [61A5C7E0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [61A5C7E0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [61A54AD0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [61A54B20] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [61A54AE0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [61A52910] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [61A5C7E0] C:\WINDOWS\system32\VSINIT.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] [7C8841F8] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2808] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7C8841E9] C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\USER32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6113A3BF] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6113A3BF] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [611390DD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [611390A5] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[3476] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
---- Services - GMER 1.0.15 ----
Service system32\drivers\SKYNETkcxisymi.sys (*** hidden *** ) [SYSTEM] SKYNETedcukhhu <-- ROOTKIT !!!
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ???7?????9?9?9?9?9??? ???????`?????7?????5??????????????????????????? ??? ???????7???????????5??????????N???????????? ???????`?????7?????7??????????????????????????C4???????????s??????mp???????????P?????s1\??input.inf??????A???????????????? ????? ?????????? ???????????????????????????????9?9?9?9?9???????????????????????? ????? ??????????????????????????????????????????3co???E?E?E?E?E??? ???????7???????????7??????????N???????Ba??LegacyDriver?l????N??<???~????Dst4??? H??<???N?????\La???7?7?7?7?7?7?l?????7?&???????????i???????e???l?l?l?????<?????@?@?@?@?@?????????????????sRO?????7????? 4??7?????????abp??? ???6??????????t????????????A????????<??7???????????9?9?9?9?9??? 4??7??????????e????????????2??????.d???????6???????????????????????7???????????????????????????7????????????????r????????7?????????????????e??yu?????????????????????????? ????? ????????????????????????????????????????????????A????? ???????7???????????????????????????????f??? ???????^?????7???????????????????????B27??? ???????7?????7??????????4????
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu@imagepath \systemroot\system32\drivers\SKYNETkcxisymi.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main@aid 10096
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main@sid 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main@cmddelay 14400
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main\injector
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\main\tasks
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETkcxisymi.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\modules@SKYNETcmd.dll \systemroot\system32\SKYNETurohhxjn.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\modules@SKYNETlog.dat \systemroot\system32\SKYNETwfhccfyp.dat
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\modules@SKYNETwsp.dll \systemroot\system32\SKYNETcahongsy.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\SKYNETedcukhhu\modules@SKYNET.dat \systemroot\system32\SKYNETsfognjjo.dat
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu@start 1
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu@type 1
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu@group file system
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu@imagepath \systemroot\system32\drivers\SKYNETkcxisymi.sys
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main@aid 10096
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main@sid 0
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main@cmddelay 14400
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main\delete (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main\injector (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main\injector@* SKYNETwsp.dll
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\main\tasks (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\modules@SKYNETrk.sys \systemroot\system32\drivers\SKYNETkcxisymi.sys
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\modules@SKYNETcmd.dll \systemroot\system32\SKYNETurohhxjn.dll
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\modules@SKYNETlog.dat \systemroot\system32\SKYNETwfhccfyp.dat
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\modules@SKYNETwsp.dll \systemroot\system32\SKYNETcahongsy.dll
Reg HKLM\SYSTEM\ControlSet002\Services\SKYNETedcukhhu\modules@SKYNET.dat \systemroot\system32\SKYNETsfognjjo.dat
---- EOF - GMER 1.0.15 ----
Sorry for the delay, the GMER took awhile to run, it is posted now. Thank you for your assistance!!
Information
REMOVE P2P PROGRAMS
IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
LimeWire
Please read the Guidelines for P2P Programs (http://forums.spybot.info/showpost.php?p=218503&postcount=4) where we explain why it's not a good idea to have them.
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected.
The bad guys use P2P filesharing as a major conduit to spread their wares.
Go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red) NOW.
----------------------------------------------------------------------------------------
Step 1
Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware
and Launch Malwarebytes' Anti-Malware
then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
If requested, please reboot
If you accidently close it, the log file is saved here and will be named like this:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
----------------------------------------------------------------------------------------
Step 2
Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:
Bleeping Computer ComboFix Tutorial (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log to post in your next reply
Re-enable all the programs that were disabled during the running of ComboFix..
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper
For instructions on how to disable your security programs, please see this topic
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs (http://www.bleepingcomputer.com/forums/topic114351.html)
----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
MalwareBytes Log
Combofix Log
How are things running now ?
---------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------
Additional Notes
Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Adobe Reader is a large program and uses unnecessary space.
If you prefer a smaller program you can get Foxit 3.0 from http://www.foxitsoftware.com/pdf/rd_intro.php << Recommended
There is a newer version of Adobe Acrobat Reader available.
Please go to this link Adobe Acrobat Reader Download Link (http://www.adobe.com/products/acrobat/readstep2.html)
Click Download
On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
Click the Continue button
Click Run, and click Run again
Next click the Install Now button and follow the on screen prompts
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please download Java SE Runtime Environment (JRE) (http://java.sun.com/javase/downloads/index.jsp). ( don't install it yet )
Scroll down to where it says "Java SE Runtime Environment (JRE)".
Click the "Download" button to the right.
Platform = Windows Language = Multi Language
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Now download JavaRa (http://sourceforge.net/project/downloading.php?groupname=javara&filename=JavaRa.zip&use_mirror=osdn) and unzip it to your desktop.
***Please close any instances of Internet Explorer (or other web browser) before continuing!***
Double-click on JavaRa.exe to start the program.
From the drop-down menu, choose English and click on Select.
JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
A logfile will pop up. Please save it to a convenient location.
Now install the Java SE Runtime Environment (JRE) package you downloaded
(it comes with a toolbar pre-selected, so make sure you uncheck the box)
You can delete JavaRa (zip and exe)
ComboFix 09-08-10.06 - Administrator 08/17/2009 9:06.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1367 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090816-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-2781302721-2463893561-739825237-500
c:\windows\COUPON~1.OCX
c:\windows\CouponPrinter.ocx
c:\windows\system32\logon.exe
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\lowsec\user.ds.lll
c:\windows\system32\SKYNETsfognjjo.dat
c:\windows\system32\SKYNETurohhxjn.dll
c:\windows\system32\SKYNETwfhccfyp.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SKYNETEDCUKHHU
-------\Service_SKYNETedcukhhu
((((((((((((((((((((((((( Files Created from 2009-07-17 to 2009-08-17 )))))))))))))))))))))))))))))))
.
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-08-17 14:56 . 2009-08-03 19:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 14:56 . 2009-08-03 19:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-16 15:30 . 2009-08-16 15:34 -------- d-----w- C:\rsit
2009-08-13 17:48 . 2009-08-13 17:48 -------- d-----w- c:\program files\Trend Micro
2009-08-13 17:29 . 2009-08-13 17:29 94493460 ----a-w- C:\regbackup.reg
2009-08-13 16:55 . 2009-08-13 16:55 16 ----a-w- c:\windows\system32\drivers\ZuneBusEnum.exe.sys
2009-08-13 16:20 . 2009-08-13 17:07 -------- d-----w- c:\documents and settings\Administrator\.housecall6.6
2009-08-13 16:02 . 2009-08-13 16:02 16 ----a-w- c:\windows\system32\drivers\sessionstore-1..sys
2009-08-13 15:44 . 2009-08-13 15:44 16 ----a-w- c:\windows\system32\drivers\History.IE5.sys
2009-08-13 15:41 . 2009-08-13 16:20 16 ----a-w- c:\windows\system32\drivers\Aavm4h.dll.sys
2009-08-13 15:37 . 2009-08-13 16:19 16 ----a-w- c:\windows\system32\drivers\zllictbl.dat.sys
2009-08-12 14:04 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-10 20:41 . 2008-08-14 10:04 138496 ------w- c:\windows\system32\dllcache\afd.sys
2009-08-10 06:03 . 2009-08-10 06:03 -------- d-----w- c:\program files\AskBarDis
2009-08-10 06:02 . 2009-02-16 06:10 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2009-08-10 06:00 . 2009-08-10 06:00 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- c:\program files\MSBuild
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- c:\program files\Reference Assemblies
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- C:\ddd1fcc9e2fae00c404e3e3bb27d
2009-08-10 05:59 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-10 05:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-10 05:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-10 05:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-10 05:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-10 05:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-10 05:59 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-10 04:20 . 2009-08-13 16:38 16 ----a-w- c:\windows\system32\drivers\.sys
2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-17 15:12 . 2008-10-04 01:22 1295234 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-08-10 06:02 . 2006-12-30 19:40 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-10 05:20 . 2008-07-09 01:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-10 04:19 . 2009-08-16 15:17 69632 ----a-w- c:\windows\system32\drivers\trz37D.tmp
2009-08-05 09:01 . 2004-08-04 08:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2004-08-04 08:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 05:30 . 2009-07-15 05:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-15 05:29 . 2009-07-15 05:29 -------- d-----w- c:\program files\Yahoo! Games
2009-07-14 05:43 . 2004-08-04 08:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 19:01 . 2007-03-24 15:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\IMVU
2009-06-29 16:12 . 2004-08-04 08:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2004-08-04 08:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-25 08:25 . 2004-08-04 08:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2004-08-04 08:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-04 08:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2004-08-04 08:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2004-08-04 08:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2004-08-04 08:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-04 08:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-23 19:13 . 2009-06-23 19:04 -------- d-----w- c:\documents and settings\Administrator\Application Data\W Photo Studio Viewer
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2009-06-18 18:34 . 2009-06-18 18:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-06-18 18:30 . 2009-06-18 18:27 -------- d-----w- c:\program files\Zune
2009-06-18 18:29 . 2009-06-18 18:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2009-06-18 18:29 . 2009-06-18 18:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-16 14:36 . 2004-08-04 08:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-08-04 08:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2004-08-04 08:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2004-08-04 08:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 15:19 . 2004-08-04 08:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2004-08-04 08:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2004-08-04 08:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2004-08-04 08:00 1291264 ----a-w- c:\windows\system32\quartz.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-17 00:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-01-05 344064]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2005-07-23 176128]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-24 233472]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-12-12 157312]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"ASKService"=2 (0x2)
"aawservice"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/8/2008 7:37 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/8/2008 7:37 PM 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7/13/2008 10:23 AM 222456]
S1 0005c497.sys;0005c497.sys;\??\c:\windows\System32\drivers\0005c497.sys --> c:\windows\System32\drivers\0005c497.sys [?]
S1 006dc4ff.sys;006dc4ff.sys;\??\c:\windows\System32\drivers\006dc4ff.sys --> c:\windows\System32\drivers\006dc4ff.sys [?]
S1 00b5bd3f.sys;00b5bd3f.sys;\??\c:\windows\System32\drivers\00b5bd3f.sys --> c:\windows\System32\drivers\00b5bd3f.sys [?]
S1 00c8bd52.sys;00c8bd52.sys;\??\c:\windows\System32\drivers\00c8bd52.sys --> c:\windows\System32\drivers\00c8bd52.sys [?]
S1 00d3c565.sys;00d3c565.sys;\??\c:\windows\System32\drivers\00d3c565.sys --> c:\windows\System32\drivers\00d3c565.sys [?]
S1 016dbdf7.sys;016dbdf7.sys;\??\c:\windows\System32\drivers\016dbdf7.sys --> c:\windows\System32\drivers\016dbdf7.sys [?]
S1 029266be.sys;029266be.sys;\??\c:\windows\System32\drivers\029266be.sys --> c:\windows\System32\drivers\029266be.sys [?]
S1 030ec7a0.sys;030ec7a0.sys;\??\c:\windows\System32\drivers\030ec7a0.sys --> c:\windows\System32\drivers\030ec7a0.sys [?]
S1 0366c7f8.sys;0366c7f8.sys;\??\c:\windows\System32\drivers\0366c7f8.sys --> c:\windows\System32\drivers\0366c7f8.sys [?]
S1 03b0c842.sys;03b0c842.sys;\??\c:\windows\System32\drivers\03b0c842.sys --> c:\windows\System32\drivers\03b0c842.sys [?]
S1 0427c0b1.sys;0427c0b1.sys;\??\c:\windows\System32\drivers\0427c0b1.sys --> c:\windows\System32\drivers\0427c0b1.sys [?]
S1 053ec1c7.sys;053ec1c7.sys;\??\c:\windows\System32\drivers\053ec1c7.sys --> c:\windows\System32\drivers\053ec1c7.sys [?]
S1 058e227e.sys;058e227e.sys;\??\c:\windows\System32\drivers\058e227e.sys --> c:\windows\System32\drivers\058e227e.sys [?]
S1 0629c2b2.sys;0629c2b2.sys;\??\c:\windows\System32\drivers\0629c2b2.sys --> c:\windows\System32\drivers\0629c2b2.sys [?]
S1 06f66b22.sys;06f66b22.sys;\??\c:\windows\System32\drivers\06f66b22.sys --> c:\windows\System32\drivers\06f66b22.sys [?]
S1 06fdc387.sys;06fdc387.sys;\??\c:\windows\System32\drivers\06fdc387.sys --> c:\windows\System32\drivers\06fdc387.sys [?]
S1 0761cbf3.sys;0761cbf3.sys;\??\c:\windows\System32\drivers\0761cbf3.sys --> c:\windows\System32\drivers\0761cbf3.sys [?]
S1 07a6c430.sys;07a6c430.sys;\??\c:\windows\System32\drivers\07a6c430.sys --> c:\windows\System32\drivers\07a6c430.sys [?]
S1 0908c591.sys;0908c591.sys;\??\c:\windows\System32\drivers\0908c591.sys --> c:\windows\System32\drivers\0908c591.sys [?]
S1 0a05c68f.sys;0a05c68f.sys;\??\c:\windows\System32\drivers\0a05c68f.sys --> c:\windows\System32\drivers\0a05c68f.sys [?]
S1 0a13cea5.sys;0a13cea5.sys;\??\c:\windows\System32\drivers\0a13cea5.sys --> c:\windows\System32\drivers\0a13cea5.sys [?]
S1 0af35dfd.sys;0af35dfd.sys;\??\c:\windows\System32\drivers\0af35dfd.sys --> c:\windows\System32\drivers\0af35dfd.sys [?]
S1 0b2ecfc0.sys;0b2ecfc0.sys;\??\c:\windows\System32\drivers\0b2ecfc0.sys --> c:\windows\System32\drivers\0b2ecfc0.sys [?]
S1 0c6fc8f9.sys;0c6fc8f9.sys;\??\c:\windows\System32\drivers\0c6fc8f9.sys --> c:\windows\System32\drivers\0c6fc8f9.sys [?]
S1 0c86c90f.sys;0c86c90f.sys;\??\c:\windows\System32\drivers\0c86c90f.sys --> c:\windows\System32\drivers\0c86c90f.sys [?]
S1 0c8ad11c.sys;0c8ad11c.sys;\??\c:\windows\System32\drivers\0c8ad11c.sys --> c:\windows\System32\drivers\0c8ad11c.sys [?]
S1 0cf57121.sys;0cf57121.sys;\??\c:\windows\System32\drivers\0cf57121.sys --> c:\windows\System32\drivers\0cf57121.sys [?]
S1 0d577183.sys;0d577183.sys;\??\c:\windows\System32\drivers\0d577183.sys --> c:\windows\System32\drivers\0d577183.sys [?]
S1 0d8d71b9.sys;0d8d71b9.sys;\??\c:\windows\System32\drivers\0d8d71b9.sys --> c:\windows\System32\drivers\0d8d71b9.sys [?]
S1 0e32cabb.sys;0e32cabb.sys;\??\c:\windows\System32\drivers\0e32cabb.sys --> c:\windows\System32\drivers\0e32cabb.sys [?]
S1 0e77d309.sys;0e77d309.sys;\??\c:\windows\System32\drivers\0e77d309.sys --> c:\windows\System32\drivers\0e77d309.sys [?]
S1 0e98cb22.sys;0e98cb22.sys;\??\c:\windows\System32\drivers\0e98cb22.sys --> c:\windows\System32\drivers\0e98cb22.sys [?]
S1 0ebbcb45.sys;0ebbcb45.sys;\??\c:\windows\System32\drivers\0ebbcb45.sys --> c:\windows\System32\drivers\0ebbcb45.sys [?]
S1 0f25cbaf.sys;0f25cbaf.sys;\??\c:\windows\System32\drivers\0f25cbaf.sys --> c:\windows\System32\drivers\0f25cbaf.sys [?]
S1 0fe8cc72.sys;0fe8cc72.sys;\??\c:\windows\System32\drivers\0fe8cc72.sys --> c:\windows\System32\drivers\0fe8cc72.sys [?]
S1 1004cc8d.sys;1004cc8d.sys;\??\c:\windows\System32\drivers\1004cc8d.sys --> c:\windows\System32\drivers\1004cc8d.sys [?]
S1 1124d5b6.sys;1124d5b6.sys;\??\c:\windows\System32\drivers\1124d5b6.sys --> c:\windows\System32\drivers\1124d5b6.sys [?]
S1 11a1ce2b.sys;11a1ce2b.sys;\??\c:\windows\System32\drivers\11a1ce2b.sys --> c:\windows\System32\drivers\11a1ce2b.sys [?]
S1 11e2d674.sys;11e2d674.sys;\??\c:\windows\System32\drivers\11e2d674.sys --> c:\windows\System32\drivers\11e2d674.sys [?]
S1 13a5d02e.sys;13a5d02e.sys;\??\c:\windows\System32\drivers\13a5d02e.sys --> c:\windows\System32\drivers\13a5d02e.sys [?]
S1 1428d8ba.sys;1428d8ba.sys;\??\c:\windows\System32\drivers\1428d8ba.sys --> c:\windows\System32\drivers\1428d8ba.sys [?]
S1 147d78aa.sys;147d78aa.sys;\??\c:\windows\System32\drivers\147d78aa.sys --> c:\windows\System32\drivers\147d78aa.sys [?]
S1 1552d9e5.sys;1552d9e5.sys;\??\c:\windows\System32\drivers\1552d9e5.sys --> c:\windows\System32\drivers\1552d9e5.sys [?]
S1 15cfd258.sys;15cfd258.sys;\??\c:\windows\System32\drivers\15cfd258.sys --> c:\windows\System32\drivers\15cfd258.sys [?]
S1 16b2d33c.sys;16b2d33c.sys;\??\c:\windows\System32\drivers\16b2d33c.sys --> c:\windows\System32\drivers\16b2d33c.sys [?]
S1 17db7c07.sys;17db7c07.sys;\??\c:\windows\System32\drivers\17db7c07.sys --> c:\windows\System32\drivers\17db7c07.sys [?]
S1 180dd497.sys;180dd497.sys;\??\c:\windows\System32\drivers\180dd497.sys --> c:\windows\System32\drivers\180dd497.sys [?]
S1 182dd4b6.sys;182dd4b6.sys;\??\c:\windows\System32\drivers\182dd4b6.sys --> c:\windows\System32\drivers\182dd4b6.sys [?]
S1 18391c00.sys;18391c00.sys;\??\c:\windows\System32\drivers\18391c00.sys --> c:\windows\System32\drivers\18391c00.sys [?]
S1 189ed528.sys;189ed528.sys;\??\c:\windows\System32\drivers\189ed528.sys --> c:\windows\System32\drivers\189ed528.sys [?]
S1 19b87de4.sys;19b87de4.sys;\??\c:\windows\System32\drivers\19b87de4.sys --> c:\windows\System32\drivers\19b87de4.sys [?]
S1 1a77df09.sys;1a77df09.sys;\??\c:\windows\System32\drivers\1a77df09.sys --> c:\windows\System32\drivers\1a77df09.sys [?]
S1 1a8cd715.sys;1a8cd715.sys;\??\c:\windows\System32\drivers\1a8cd715.sys --> c:\windows\System32\drivers\1a8cd715.sys [?]
S1 1a93df25.sys;1a93df25.sys;\??\c:\windows\System32\drivers\1a93df25.sys --> c:\windows\System32\drivers\1a93df25.sys [?]
S1 1b587f84.sys;1b587f84.sys;\??\c:\windows\System32\drivers\1b587f84.sys --> c:\windows\System32\drivers\1b587f84.sys [?]
S1 1e3e826a.sys;1e3e826a.sys;\??\c:\windows\System32\drivers\1e3e826a.sys --> c:\windows\System32\drivers\1e3e826a.sys [?]
S1 1e88db11.sys;1e88db11.sys;\??\c:\windows\System32\drivers\1e88db11.sys --> c:\windows\System32\drivers\1e88db11.sys [?]
S1 1f7a83a6.sys;1f7a83a6.sys;\??\c:\windows\System32\drivers\1f7a83a6.sys --> c:\windows\System32\drivers\1f7a83a6.sys [?]
S1 2028dcb2.sys;2028dcb2.sys;\??\c:\windows\System32\drivers\2028dcb2.sys --> c:\windows\System32\drivers\2028dcb2.sys [?]
S1 212d855a.sys;212d855a.sys;\??\c:\windows\System32\drivers\212d855a.sys --> c:\windows\System32\drivers\212d855a.sys [?]
S1 2257e6e9.sys;2257e6e9.sys;\??\c:\windows\System32\drivers\2257e6e9.sys --> c:\windows\System32\drivers\2257e6e9.sys [?]
S1 229edf28.sys;229edf28.sys;\??\c:\windows\System32\drivers\229edf28.sys --> c:\windows\System32\drivers\229edf28.sys [?]
S1 22d5df5e.sys;22d5df5e.sys;\??\c:\windows\System32\drivers\22d5df5e.sys --> c:\windows\System32\drivers\22d5df5e.sys [?]
S1 22f5e787.sys;22f5e787.sys;\??\c:\windows\System32\drivers\22f5e787.sys --> c:\windows\System32\drivers\22f5e787.sys [?]
S1 2425e0af.sys;2425e0af.sys;\??\c:\windows\System32\drivers\2425e0af.sys --> c:\windows\System32\drivers\2425e0af.sys [?]
S1 262deac0.sys;262deac0.sys;\??\c:\windows\System32\drivers\262deac0.sys --> c:\windows\System32\drivers\262deac0.sys [?]
S1 269ceb2e.sys;269ceb2e.sys;\??\c:\windows\System32\drivers\269ceb2e.sys --> c:\windows\System32\drivers\269ceb2e.sys [?]
S1 27b4e43e.sys;27b4e43e.sys;\??\c:\windows\System32\drivers\27b4e43e.sys --> c:\windows\System32\drivers\27b4e43e.sys [?]
S1 28388c64.sys;28388c64.sys;\??\c:\windows\System32\drivers\28388c64.sys --> c:\windows\System32\drivers\28388c64.sys [?]
S1 28afe538.sys;28afe538.sys;\??\c:\windows\System32\drivers\28afe538.sys --> c:\windows\System32\drivers\28afe538.sys [?]
S1 290feda1.sys;290feda1.sys;\??\c:\windows\System32\drivers\290feda1.sys --> c:\windows\System32\drivers\290feda1.sys [?]
S1 29f2e67b.sys;29f2e67b.sys;\??\c:\windows\System32\drivers\29f2e67b.sys --> c:\windows\System32\drivers\29f2e67b.sys [?]
S1 2a0fe699.sys;2a0fe699.sys;\??\c:\windows\System32\drivers\2a0fe699.sys --> c:\windows\System32\drivers\2a0fe699.sys [?]
S1 2b85f017.sys;2b85f017.sys;\??\c:\windows\System32\drivers\2b85f017.sys --> c:\windows\System32\drivers\2b85f017.sys [?]
S1 2c60f0f2.sys;2c60f0f2.sys;\??\c:\windows\System32\drivers\2c60f0f2.sys --> c:\windows\System32\drivers\2c60f0f2.sys [?]
S1 2dbbea44.sys;2dbbea44.sys;\??\c:\windows\System32\drivers\2dbbea44.sys --> c:\windows\System32\drivers\2dbbea44.sys [?]
S1 2e00f292.sys;2e00f292.sys;\??\c:\windows\System32\drivers\2e00f292.sys --> c:\windows\System32\drivers\2e00f292.sys [?]
S1 2e19f2ab.sys;2e19f2ab.sys;\??\c:\windows\System32\drivers\2e19f2ab.sys --> c:\windows\System32\drivers\2e19f2ab.sys [?]
S1 2ee2eb6c.sys;2ee2eb6c.sys;\??\c:\windows\System32\drivers\2ee2eb6c.sys --> c:\windows\System32\drivers\2ee2eb6c.sys [?]
S1 2f9aec24.sys;2f9aec24.sys;\??\c:\windows\System32\drivers\2f9aec24.sys --> c:\windows\System32\drivers\2f9aec24.sys [?]
S1 31559581.sys;31559581.sys;\??\c:\windows\System32\drivers\31559581.sys --> c:\windows\System32\drivers\31559581.sys [?]
S1 31f0f682.sys;31f0f682.sys;\??\c:\windows\System32\drivers\31f0f682.sys --> c:\windows\System32\drivers\31f0f682.sys [?]
S1 324feed9.sys;324feed9.sys;\??\c:\windows\System32\drivers\324feed9.sys --> c:\windows\System32\drivers\324feed9.sys [?]
S1 33449771.sys;33449771.sys;\??\c:\windows\System32\drivers\33449771.sys --> c:\windows\System32\drivers\33449771.sys [?]
S1 3361efea.sys;3361efea.sys;\??\c:\windows\System32\drivers\3361efea.sys --> c:\windows\System32\drivers\3361efea.sys [?]
S1 3369f7fb.sys;3369f7fb.sys;\??\c:\windows\System32\drivers\3369f7fb.sys --> c:\windows\System32\drivers\3369f7fb.sys [?]
S1 33aff039.sys;33aff039.sys;\??\c:\windows\System32\drivers\33aff039.sys --> c:\windows\System32\drivers\33aff039.sys [?]
S1 3471f0fa.sys;3471f0fa.sys;\??\c:\windows\System32\drivers\3471f0fa.sys --> c:\windows\System32\drivers\3471f0fa.sys [?]
S1 3485f10e.sys;3485f10e.sys;\??\c:\windows\System32\drivers\3485f10e.sys --> c:\windows\System32\drivers\3485f10e.sys [?]
S1 35d3f25d.sys;35d3f25d.sys;\??\c:\windows\System32\drivers\35d3f25d.sys --> c:\windows\System32\drivers\35d3f25d.sys [?]
S1 35f1f27b.sys;35f1f27b.sys;\??\c:\windows\System32\drivers\35f1f27b.sys --> c:\windows\System32\drivers\35f1f27b.sys [?]
S1 3736f3c0.sys;3736f3c0.sys;\??\c:\windows\System32\drivers\3736f3c0.sys --> c:\windows\System32\drivers\3736f3c0.sys [?]
S1 3785f40e.sys;3785f40e.sys;\??\c:\windows\System32\drivers\3785f40e.sys --> c:\windows\System32\drivers\3785f40e.sys [?]
S1 37d6f45f.sys;37d6f45f.sys;\??\c:\windows\System32\drivers\37d6f45f.sys --> c:\windows\System32\drivers\37d6f45f.sys [?]
S1 3808f491.sys;3808f491.sys;\??\c:\windows\System32\drivers\3808f491.sys --> c:\windows\System32\drivers\3808f491.sys [?]
S1 3877fd09.sys;3877fd09.sys;\??\c:\windows\System32\drivers\3877fd09.sys --> c:\windows\System32\drivers\3877fd09.sys [?]
S1 38d0f559.sys;38d0f559.sys;\??\c:\windows\System32\drivers\38d0f559.sys --> c:\windows\System32\drivers\38d0f559.sys [?]
S1 3904f58d.sys;3904f58d.sys;\??\c:\windows\System32\drivers\3904f58d.sys --> c:\windows\System32\drivers\3904f58d.sys [?]
S1 391ef5a8.sys;391ef5a8.sys;\??\c:\windows\System32\drivers\391ef5a8.sys --> c:\windows\System32\drivers\391ef5a8.sys [?]
S1 39c9f653.sys;39c9f653.sys;\??\c:\windows\System32\drivers\39c9f653.sys --> c:\windows\System32\drivers\39c9f653.sys [?]
S1 3ad2ff64.sys;3ad2ff64.sys;\??\c:\windows\System32\drivers\3ad2ff64.sys --> c:\windows\System32\drivers\3ad2ff64.sys [?]
S1 3b2fffc1.sys;3b2fffc1.sys;\??\c:\windows\System32\drivers\3b2fffc1.sys --> c:\windows\System32\drivers\3b2fffc1.sys [?]
S1 3bdbf865.sys;3bdbf865.sys;\??\c:\windows\System32\drivers\3bdbf865.sys --> c:\windows\System32\drivers\3bdbf865.sys [?]
S1 3be6a013.sys;3be6a013.sys;\??\c:\windows\System32\drivers\3be6a013.sys --> c:\windows\System32\drivers\3be6a013.sys [?]
S1 3e2102b4.sys;3e2102b4.sys;\??\c:\windows\System32\drivers\3e2102b4.sys --> c:\windows\System32\drivers\3e2102b4.sys [?]
S1 3fc9a3f5.sys;3fc9a3f5.sys;\??\c:\windows\System32\drivers\3fc9a3f5.sys --> c:\windows\System32\drivers\3fc9a3f5.sys [?]
S1 4015a442.sys;4015a442.sys;\??\c:\windows\System32\drivers\4015a442.sys --> c:\windows\System32\drivers\4015a442.sys [?]
S1 4086fd10.sys;4086fd10.sys;\??\c:\windows\System32\drivers\4086fd10.sys --> c:\windows\System32\drivers\4086fd10.sys [?]
S1 424fa67c.sys;424fa67c.sys;\??\c:\windows\System32\drivers\424fa67c.sys --> c:\windows\System32\drivers\424fa67c.sys [?]
S1 4329ffb2.sys;4329ffb2.sys;\??\c:\windows\System32\drivers\4329ffb2.sys --> c:\windows\System32\drivers\4329ffb2.sys [?]
S1 43d70062.sys;43d70062.sys;\??\c:\windows\System32\drivers\43d70062.sys --> c:\windows\System32\drivers\43d70062.sys [?]
S1 43fa0085.sys;43fa0085.sys;\??\c:\windows\System32\drivers\43fa0085.sys --> c:\windows\System32\drivers\43fa0085.sys [?]
S1 446900f3.sys;446900f3.sys;\??\c:\windows\System32\drivers\446900f3.sys --> c:\windows\System32\drivers\446900f3.sys [?]
S1 46b60b49.sys;46b60b49.sys;\??\c:\windows\System32\drivers\46b60b49.sys --> c:\windows\System32\drivers\46b60b49.sys [?]
S1 485a04e5.sys;485a04e5.sys;\??\c:\windows\System32\drivers\485a04e5.sys --> c:\windows\System32\drivers\485a04e5.sys [?]
S1 48f50d88.sys;48f50d88.sys;\??\c:\windows\System32\drivers\48f50d88.sys --> c:\windows\System32\drivers\48f50d88.sys [?]
S1 494a05d5.sys;494a05d5.sys;\??\c:\windows\System32\drivers\494a05d5.sys --> c:\windows\System32\drivers\494a05d5.sys [?]
S1 49cb0e5e.sys;49cb0e5e.sys;\??\c:\windows\System32\drivers\49cb0e5e.sys --> c:\windows\System32\drivers\49cb0e5e.sys [?]
S1 4be8b014.sys;4be8b014.sys;\??\c:\windows\System32\drivers\4be8b014.sys --> c:\windows\System32\drivers\4be8b014.sys [?]
S1 4bea107d.sys;4bea107d.sys;\??\c:\windows\System32\drivers\4bea107d.sys --> c:\windows\System32\drivers\4bea107d.sys [?]
S1 4cd41167.sys;4cd41167.sys;\??\c:\windows\System32\drivers\4cd41167.sys --> c:\windows\System32\drivers\4cd41167.sys [?]
S1 4e1d12b0.sys;4e1d12b0.sys;\??\c:\windows\System32\drivers\4e1d12b0.sys --> c:\windows\System32\drivers\4e1d12b0.sys [?]
S1 4e801313.sys;4e801313.sys;\??\c:\windows\System32\drivers\4e801313.sys --> c:\windows\System32\drivers\4e801313.sys [?]
S1 4f6213f5.sys;4f6213f5.sys;\??\c:\windows\System32\drivers\4f6213f5.sys --> c:\windows\System32\drivers\4f6213f5.sys [?]
S1 507eb4aa.sys;507eb4aa.sys;\??\c:\windows\System32\drivers\507eb4aa.sys --> c:\windows\System32\drivers\507eb4aa.sys [?]
S1 50d60d60.sys;50d60d60.sys;\??\c:\windows\System32\drivers\50d60d60.sys --> c:\windows\System32\drivers\50d60d60.sys [?]
S1 51310dbb.sys;51310dbb.sys;\??\c:\windows\System32\drivers\51310dbb.sys --> c:\windows\System32\drivers\51310dbb.sys [?]
S1 51741607.sys;51741607.sys;\??\c:\windows\System32\drivers\51741607.sys --> c:\windows\System32\drivers\51741607.sys [?]
S1 5208169b.sys;5208169b.sys;\??\c:\windows\System32\drivers\5208169b.sys --> c:\windows\System32\drivers\5208169b.sys [?]
S1 52d80f63.sys;52d80f63.sys;\??\c:\windows\System32\drivers\52d80f63.sys --> c:\windows\System32\drivers\52d80f63.sys [?]
S1 52e70f72.sys;52e70f72.sys;\??\c:\windows\System32\drivers\52e70f72.sys --> c:\windows\System32\drivers\52e70f72.sys [?]
S1 540cb838.sys;540cb838.sys;\??\c:\windows\System32\drivers\540cb838.sys --> c:\windows\System32\drivers\540cb838.sys [?]
S1 545218e6.sys;545218e6.sys;\??\c:\windows\System32\drivers\545218e6.sys --> c:\windows\System32\drivers\545218e6.sys [?]
S1 545f18f2.sys;545f18f2.sys;\??\c:\windows\System32\drivers\545f18f2.sys --> c:\windows\System32\drivers\545f18f2.sys [?]
S1 554411cf.sys;554411cf.sys;\??\c:\windows\System32\drivers\554411cf.sys --> c:\windows\System32\drivers\554411cf.sys [?]
S1 577313fe.sys;577313fe.sys;\??\c:\windows\System32\drivers\577313fe.sys --> c:\windows\System32\drivers\577313fe.sys [?]
S1 580b1c9e.sys;580b1c9e.sys;\??\c:\windows\System32\drivers\580b1c9e.sys --> c:\windows\System32\drivers\580b1c9e.sys [?]
S1 58eb1d7e.sys;58eb1d7e.sys;\??\c:\windows\System32\drivers\58eb1d7e.sys --> c:\windows\System32\drivers\58eb1d7e.sys [?]
S1 58f8bd24.sys;58f8bd24.sys;\??\c:\windows\System32\drivers\58f8bd24.sys --> c:\windows\System32\drivers\58f8bd24.sys [?]
S1 5ac61750.sys;5ac61750.sys;\??\c:\windows\System32\drivers\5ac61750.sys --> c:\windows\System32\drivers\5ac61750.sys [?]
S1 5b211fb4.sys;5b211fb4.sys;\??\c:\windows\System32\drivers\5b211fb4.sys --> c:\windows\System32\drivers\5b211fb4.sys [?]
S1 5b44bf70.sys;5b44bf70.sys;\??\c:\windows\System32\drivers\5b44bf70.sys --> c:\windows\System32\drivers\5b44bf70.sys [?]
S1 5dcd2260.sys;5dcd2260.sys;\??\c:\windows\System32\drivers\5dcd2260.sys --> c:\windows\System32\drivers\5dcd2260.sys [?]
S1 5e1f1aa9.sys;5e1f1aa9.sys;\??\c:\windows\System32\drivers\5e1f1aa9.sys --> c:\windows\System32\drivers\5e1f1aa9.sys [?]
S1 5e44c271.sys;5e44c271.sys;\??\c:\windows\System32\drivers\5e44c271.sys --> c:\windows\System32\drivers\5e44c271.sys [?]
S1 5eff1b8a.sys;5eff1b8a.sys;\??\c:\windows\System32\drivers\5eff1b8a.sys --> c:\windows\System32\drivers\5eff1b8a.sys [?]
S1 61481dd3.sys;61481dd3.sys;\??\c:\windows\System32\drivers\61481dd3.sys --> c:\windows\System32\drivers\61481dd3.sys [?]
S1 61dc266f.sys;61dc266f.sys;\??\c:\windows\System32\drivers\61dc266f.sys --> c:\windows\System32\drivers\61dc266f.sys [?]
S1 61f42687.sys;61f42687.sys;\??\c:\windows\System32\drivers\61f42687.sys --> c:\windows\System32\drivers\61f42687.sys [?]
S1 62931f1e.sys;62931f1e.sys;\??\c:\windows\System32\drivers\62931f1e.sys --> c:\windows\System32\drivers\62931f1e.sys [?]
S1 631327a6.sys;631327a6.sys;\??\c:\windows\System32\drivers\631327a6.sys --> c:\windows\System32\drivers\631327a6.sys [?]
S1 635427e7.sys;635427e7.sys;\??\c:\windows\System32\drivers\635427e7.sys --> c:\windows\System32\drivers\635427e7.sys [?]
S1 63b0c7dc.sys;63b0c7dc.sys;\??\c:\windows\System32\drivers\63b0c7dc.sys --> c:\windows\System32\drivers\63b0c7dc.sys [?]
S1 63df2872.sys;63df2872.sys;\??\c:\windows\System32\drivers\63df2872.sys --> c:\windows\System32\drivers\63df2872.sys [?]
S1 64862919.sys;64862919.sys;\??\c:\windows\System32\drivers\64862919.sys --> c:\windows\System32\drivers\64862919.sys [?]
S1 65772a0a.sys;65772a0a.sys;\??\c:\windows\System32\drivers\65772a0a.sys --> c:\windows\System32\drivers\65772a0a.sys [?]
S1 6643ca6f.sys;6643ca6f.sys;\??\c:\windows\System32\drivers\6643ca6f.sys --> c:\windows\System32\drivers\6643ca6f.sys [?]
S1 6687cab3.sys;6687cab3.sys;\??\c:\windows\System32\drivers\6687cab3.sys --> c:\windows\System32\drivers\6687cab3.sys [?]
S1 66e52370.sys;66e52370.sys;\??\c:\windows\System32\drivers\66e52370.sys --> c:\windows\System32\drivers\66e52370.sys [?]
S1 6701238c.sys;6701238c.sys;\??\c:\windows\System32\drivers\6701238c.sys --> c:\windows\System32\drivers\6701238c.sys [?]
S1 675a23e5.sys;675a23e5.sys;\??\c:\windows\System32\drivers\675a23e5.sys --> c:\windows\System32\drivers\675a23e5.sys [?]
S1 67742c07.sys;67742c07.sys;\??\c:\windows\System32\drivers\67742c07.sys --> c:\windows\System32\drivers\67742c07.sys [?]
S1 67d12c64.sys;67d12c64.sys;\??\c:\windows\System32\drivers\67d12c64.sys --> c:\windows\System32\drivers\67d12c64.sys [?]
S1 68ea2574.sys;68ea2574.sys;\??\c:\windows\System32\drivers\68ea2574.sys --> c:\windows\System32\drivers\68ea2574.sys [?]
S1 691825a3.sys;691825a3.sys;\??\c:\windows\System32\drivers\691825a3.sys --> c:\windows\System32\drivers\691825a3.sys [?]
S1 695a25e5.sys;695a25e5.sys;\??\c:\windows\System32\drivers\695a25e5.sys --> c:\windows\System32\drivers\695a25e5.sys [?]
S1 69a92634.sys;69a92634.sys;\??\c:\windows\System32\drivers\69a92634.sys --> c:\windows\System32\drivers\69a92634.sys [?]
S1 6b5a27e5.sys;6b5a27e5.sys;\??\c:\windows\System32\drivers\6b5a27e5.sys --> c:\windows\System32\drivers\6b5a27e5.sys [?]
S1 6c4830db.sys;6c4830db.sys;\??\c:\windows\System32\drivers\6c4830db.sys --> c:\windows\System32\drivers\6c4830db.sys [?]
S1 6c4a30dd.sys;6c4a30dd.sys;\??\c:\windows\System32\drivers\6c4a30dd.sys --> c:\windows\System32\drivers\6c4a30dd.sys [?]
S1 6cad2937.sys;6cad2937.sys;\??\c:\windows\System32\drivers\6cad2937.sys --> c:\windows\System32\drivers\6cad2937.sys [?]
S1 6d6729f1.sys;6d6729f1.sys;\??\c:\windows\System32\drivers\6d6729f1.sys --> c:\windows\System32\drivers\6d6729f1.sys [?]
S1 6e6a2af5.sys;6e6a2af5.sys;\??\c:\windows\System32\drivers\6e6a2af5.sys --> c:\windows\System32\drivers\6e6a2af5.sys [?]
S1 6e8b2b16.sys;6e8b2b16.sys;\??\c:\windows\System32\drivers\6e8b2b16.sys --> c:\windows\System32\drivers\6e8b2b16.sys [?]
S1 6f0e33a1.sys;6f0e33a1.sys;\??\c:\windows\System32\drivers\6f0e33a1.sys --> c:\windows\System32\drivers\6f0e33a1.sys [?]
S1 6f4d33e0.sys;6f4d33e0.sys;\??\c:\windows\System32\drivers\6f4d33e0.sys --> c:\windows\System32\drivers\6f4d33e0.sys [?]
S1 70ef3582.sys;70ef3582.sys;\??\c:\windows\System32\drivers\70ef3582.sys --> c:\windows\System32\drivers\70ef3582.sys [?]
S1 71f7368b.sys;71f7368b.sys;\??\c:\windows\System32\drivers\71f7368b.sys --> c:\windows\System32\drivers\71f7368b.sys [?]
S1 72723705.sys;72723705.sys;\??\c:\windows\System32\drivers\72723705.sys --> c:\windows\System32\drivers\72723705.sys [?]
S1 73052f90.sys;73052f90.sys;\??\c:\windows\System32\drivers\73052f90.sys --> c:\windows\System32\drivers\73052f90.sys [?]
S1 732437b7.sys;732437b7.sys;\??\c:\windows\System32\drivers\732437b7.sys --> c:\windows\System32\drivers\732437b7.sys [?]
S1 7360d78d.sys;7360d78d.sys;\??\c:\windows\System32\drivers\7360d78d.sys --> c:\windows\System32\drivers\7360d78d.sys [?]
S1 73a63839.sys;73a63839.sys;\??\c:\windows\System32\drivers\73a63839.sys --> c:\windows\System32\drivers\73a63839.sys [?]
S1 74b03943.sys;74b03943.sys;\??\c:\windows\System32\drivers\74b03943.sys --> c:\windows\System32\drivers\74b03943.sys [?]
S1 75d53260.sys;75d53260.sys;\??\c:\windows\System32\drivers\75d53260.sys --> c:\windows\System32\drivers\75d53260.sys [?]
S1 761932a4.sys;761932a4.sys;\??\c:\windows\System32\drivers\761932a4.sys --> c:\windows\System32\drivers\761932a4.sys [?]
S1 76243ab7.sys;76243ab7.sys;\??\c:\windows\System32\drivers\76243ab7.sys --> c:\windows\System32\drivers\76243ab7.sys [?]
S1 762b3abe.sys;762b3abe.sys;\??\c:\windows\System32\drivers\762b3abe.sys --> c:\windows\System32\drivers\762b3abe.sys [?]
S1 763d32c7.sys;763d32c7.sys;\??\c:\windows\System32\drivers\763d32c7.sys --> c:\windows\System32\drivers\763d32c7.sys [?]
S1 76e93b7d.sys;76e93b7d.sys;\??\c:\windows\System32\drivers\76e93b7d.sys --> c:\windows\System32\drivers\76e93b7d.sys [?]
S1 77823c15.sys;77823c15.sys;\??\c:\windows\System32\drivers\77823c15.sys --> c:\windows\System32\drivers\77823c15.sys [?]
S1 77c3344d.sys;77c3344d.sys;\??\c:\windows\System32\drivers\77c3344d.sys --> c:\windows\System32\drivers\77c3344d.sys [?]
S1 79843e17.sys;79843e17.sys;\??\c:\windows\System32\drivers\79843e17.sys --> c:\windows\System32\drivers\79843e17.sys [?]
S1 7af1377c.sys;7af1377c.sys;\??\c:\windows\System32\drivers\7af1377c.sys --> c:\windows\System32\drivers\7af1377c.sys [?]
S1 7b4837d2.sys;7b4837d2.sys;\??\c:\windows\System32\drivers\7b4837d2.sys --> c:\windows\System32\drivers\7b4837d2.sys [?]
S1 7b79400c.sys;7b79400c.sys;\??\c:\windows\System32\drivers\7b79400c.sys --> c:\windows\System32\drivers\7b79400c.sys [?]
S1 7c3a38c4.sys;7c3a38c4.sys;\??\c:\windows\System32\drivers\7c3a38c4.sys --> c:\windows\System32\drivers\7c3a38c4.sys [?]
S1 7db04243.sys;7db04243.sys;\??\c:\windows\System32\drivers\7db04243.sys --> c:\windows\System32\drivers\7db04243.sys [?]
S1 7e043a8f.sys;7e043a8f.sys;\??\c:\windows\System32\drivers\7e043a8f.sys --> c:\windows\System32\drivers\7e043a8f.sys [?]
S1 7e173aa1.sys;7e173aa1.sys;\??\c:\windows\System32\drivers\7e173aa1.sys --> c:\windows\System32\drivers\7e173aa1.sys [?]
S1 7e5d42f0.sys;7e5d42f0.sys;\??\c:\windows\System32\drivers\7e5d42f0.sys --> c:\windows\System32\drivers\7e5d42f0.sys [?]
S1 7ed2e2fe.sys;7ed2e2fe.sys;\??\c:\windows\System32\drivers\7ed2e2fe.sys --> c:\windows\System32\drivers\7ed2e2fe.sys [?]
S1 81804613.sys;81804613.sys;\??\c:\windows\System32\drivers\81804613.sys --> c:\windows\System32\drivers\81804613.sys [?]
S1 83e0406a.sys;83e0406a.sys;\??\c:\windows\System32\drivers\83e0406a.sys --> c:\windows\System32\drivers\83e0406a.sys [?]
S1 840e48a2.sys;840e48a2.sys;\??\c:\windows\System32\drivers\840e48a2.sys --> c:\windows\System32\drivers\840e48a2.sys [?]
S1 842840b3.sys;842840b3.sys;\??\c:\windows\System32\drivers\842840b3.sys --> c:\windows\System32\drivers\842840b3.sys [?]
S1 845c40e6.sys;845c40e6.sys;\??\c:\windows\System32\drivers\845c40e6.sys --> c:\windows\System32\drivers\845c40e6.sys [?]
S1 846d4900.sys;846d4900.sys;\??\c:\windows\System32\drivers\846d4900.sys --> c:\windows\System32\drivers\846d4900.sys [?]
S1 85d8ea04.sys;85d8ea04.sys;\??\c:\windows\System32\drivers\85d8ea04.sys --> c:\windows\System32\drivers\85d8ea04.sys [?]
S1 863b4ace.sys;863b4ace.sys;\??\c:\windows\System32\drivers\863b4ace.sys --> c:\windows\System32\drivers\863b4ace.sys [?]
S1 8642ea6f.sys;8642ea6f.sys;\??\c:\windows\System32\drivers\8642ea6f.sys --> c:\windows\System32\drivers\8642ea6f.sys [?]
S1 86d74b6b.sys;86d74b6b.sys;\??\c:\windows\System32\drivers\86d74b6b.sys --> c:\windows\System32\drivers\86d74b6b.sys [?]
S1 874f4be2.sys;874f4be2.sys;\??\c:\windows\System32\drivers\874f4be2.sys --> c:\windows\System32\drivers\874f4be2.sys [?]
S1 87718b38.sys;87718b38.sys;\??\c:\windows\System32\drivers\87718b38.sys --> c:\windows\System32\drivers\87718b38.sys [?]
S1 87d64461.sys;87d64461.sys;\??\c:\windows\System32\drivers\87d64461.sys --> c:\windows\System32\drivers\87d64461.sys [?]
S1 880b4496.sys;880b4496.sys;\??\c:\windows\System32\drivers\880b4496.sys --> c:\windows\System32\drivers\880b4496.sys [?]
S1 88f24d85.sys;88f24d85.sys;\??\c:\windows\System32\drivers\88f24d85.sys --> c:\windows\System32\drivers\88f24d85.sys [?]
S1 890a4595.sys;890a4595.sys;\??\c:\windows\System32\drivers\890a4595.sys --> c:\windows\System32\drivers\890a4595.sys [?]
S1 894a45d4.sys;894a45d4.sys;\??\c:\windows\System32\drivers\894a45d4.sys --> c:\windows\System32\drivers\894a45d4.sys [?]
S1 8a3046ba.sys;8a3046ba.sys;\??\c:\windows\System32\drivers\8a3046ba.sys --> c:\windows\System32\drivers\8a3046ba.sys [?]
S1 8b114fa5.sys;8b114fa5.sys;\??\c:\windows\System32\drivers\8b114fa5.sys --> c:\windows\System32\drivers\8b114fa5.sys [?]
S1 8b2b47b5.sys;8b2b47b5.sys;\??\c:\windows\System32\drivers\8b2b47b5.sys --> c:\windows\System32\drivers\8b2b47b5.sys [?]
S1 8bca505d.sys;8bca505d.sys;\??\c:\windows\System32\drivers\8bca505d.sys --> c:\windows\System32\drivers\8bca505d.sys [?]
S1 8c5850eb.sys;8c5850eb.sys;\??\c:\windows\System32\drivers\8c5850eb.sys --> c:\windows\System32\drivers\8c5850eb.sys [?]
S1 8c8a4914.sys;8c8a4914.sys;\??\c:\windows\System32\drivers\8c8a4914.sys --> c:\windows\System32\drivers\8c8a4914.sys [?]
S1 8d1651a9.sys;8d1651a9.sys;\??\c:\windows\System32\drivers\8d1651a9.sys --> c:\windows\System32\drivers\8d1651a9.sys [?]
S1 8d5949e4.sys;8d5949e4.sys;\??\c:\windows\System32\drivers\8d5949e4.sys --> c:\windows\System32\drivers\8d5949e4.sys [?]
S1 8d6a51fd.sys;8d6a51fd.sys;\??\c:\windows\System32\drivers\8d6a51fd.sys --> c:\windows\System32\drivers\8d6a51fd.sys [?]
S1 8d804a0b.sys;8d804a0b.sys;\??\c:\windows\System32\drivers\8d804a0b.sys --> c:\windows\System32\drivers\8d804a0b.sys [?]
S1 8da94a34.sys;8da94a34.sys;\??\c:\windows\System32\drivers\8da94a34.sys --> c:\windows\System32\drivers\8da94a34.sys [?]
S1 8dbb524e.sys;8dbb524e.sys;\??\c:\windows\System32\drivers\8dbb524e.sys --> c:\windows\System32\drivers\8dbb524e.sys [?]
S1 8e154aa0.sys;8e154aa0.sys;\??\c:\windows\System32\drivers\8e154aa0.sys --> c:\windows\System32\drivers\8e154aa0.sys [?]
S1 8e174aa2.sys;8e174aa2.sys;\??\c:\windows\System32\drivers\8e174aa2.sys --> c:\windows\System32\drivers\8e174aa2.sys [?]
S1 8ebd4b48.sys;8ebd4b48.sys;\??\c:\windows\System32\drivers\8ebd4b48.sys --> c:\windows\System32\drivers\8ebd4b48.sys [?]
S1 8f0a539d.sys;8f0a539d.sys;\??\c:\windows\System32\drivers\8f0a539d.sys --> c:\windows\System32\drivers\8f0a539d.sys [?]
S1 914f4dda.sys;914f4dda.sys;\??\c:\windows\System32\drivers\914f4dda.sys --> c:\windows\System32\drivers\914f4dda.sys [?]
S1 915ef58a.sys;915ef58a.sys;\??\c:\windows\System32\drivers\915ef58a.sys --> c:\windows\System32\drivers\915ef58a.sys [?]
S1 916c4df7.sys;916c4df7.sys;\??\c:\windows\System32\drivers\916c4df7.sys --> c:\windows\System32\drivers\916c4df7.sys [?]
S1 91a04e2b.sys;91a04e2b.sys;\??\c:\windows\System32\drivers\91a04e2b.sys --> c:\windows\System32\drivers\91a04e2b.sys [?]
S1 9208569b.sys;9208569b.sys;\??\c:\windows\System32\drivers\9208569b.sys --> c:\windows\System32\drivers\9208569b.sys [?]
S1 923556c8.sys;923556c8.sys;\??\c:\windows\System32\drivers\923556c8.sys --> c:\windows\System32\drivers\923556c8.sys [?]
S1 929f4f2a.sys;929f4f2a.sys;\??\c:\windows\System32\drivers\929f4f2a.sys --> c:\windows\System32\drivers\929f4f2a.sys [?]
S1 9308f735.sys;9308f735.sys;\??\c:\windows\System32\drivers\9308f735.sys --> c:\windows\System32\drivers\9308f735.sys [?]
S1 933cf768.sys;933cf768.sys;\??\c:\windows\System32\drivers\933cf768.sys --> c:\windows\System32\drivers\933cf768.sys [?]
S1 935857eb.sys;935857eb.sys;\??\c:\windows\System32\drivers\935857eb.sys --> c:\windows\System32\drivers\935857eb.sys [?]
S1 93d65869.sys;93d65869.sys;\??\c:\windows\System32\drivers\93d65869.sys --> c:\windows\System32\drivers\93d65869.sys [?]
S1 948d5920.sys;948d5920.sys;\??\c:\windows\System32\drivers\948d5920.sys --> c:\windows\System32\drivers\948d5920.sys [?]
S1 969a5325.sys;969a5325.sys;\??\c:\windows\System32\drivers\969a5325.sys --> c:\windows\System32\drivers\969a5325.sys [?]
S1 974e5be1.sys;974e5be1.sys;\??\c:\windows\System32\drivers\974e5be1.sys --> c:\windows\System32\drivers\974e5be1.sys [?]
S1 981b5cae.sys;981b5cae.sys;\??\c:\windows\System32\drivers\981b5cae.sys --> c:\windows\System32\drivers\981b5cae.sys [?]
S1 98225cb5.sys;98225cb5.sys;\??\c:\windows\System32\drivers\98225cb5.sys --> c:\windows\System32\drivers\98225cb5.sys [?]
S1 986754f2.sys;986754f2.sys;\??\c:\windows\System32\drivers\986754f2.sys --> c:\windows\System32\drivers\986754f2.sys [?]
S1 98fa5d8d.sys;98fa5d8d.sys;\??\c:\windows\System32\drivers\98fa5d8d.sys --> c:\windows\System32\drivers\98fa5d8d.sys [?]
S1 9ab2fede.sys;9ab2fede.sys;\??\c:\windows\System32\drivers\9ab2fede.sys --> c:\windows\System32\drivers\9ab2fede.sys [?]
S1 9b32ff5e.sys;9b32ff5e.sys;\??\c:\windows\System32\drivers\9b32ff5e.sys --> c:\windows\System32\drivers\9b32ff5e.sys [?]
S1 9b5757e2.sys;9b5757e2.sys;\??\c:\windows\System32\drivers\9b5757e2.sys --> c:\windows\System32\drivers\9b5757e2.sys [?]
S1 9b7b600e.sys;9b7b600e.sys;\??\c:\windows\System32\drivers\9b7b600e.sys --> c:\windows\System32\drivers\9b7b600e.sys [?]
S1 9b99ffc5.sys;9b99ffc5.sys;\??\c:\windows\System32\drivers\9b99ffc5.sys --> c:\windows\System32\drivers\9b99ffc5.sys [?]
S1 9bc06054.sys;9bc06054.sys;\??\c:\windows\System32\drivers\9bc06054.sys --> c:\windows\System32\drivers\9bc06054.sys [?]
S1 9bda5864.sys;9bda5864.sys;\??\c:\windows\System32\drivers\9bda5864.sys --> c:\windows\System32\drivers\9bda5864.sys [?]
S1 9bfa608d.sys;9bfa608d.sys;\??\c:\windows\System32\drivers\9bfa608d.sys --> c:\windows\System32\drivers\9bfa608d.sys [?]
S1 9c5f58e9.sys;9c5f58e9.sys;\??\c:\windows\System32\drivers\9c5f58e9.sys --> c:\windows\System32\drivers\9c5f58e9.sys [?]
S1 9cb36146.sys;9cb36146.sys;\??\c:\windows\System32\drivers\9cb36146.sys --> c:\windows\System32\drivers\9cb36146.sys [?]
S1 9cea617d.sys;9cea617d.sys;\??\c:\windows\System32\drivers\9cea617d.sys --> c:\windows\System32\drivers\9cea617d.sys [?]
S1 9d6f59fa.sys;9d6f59fa.sys;\??\c:\windows\System32\drivers\9d6f59fa.sys --> c:\windows\System32\drivers\9d6f59fa.sys [?]
S1 9d7a620d.sys;9d7a620d.sys;\??\c:\windows\System32\drivers\9d7a620d.sys --> c:\windows\System32\drivers\9d7a620d.sys [?]
S1 9ee06373.sys;9ee06373.sys;\??\c:\windows\System32\drivers\9ee06373.sys --> c:\windows\System32\drivers\9ee06373.sys [?]
S1 9f4863dc.sys;9f4863dc.sys;\??\c:\windows\System32\drivers\9f4863dc.sys --> c:\windows\System32\drivers\9f4863dc.sys [?]
S1 a05c0489.sys;a05c0489.sys;\??\c:\windows\System32\drivers\a05c0489.sys --> c:\windows\System32\drivers\a05c0489.sys [?]
S1 a0ae6541.sys;a0ae6541.sys;\??\c:\windows\System32\drivers\a0ae6541.sys --> c:\windows\System32\drivers\a0ae6541.sys [?]
S1 a32467b7.sys;a32467b7.sys;\??\c:\windows\System32\drivers\a32467b7.sys --> c:\windows\System32\drivers\a32467b7.sys [?]
S1 a60a6295.sys;a60a6295.sys;\??\c:\windows\System32\drivers\a60a6295.sys --> c:\windows\System32\drivers\a60a6295.sys [?]
S1 a7306bc3.sys;a7306bc3.sys;\??\c:\windows\System32\drivers\a7306bc3.sys --> c:\windows\System32\drivers\a7306bc3.sys [?]
S1 a8de6569.sys;a8de6569.sys;\??\c:\windows\System32\drivers\a8de6569.sys --> c:\windows\System32\drivers\a8de6569.sys [?]
S1 abc3684e.sys;abc3684e.sys;\??\c:\windows\System32\drivers\abc3684e.sys --> c:\windows\System32\drivers\abc3684e.sys [?]
S1 ac2970bc.sys;ac2970bc.sys;\??\c:\windows\System32\drivers\ac2970bc.sys --> c:\windows\System32\drivers\ac2970bc.sys [?]
S1 acb0693b.sys;acb0693b.sys;\??\c:\windows\System32\drivers\acb0693b.sys --> c:\windows\System32\drivers\acb0693b.sys [?]
S1 adb57248.sys;adb57248.sys;\??\c:\windows\System32\drivers\adb57248.sys --> c:\windows\System32\drivers\adb57248.sys [?]
S1 adec727f.sys;adec727f.sys;\??\c:\windows\System32\drivers\adec727f.sys --> c:\windows\System32\drivers\adec727f.sys [?]
S1 aeb17344.sys;aeb17344.sys;\??\c:\windows\System32\drivers\aeb17344.sys --> c:\windows\System32\drivers\aeb17344.sys [?]
S1 aeed7380.sys;aeed7380.sys;\??\c:\windows\System32\drivers\aeed7380.sys --> c:\windows\System32\drivers\aeed7380.sys [?]
S1 af7d6c07.sys;af7d6c07.sys;\??\c:\windows\System32\drivers\af7d6c07.sys --> c:\windows\System32\drivers\af7d6c07.sys [?]
S1 afc813f5.sys;afc813f5.sys;\??\c:\windows\System32\drivers\afc813f5.sys --> c:\windows\System32\drivers\afc813f5.sys [?]
S1 b0a96d34.sys;b0a96d34.sys;\??\c:\windows\System32\drivers\b0a96d34.sys --> c:\windows\System32\drivers\b0a96d34.sys [?]
S1 b14c1579.sys;b14c1579.sys;\??\c:\windows\System32\drivers\b14c1579.sys --> c:\windows\System32\drivers\b14c1579.sys [?]
S1 b2027695.sys;b2027695.sys;\??\c:\windows\System32\drivers\b2027695.sys --> c:\windows\System32\drivers\b2027695.sys [?]
S1 b37a780d.sys;b37a780d.sys;\??\c:\windows\System32\drivers\b37a780d.sys --> c:\windows\System32\drivers\b37a780d.sys [?]
S1 b3b817e5.sys;b3b817e5.sys;\??\c:\windows\System32\drivers\b3b817e5.sys --> c:\windows\System32\drivers\b3b817e5.sys [?]
S1 b3e1706b.sys;b3e1706b.sys;\??\c:\windows\System32\drivers\b3e1706b.sys --> c:\windows\System32\drivers\b3e1706b.sys [?]
S1 b504718e.sys;b504718e.sys;\??\c:\windows\System32\drivers\b504718e.sys --> c:\windows\System32\drivers\b504718e.sys [?]
S1 b5e21a0f.sys;b5e21a0f.sys;\??\c:\windows\System32\drivers\b5e21a0f.sys --> c:\windows\System32\drivers\b5e21a0f.sys [?]
S1 b6357ac8.sys;b6357ac8.sys;\??\c:\windows\System32\drivers\b6357ac8.sys --> c:\windows\System32\drivers\b6357ac8.sys [?]
S1 b69d7327.sys;b69d7327.sys;\??\c:\windows\System32\drivers\b69d7327.sys --> c:\windows\System32\drivers\b69d7327.sys [?]
S1 b7417bd4.sys;b7417bd4.sys;\??\c:\windows\System32\drivers\b7417bd4.sys --> c:\windows\System32\drivers\b7417bd4.sys [?]
S1 b79c7427.sys;b79c7427.sys;\??\c:\windows\System32\drivers\b79c7427.sys --> c:\windows\System32\drivers\b79c7427.sys [?]
S1 b7ef7c82.sys;b7ef7c82.sys;\??\c:\windows\System32\drivers\b7ef7c82.sys --> c:\windows\System32\drivers\b7ef7c82.sys [?]
S1 b8047c98.sys;b8047c98.sys;\??\c:\windows\System32\drivers\b8047c98.sys --> c:\windows\System32\drivers\b8047c98.sys [?]
S1 b81c1c49.sys;b81c1c49.sys;\??\c:\windows\System32\drivers\b81c1c49.sys --> c:\windows\System32\drivers\b81c1c49.sys [?]
S1 b8587cec.sys;b8587cec.sys;\??\c:\windows\System32\drivers\b8587cec.sys --> c:\windows\System32\drivers\b8587cec.sys [?]
S1 b8b57d49.sys;b8b57d49.sys;\??\c:\windows\System32\drivers\b8b57d49.sys --> c:\windows\System32\drivers\b8b57d49.sys [?]
S1 b9011d2e.sys;b9011d2e.sys;\??\c:\windows\System32\drivers\b9011d2e.sys --> c:\windows\System32\drivers\b9011d2e.sys [?]
S1 b92975b4.sys;b92975b4.sys;\??\c:\windows\System32\drivers\b92975b4.sys --> c:\windows\System32\drivers\b92975b4.sys [?]
S1 ba4d7ee1.sys;ba4d7ee1.sys;\??\c:\windows\System32\drivers\ba4d7ee1.sys --> c:\windows\System32\drivers\ba4d7ee1.sys [?]
S1 bcc97953.sys;bcc97953.sys;\??\c:\windows\System32\drivers\bcc97953.sys --> c:\windows\System32\drivers\bcc97953.sys [?]
S1 bdba824d.sys;bdba824d.sys;\??\c:\windows\System32\drivers\bdba824d.sys --> c:\windows\System32\drivers\bdba824d.sys [?]
S1 bf767c01.sys;bf767c01.sys;\??\c:\windows\System32\drivers\bf767c01.sys --> c:\windows\System32\drivers\bf767c01.sys [?]
S1 bff87c82.sys;bff87c82.sys;\??\c:\windows\System32\drivers\bff87c82.sys --> c:\windows\System32\drivers\bff87c82.sys [?]
S1 c0347cbe.sys;c0347cbe.sys;\??\c:\windows\System32\drivers\c0347cbe.sys --> c:\windows\System32\drivers\c0347cbe.sys [?]
S1 c04b7cd5.sys;c04b7cd5.sys;\??\c:\windows\System32\drivers\c04b7cd5.sys --> c:\windows\System32\drivers\c04b7cd5.sys [?]
S1 c088851b.sys;c088851b.sys;\??\c:\windows\System32\drivers\c088851b.sys --> c:\windows\System32\drivers\c088851b.sys [?]
S1 c17925a7.sys;c17925a7.sys;\??\c:\windows\System32\drivers\c17925a7.sys --> c:\windows\System32\drivers\c17925a7.sys [?]
S1 c1f8868b.sys;c1f8868b.sys;\??\c:\windows\System32\drivers\c1f8868b.sys --> c:\windows\System32\drivers\c1f8868b.sys [?]
S1 c25a7ee5.sys;c25a7ee5.sys;\??\c:\windows\System32\drivers\c25a7ee5.sys --> c:\windows\System32\drivers\c25a7ee5.sys [?]
S1 c2f28785.sys;c2f28785.sys;\??\c:\windows\System32\drivers\c2f28785.sys --> c:\windows\System32\drivers\c2f28785.sys [?]
S1 c3b48847.sys;c3b48847.sys;\??\c:\windows\System32\drivers\c3b48847.sys --> c:\windows\System32\drivers\c3b48847.sys [?]
S1 c41588a8.sys;c41588a8.sys;\??\c:\windows\System32\drivers\c41588a8.sys --> c:\windows\System32\drivers\c41588a8.sys [?]
S1 c54381cd.sys;c54381cd.sys;\??\c:\windows\System32\drivers\c54381cd.sys --> c:\windows\System32\drivers\c54381cd.sys [?]
S1 c57429a1.sys;c57429a1.sys;\??\c:\windows\System32\drivers\c57429a1.sys --> c:\windows\System32\drivers\c57429a1.sys [?]
S1 c81d84a8.sys;c81d84a8.sys;\??\c:\windows\System32\drivers\c81d84a8.sys --> c:\windows\System32\drivers\c81d84a8.sys [?]
S1 c9602d8d.sys;c9602d8d.sys;\??\c:\windows\System32\drivers\c9602d8d.sys --> c:\windows\System32\drivers\c9602d8d.sys [?]
S1 c97a8e0d.sys;c97a8e0d.sys;\??\c:\windows\System32\drivers\c97a8e0d.sys --> c:\windows\System32\drivers\c97a8e0d.sys [?]
S1 c9b0863a.sys;c9b0863a.sys;\??\c:\windows\System32\drivers\c9b0863a.sys --> c:\windows\System32\drivers\c9b0863a.sys [?]
S1 c9ee8679.sys;c9ee8679.sys;\??\c:\windows\System32\drivers\c9ee8679.sys --> c:\windows\System32\drivers\c9ee8679.sys [?]
S1 ca2e86b9.sys;ca2e86b9.sys;\??\c:\windows\System32\drivers\ca2e86b9.sys --> c:\windows\System32\drivers\ca2e86b9.sys [?]
S1 ca6086eb.sys;ca6086eb.sys;\??\c:\windows\System32\drivers\ca6086eb.sys --> c:\windows\System32\drivers\ca6086eb.sys [?]
S1 ca918f24.sys;ca918f24.sys;\??\c:\windows\System32\drivers\ca918f24.sys --> c:\windows\System32\drivers\ca918f24.sys [?]
S1 caa48f37.sys;caa48f37.sys;\??\c:\windows\System32\drivers\caa48f37.sys --> c:\windows\System32\drivers\caa48f37.sys [?]
S1 cad5875f.sys;cad5875f.sys;\??\c:\windows\System32\drivers\cad5875f.sys --> c:\windows\System32\drivers\cad5875f.sys [?]
S1 cb4187cb.sys;cb4187cb.sys;\??\c:\windows\System32\drivers\cb4187cb.sys --> c:\windows\System32\drivers\cb4187cb.sys [?]
S1 cc7c30aa.sys;cc7c30aa.sys;\??\c:\windows\System32\drivers\cc7c30aa.sys --> c:\windows\System32\drivers\cc7c30aa.sys [?]
S1 cd2191b4.sys;cd2191b4.sys;\??\c:\windows\System32\drivers\cd2191b4.sys --> c:\windows\System32\drivers\cd2191b4.sys [?]
S1 cd7d8a07.sys;cd7d8a07.sys;\??\c:\windows\System32\drivers\cd7d8a07.sys --> c:\windows\System32\drivers\cd7d8a07.sys [?]
S1 ce8932b6.sys;ce8932b6.sys;\??\c:\windows\System32\drivers\ce8932b6.sys --> c:\windows\System32\drivers\ce8932b6.sys [?]
S1 ce918b1c.sys;ce918b1c.sys;\??\c:\windows\System32\drivers\ce918b1c.sys --> c:\windows\System32\drivers\ce918b1c.sys [?]
S1 ced68b60.sys;ced68b60.sys;\??\c:\windows\System32\drivers\ced68b60.sys --> c:\windows\System32\drivers\ced68b60.sys [?]
S1 cf009393.sys;cf009393.sys;\??\c:\windows\System32\drivers\cf009393.sys --> c:\windows\System32\drivers\cf009393.sys [?]
S1 cf088b93.sys;cf088b93.sys;\??\c:\windows\System32\drivers\cf088b93.sys --> c:\windows\System32\drivers\cf088b93.sys [?]
S1 cf769409.sys;cf769409.sys;\??\c:\windows\System32\drivers\cf769409.sys --> c:\windows\System32\drivers\cf769409.sys [?]
S1 cf8733b4.sys;cf8733b4.sys;\??\c:\windows\System32\drivers\cf8733b4.sys --> c:\windows\System32\drivers\cf8733b4.sys [?]
S1 cfbc8c47.sys;cfbc8c47.sys;\??\c:\windows\System32\drivers\cfbc8c47.sys --> c:\windows\System32\drivers\cfbc8c47.sys [?]
S1 cfc49458.sys;cfc49458.sys;\??\c:\windows\System32\drivers\cfc49458.sys --> c:\windows\System32\drivers\cfc49458.sys [?]
S1 d0568ce1.sys;d0568ce1.sys;\??\c:\windows\System32\drivers\d0568ce1.sys --> c:\windows\System32\drivers\d0568ce1.sys [?]
S1 d0fc958f.sys;d0fc958f.sys;\??\c:\windows\System32\drivers\d0fc958f.sys --> c:\windows\System32\drivers\d0fc958f.sys [?]
S1 d1b68e41.sys;d1b68e41.sys;\??\c:\windows\System32\drivers\d1b68e41.sys --> c:\windows\System32\drivers\d1b68e41.sys [?]
S1 d20a8e95.sys;d20a8e95.sys;\??\c:\windows\System32\drivers\d20a8e95.sys --> c:\windows\System32\drivers\d20a8e95.sys [?]
S1 d23796ca.sys;d23796ca.sys;\??\c:\windows\System32\drivers\d23796ca.sys --> c:\windows\System32\drivers\d23796ca.sys [?]
S1 d3019794.sys;d3019794.sys;\??\c:\windows\System32\drivers\d3019794.sys --> c:\windows\System32\drivers\d3019794.sys [?]
S1 d39037bd.sys;d39037bd.sys;\??\c:\windows\System32\drivers\d39037bd.sys --> c:\windows\System32\drivers\d39037bd.sys [?]
S1 d3b79042.sys;d3b79042.sys;\??\c:\windows\System32\drivers\d3b79042.sys --> c:\windows\System32\drivers\d3b79042.sys [?]
S1 d53d99d0.sys;d53d99d0.sys;\??\c:\windows\System32\drivers\d53d99d0.sys --> c:\windows\System32\drivers\d53d99d0.sys [?]
S1 d6643a92.sys;d6643a92.sys;\??\c:\windows\System32\drivers\d6643a92.sys --> c:\windows\System32\drivers\d6643a92.sys [?]
S1 d6c69b59.sys;d6c69b59.sys;\??\c:\windows\System32\drivers\d6c69b59.sys --> c:\windows\System32\drivers\d6c69b59.sys [?]
S1 d7e93c16.sys;d7e93c16.sys;\??\c:\windows\System32\drivers\d7e93c16.sys --> c:\windows\System32\drivers\d7e93c16.sys [?]
S1 d7f19c85.sys;d7f19c85.sys;\??\c:\windows\System32\drivers\d7f19c85.sys --> c:\windows\System32\drivers\d7f19c85.sys [?]
S1 d9449dd7.sys;d9449dd7.sys;\??\c:\windows\System32\drivers\d9449dd7.sys --> c:\windows\System32\drivers\d9449dd7.sys [?]
S1 d9719e04.sys;d9719e04.sys;\??\c:\windows\System32\drivers\d9719e04.sys --> c:\windows\System32\drivers\d9719e04.sys [?]
S1 da7c9706.sys;da7c9706.sys;\??\c:\windows\System32\drivers\da7c9706.sys --> c:\windows\System32\drivers\da7c9706.sys [?]
S1 dad59f68.sys;dad59f68.sys;\??\c:\windows\System32\drivers\dad59f68.sys --> c:\windows\System32\drivers\dad59f68.sys [?]
S1 db1f9fb3.sys;db1f9fb3.sys;\??\c:\windows\System32\drivers\db1f9fb3.sys --> c:\windows\System32\drivers\db1f9fb3.sys [?]
S1 db209fb3.sys;db209fb3.sys;\??\c:\windows\System32\drivers\db209fb3.sys --> c:\windows\System32\drivers\db209fb3.sys [?]
S1 dc2398ad.sys;dc2398ad.sys;\??\c:\windows\System32\drivers\dc2398ad.sys --> c:\windows\System32\drivers\dc2398ad.sys [?]
S1 dd56a1e9.sys;dd56a1e9.sys;\??\c:\windows\System32\drivers\dd56a1e9.sys --> c:\windows\System32\drivers\dd56a1e9.sys [?]
S1 ddcb41f8.sys;ddcb41f8.sys;\??\c:\windows\System32\drivers\ddcb41f8.sys --> c:\windows\System32\drivers\ddcb41f8.sys [?]
S1 ddf9a28c.sys;ddf9a28c.sys;\??\c:\windows\System32\drivers\ddf9a28c.sys --> c:\windows\System32\drivers\ddf9a28c.sys [?]
S1 de8c9b17.sys;de8c9b17.sys;\??\c:\windows\System32\drivers\de8c9b17.sys --> c:\windows\System32\drivers\de8c9b17.sys [?]
S1 df549bdf.sys;df549bdf.sys;\??\c:\windows\System32\drivers\df549bdf.sys --> c:\windows\System32\drivers\df549bdf.sys [?]
S1 e0ffa592.sys;e0ffa592.sys;\??\c:\windows\System32\drivers\e0ffa592.sys --> c:\windows\System32\drivers\e0ffa592.sys [?]
S1 e1de460c.sys;e1de460c.sys;\??\c:\windows\System32\drivers\e1de460c.sys --> c:\windows\System32\drivers\e1de460c.sys [?]
S1 e22ba6bf.sys;e22ba6bf.sys;\??\c:\windows\System32\drivers\e22ba6bf.sys --> c:\windows\System32\drivers\e22ba6bf.sys [?]
S1 e3279fb1.sys;e3279fb1.sys;\??\c:\windows\System32\drivers\e3279fb1.sys --> c:\windows\System32\drivers\e3279fb1.sys [?]
S1 e39ca82f.sys;e39ca82f.sys;\??\c:\windows\System32\drivers\e39ca82f.sys --> c:\windows\System32\drivers\e39ca82f.sys [?]
S1 e41ca0a7.sys;e41ca0a7.sys;\??\c:\windows\System32\drivers\e41ca0a7.sys --> c:\windows\System32\drivers\e41ca0a7.sys [?]
S1 e46c015e.sys;e46c015e.sys;\??\c:\windows\System32\drivers\e46c015e.sys --> c:\windows\System32\drivers\e46c015e.sys [?]
S1 e58ea218.sys;e58ea218.sys;\??\c:\windows\System32\drivers\e58ea218.sys --> c:\windows\System32\drivers\e58ea218.sys [?]
S1 e75cabf0.sys;e75cabf0.sys;\??\c:\windows\System32\drivers\e75cabf0.sys --> c:\windows\System32\drivers\e75cabf0.sys [?]
S1 e7dcac70.sys;e7dcac70.sys;\??\c:\windows\System32\drivers\e7dcac70.sys --> c:\windows\System32\drivers\e7dcac70.sys [?]
S1 e7ebac7e.sys;e7ebac7e.sys;\??\c:\windows\System32\drivers\e7ebac7e.sys --> c:\windows\System32\drivers\e7ebac7e.sys [?]
S1 e89dad30.sys;e89dad30.sys;\??\c:\windows\System32\drivers\e89dad30.sys --> c:\windows\System32\drivers\e89dad30.sys [?]
S1 ea3caecf.sys;ea3caecf.sys;\??\c:\windows\System32\drivers\ea3caecf.sys --> c:\windows\System32\drivers\ea3caecf.sys [?]
S1 ea42a6cc.sys;ea42a6cc.sys;\??\c:\windows\System32\drivers\ea42a6cc.sys --> c:\windows\System32\drivers\ea42a6cc.sys [?]
S1 eaa6af39.sys;eaa6af39.sys;\??\c:\windows\System32\drivers\eaa6af39.sys --> c:\windows\System32\drivers\eaa6af39.sys [?]
S1 ec79b10d.sys;ec79b10d.sys;\??\c:\windows\System32\drivers\ec79b10d.sys --> c:\windows\System32\drivers\ec79b10d.sys [?]
S1 ec85b118.sys;ec85b118.sys;\??\c:\windows\System32\drivers\ec85b118.sys --> c:\windows\System32\drivers\ec85b118.sys [?]
S1 ed1fa9aa.sys;ed1fa9aa.sys;\??\c:\windows\System32\drivers\ed1fa9aa.sys --> c:\windows\System32\drivers\ed1fa9aa.sys [?]
S1 ed7b51a8.sys;ed7b51a8.sys;\??\c:\windows\System32\drivers\ed7b51a8.sys --> c:\windows\System32\drivers\ed7b51a8.sys [?]
S1 edc8b25b.sys;edc8b25b.sys;\??\c:\windows\System32\drivers\edc8b25b.sys --> c:\windows\System32\drivers\edc8b25b.sys [?]
S1 ee0daa98.sys;ee0daa98.sys;\??\c:\windows\System32\drivers\ee0daa98.sys --> c:\windows\System32\drivers\ee0daa98.sys [?]
S1 ee435271.sys;ee435271.sys;\??\c:\windows\System32\drivers\ee435271.sys --> c:\windows\System32\drivers\ee435271.sys [?]
S1 ee93ab1e.sys;ee93ab1e.sys;\??\c:\windows\System32\drivers\ee93ab1e.sys --> c:\windows\System32\drivers\ee93ab1e.sys [?]
S1 f04e0d40.sys;f04e0d40.sys;\??\c:\windows\System32\drivers\f04e0d40.sys --> c:\windows\System32\drivers\f04e0d40.sys [?]
S1 f161adeb.sys;f161adeb.sys;\??\c:\windows\System32\drivers\f161adeb.sys --> c:\windows\System32\drivers\f161adeb.sys [?]
S1 f190b623.sys;f190b623.sys;\??\c:\windows\System32\drivers\f190b623.sys --> c:\windows\System32\drivers\f190b623.sys [?]
S1 f211ae9b.sys;f211ae9b.sys;\??\c:\windows\System32\drivers\f211ae9b.sys --> c:\windows\System32\drivers\f211ae9b.sys [?]
S1 f224b6b7.sys;f224b6b7.sys;\??\c:\windows\System32\drivers\f224b6b7.sys --> c:\windows\System32\drivers\f224b6b7.sys [?]
S1 f248b6db.sys;f248b6db.sys;\??\c:\windows\System32\drivers\f248b6db.sys --> c:\windows\System32\drivers\f248b6db.sys [?]
S1 f294b727.sys;f294b727.sys;\??\c:\windows\System32\drivers\f294b727.sys --> c:\windows\System32\drivers\f294b727.sys [?]
S1 f360b7f3.sys;f360b7f3.sys;\??\c:\windows\System32\drivers\f360b7f3.sys --> c:\windows\System32\drivers\f360b7f3.sys [?]
S1 f434b0be.sys;f434b0be.sys;\??\c:\windows\System32\drivers\f434b0be.sys --> c:\windows\System32\drivers\f434b0be.sys [?]
S1 f476b909.sys;f476b909.sys;\??\c:\windows\System32\drivers\f476b909.sys --> c:\windows\System32\drivers\f476b909.sys [?]
S1 f489b91c.sys;f489b91c.sys;\??\c:\windows\System32\drivers\f489b91c.sys --> c:\windows\System32\drivers\f489b91c.sys [?]
S1 f60fb29a.sys;f60fb29a.sys;\??\c:\windows\System32\drivers\f60fb29a.sys --> c:\windows\System32\drivers\f60fb29a.sys [?]
S1 f6c2b34d.sys;f6c2b34d.sys;\??\c:\windows\System32\drivers\f6c2b34d.sys --> c:\windows\System32\drivers\f6c2b34d.sys [?]
S1 f6e3b36d.sys;f6e3b36d.sys;\??\c:\windows\System32\drivers\f6e3b36d.sys --> c:\windows\System32\drivers\f6e3b36d.sys [?]
S1 f822bcb5.sys;f822bcb5.sys;\??\c:\windows\System32\drivers\f822bcb5.sys --> c:\windows\System32\drivers\f822bcb5.sys [?]
S1 f833bcc6.sys;f833bcc6.sys;\??\c:\windows\System32\drivers\f833bcc6.sys --> c:\windows\System32\drivers\f833bcc6.sys [?]
S1 f8675c95.sys;f8675c95.sys;\??\c:\windows\System32\drivers\f8675c95.sys --> c:\windows\System32\drivers\f8675c95.sys [?]
S1 f8c5b54f.sys;f8c5b54f.sys;\??\c:\windows\System32\drivers\f8c5b54f.sys --> c:\windows\System32\drivers\f8c5b54f.sys [?]
S1 f8c85cf5.sys;f8c85cf5.sys;\??\c:\windows\System32\drivers\f8c85cf5.sys --> c:\windows\System32\drivers\f8c85cf5.sys [?]
S1 f92bbdbe.sys;f92bbdbe.sys;\??\c:\windows\System32\drivers\f92bbdbe.sys --> c:\windows\System32\drivers\f92bbdbe.sys [?]
S1 f963b5ed.sys;f963b5ed.sys;\??\c:\windows\System32\drivers\f963b5ed.sys --> c:\windows\System32\drivers\f963b5ed.sys [?]
S1 f9db5e08.sys;f9db5e08.sys;\??\c:\windows\System32\drivers\f9db5e08.sys --> c:\windows\System32\drivers\f9db5e08.sys [?]
S1 fa03b68d.sys;fa03b68d.sys;\??\c:\windows\System32\drivers\fa03b68d.sys --> c:\windows\System32\drivers\fa03b68d.sys [?]
S1 fb145f41.sys;fb145f41.sys;\??\c:\windows\System32\drivers\fb145f41.sys --> c:\windows\System32\drivers\fb145f41.sys [?]
S1 fbc9c05d.sys;fbc9c05d.sys;\??\c:\windows\System32\drivers\fbc9c05d.sys --> c:\windows\System32\drivers\fbc9c05d.sys [?]
S1 fc81c114.sys;fc81c114.sys;\??\c:\windows\System32\drivers\fc81c114.sys --> c:\windows\System32\drivers\fc81c114.sys [?]
S1 fd46b9d1.sys;fd46b9d1.sys;\??\c:\windows\System32\drivers\fd46b9d1.sys --> c:\windows\System32\drivers\fd46b9d1.sys [?]
S1 fd5c6189.sys;fd5c6189.sys;\??\c:\windows\System32\drivers\fd5c6189.sys --> c:\windows\System32\drivers\fd5c6189.sys [?]
S1 fd7961a6.sys;fd7961a6.sys;\??\c:\windows\System32\drivers\fd7961a6.sys --> c:\windows\System32\drivers\fd7961a6.sys [?]
S1 ff0ec3a1.sys;ff0ec3a1.sys;\??\c:\windows\System32\drivers\ff0ec3a1.sys --> c:\windows\System32\drivers\ff0ec3a1.sys [?]
S1 ff0fc3a2.sys;ff0fc3a2.sys;\??\c:\windows\System32\drivers\ff0fc3a2.sys --> c:\windows\System32\drivers\ff0fc3a2.sys [?]
S1 ff45bbd0.sys;ff45bbd0.sys;\??\c:\windows\System32\drivers\ff45bbd0.sys --> c:\windows\System32\drivers\ff45bbd0.sys [?]
S1 ffdac46d.sys;ffdac46d.sys;\??\c:\windows\System32\drivers\ffdac46d.sys --> c:\windows\System32\drivers\ffdac46d.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/17/2009 8:56 AM 38160]
S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [8/10/2009 12:03 AM 464264]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a6rjsg2e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 09:12
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(968)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ZuneBusEnum.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\ZoneLabs\vsmon.exe
.
**************************************************************************
.
Completion time: 2009-08-17 9:23 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-17 15:22
Pre-Run: 64,989,827,072 bytes free
Post-Run: 65,194,049,536 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
640 --- E O F --- 2009-08-13 09:02
When I run Malware Byte's anti malware I receive the error "Run-time error 5, invalid proceedure call or argument"
Limewire is gone, our son seemed to have installed that without permission, I have removed the adobe reader and installed the fox reader, also updated the Java as detailed.
Things seem to be going much smoother, my wife's original wallpaper is back as it was before which really made her happy.
I wanted to say thank you for all of your assistance, you have really made a huge difference and I really appreciate it! My wife has learned a lot also, now she understands how much work one wrong click can make.
Please let me know if I need to do something for the one app that did not run, but things are so much better now, again thank you so much.
----------------------------------------------------------------------------------------
Step 1
Custom CFScript
Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
Driver::
0005c497.sys
006dc4ff.sys
00b5bd3f.sys
00c8bd52.sys
00d3c565.sys
016dbdf7.sys
029266be.sys
030ec7a0.sys
0366c7f8.sys
03b0c842.sys
0427c0b1.sys
053ec1c7.sys
058e227e.sys
0629c2b2.sys
06f66b22.sys
06fdc387.sys
0761cbf3.sys
07a6c430.sys
0908c591.sys
0a05c68f.sys
0a13cea5.sys
0af35dfd.sys
0b2ecfc0.sys
0c6fc8f9.sys
0c86c90f.sys
0c8ad11c.sys
0cf57121.sys
0d577183.sys
0d8d71b9.sys
0e32cabb.sys
0e77d309.sys
0e98cb22.sys
0ebbcb45.sys
0f25cbaf.sys
0fe8cc72.sys
1004cc8d.sys
1124d5b6.sys
11a1ce2b.sys
11e2d674.sys
13a5d02e.sys
1428d8ba.sys
147d78aa.sys
1552d9e5.sys
15cfd258.sys
16b2d33c.sys
17db7c07.sys
180dd497.sys
182dd4b6.sys
18391c00.sys
189ed528.sys
19b87de4.sys
1a77df09.sys
1a8cd715.sys
1a93df25.sys
1b587f84.sys
1e3e826a.sys
1e88db11.sys
1f7a83a6.sys
2028dcb2.sys
212d855a.sys
2257e6e9.sys
229edf28.sys
22d5df5e.sys
22f5e787.sys
2425e0af.sys
262deac0.sys
269ceb2e.sys
27b4e43e.sys
28388c64.sys
28afe538.sys
290feda1.sys
29f2e67b.sys
2a0fe699.sys
2b85f017.sys
2c60f0f2.sys
2dbbea44.sys
2e00f292.sys
2e19f2ab.sys
2ee2eb6c.sys
2f9aec24.sys
31559581.sys
31f0f682.sys
324feed9.sys
33449771.sys
3361efea.sys
3369f7fb.sys
33aff039.sys
3471f0fa.sys
3485f10e.sys
35d3f25d.sys
35f1f27b.sys
3736f3c0.sys
3785f40e.sys
37d6f45f.sys
3808f491.sys
3877fd09.sys
38d0f559.sys
3904f58d.sys
391ef5a8.sys
39c9f653.sys
3ad2ff64.sys
3b2fffc1.sys
3bdbf865.sys
3be6a013.sys
3e2102b4.sys
3fc9a3f5.sys
4015a442.sys
4086fd10.sys
424fa67c.sys
4329ffb2.sys
43d70062.sys
43fa0085.sys
446900f3.sys
46b60b49.sys
485a04e5.sys
48f50d88.sys
494a05d5.sys
49cb0e5e.sys
4be8b014.sys
4bea107d.sys
4cd41167.sys
4e1d12b0.sys
4e801313.sys
4f6213f5.sys
507eb4aa.sys
50d60d60.sys
51310dbb.sys
51741607.sys
5208169b.sys
52d80f63.sys
52e70f72.sys
540cb838.sys
545218e6.sys
545f18f2.sys
554411cf.sys
577313fe.sys
580b1c9e.sys
58eb1d7e.sys
58f8bd24.sys
5ac61750.sys
5b211fb4.sys
5b44bf70.sys
5dcd2260.sys
5e1f1aa9.sys
5e44c271.sys
5eff1b8a.sys
61481dd3.sys
61dc266f.sys
61f42687.sys
62931f1e.sys
631327a6.sys
635427e7.sys
63b0c7dc.sys
63df2872.sys
64862919.sys
65772a0a.sys
6643ca6f.sys
6687cab3.sys
66e52370.sys
6701238c.sys
675a23e5.sys
67742c07.sys
67d12c64.sys
68ea2574.sys
691825a3.sys
695a25e5.sys
69a92634.sys
6b5a27e5.sys
6c4830db.sys
6c4a30dd.sys
6cad2937.sys
6d6729f1.sys
6e6a2af5.sys
6e8b2b16.sys
6f0e33a1.sys
6f4d33e0.sys
70ef3582.sys
71f7368b.sys
72723705.sys
73052f90.sys
732437b7.sys
7360d78d.sys
73a63839.sys
74b03943.sys
75d53260.sys
761932a4.sys
76243ab7.sys
762b3abe.sys
763d32c7.sys
76e93b7d.sys
77823c15.sys
77c3344d.sys
79843e17.sys
7af1377c.sys
7b4837d2.sys
7b79400c.sys
7c3a38c4.sys
7db04243.sys
7e043a8f.sys
7e173aa1.sys
7e5d42f0.sys
7ed2e2fe.sys
81804613.sys
83e0406a.sys
840e48a2.sys
842840b3.sys
845c40e6.sys
846d4900.sys
85d8ea04.sys
863b4ace.sys
8642ea6f.sys
86d74b6b.sys
874f4be2.sys
87718b38.sys
87d64461.sys
880b4496.sys
88f24d85.sys
890a4595.sys
894a45d4.sys
8a3046ba.sys
8b114fa5.sys
8b2b47b5.sys
8bca505d.sys
8c5850eb.sys
8c8a4914.sys
8d1651a9.sys
8d5949e4.sys
8d6a51fd.sys
8d804a0b.sys
8da94a34.sys
8dbb524e.sys
8e154aa0.sys
8e174aa2.sys
8ebd4b48.sys
8f0a539d.sys
914f4dda.sys
915ef58a.sys
916c4df7.sys
91a04e2b.sys
9208569b.sys
923556c8.sys
929f4f2a.sys
9308f735.sys
933cf768.sys
935857eb.sys
93d65869.sys
948d5920.sys
969a5325.sys
974e5be1.sys
981b5cae.sys
98225cb5.sys
986754f2.sys
98fa5d8d.sys
9ab2fede.sys
9b32ff5e.sys
9b5757e2.sys
9b7b600e.sys
9b99ffc5.sys
9bc06054.sys
9bda5864.sys
9bfa608d.sys
9c5f58e9.sys
9cb36146.sys
9cea617d.sys
9d6f59fa.sys
9d7a620d.sys
9ee06373.sys
9f4863dc.sys
a05c0489.sys
a0ae6541.sys
a32467b7.sys
a60a6295.sys
a7306bc3.sys
a8de6569.sys
abc3684e.sys
ac2970bc.sys
acb0693b.sys
adb57248.sys
adec727f.sys
aeb17344.sys
aeed7380.sys
af7d6c07.sys
afc813f5.sys
b0a96d34.sys
b14c1579.sys
b2027695.sys
b37a780d.sys
b3b817e5.sys
b3e1706b.sys
b504718e.sys
b5e21a0f.sys
b6357ac8.sys
b69d7327.sys
b7417bd4.sys
b79c7427.sys
b7ef7c82.sys
b8047c98.sys
b81c1c49.sys
b8587cec.sys
b8b57d49.sys
b9011d2e.sys
b92975b4.sys
ba4d7ee1.sys
bcc97953.sys
bdba824d.sys
bf767c01.sys
bff87c82.sys
c0347cbe.sys
c04b7cd5.sys
c088851b.sys
c17925a7.sys
c1f8868b.sys
c25a7ee5.sys
c2f28785.sys
c3b48847.sys
c41588a8.sys
c54381cd.sys
c57429a1.sys
c81d84a8.sys
c9602d8d.sys
c97a8e0d.sys
c9b0863a.sys
c9ee8679.sys
ca2e86b9.sys
ca6086eb.sys
ca918f24.sys
caa48f37.sys
cad5875f.sys
cb4187cb.sys
cc7c30aa.sys
cd2191b4.sys
cd7d8a07.sys
ce8932b6.sys
ce918b1c.sys
ced68b60.sys
cf009393.sys
cf088b93.sys
cf769409.sys
cf8733b4.sys
cfbc8c47.sys
cfc49458.sys
d0568ce1.sys
d0fc958f.sys
d1b68e41.sys
d20a8e95.sys
d23796ca.sys
d3019794.sys
d39037bd.sys
d3b79042.sys
d53d99d0.sys
d6643a92.sys
d6c69b59.sys
d7e93c16.sys
d7f19c85.sys
d9449dd7.sys
d9719e04.sys
da7c9706.sys
dad59f68.sys
db1f9fb3.sys
db209fb3.sys
dc2398ad.sys
dd56a1e9.sys
ddcb41f8.sys
ddf9a28c.sys
de8c9b17.sys
df549bdf.sys
e0ffa592.sys
e1de460c.sys
e22ba6bf.sys
e3279fb1.sys
e39ca82f.sys
e41ca0a7.sys
e46c015e.sys
e58ea218.sys
e75cabf0.sys
e7dcac70.sys
e7ebac7e.sys
e89dad30.sys
ea3caecf.sys
ea42a6cc.sys
eaa6af39.sys
ec79b10d.sys
ec85b118.sys
ed1fa9aa.sys
ed7b51a8.sys
edc8b25b.sys
ee0daa98.sys
ee435271.sys
ee93ab1e.sys
f04e0d40.sys
f161adeb.sys
f190b623.sys
f211ae9b.sys
f224b6b7.sys
f248b6db.sys
f294b727.sys
f360b7f3.sys
f434b0be.sys
f476b909.sys
f489b91c.sys
f60fb29a.sys
f6c2b34d.sys
f6e3b36d.sys
f822bcb5.sys
f833bcc6.sys
f8675c95.sys
f8c5b54f.sys
f8c85cf5.sys
f92bbdbe.sys
f963b5ed.sys
f9db5e08.sys
fa03b68d.sys
fb145f41.sys
fbc9c05d.sys
fc81c114.sys
fd46b9d1.sys
fd5c6189.sys
fd7961a6.sys
ff0ec3a1.sys
ff0fc3a2.sys
ff45bbd0.sys
ffdac46d.sys
ADS::
Save this as CFScript.txt and place it on your desktop.
http://i51.photobucket.com/albums/f387/Katana_1970/CFScriptb.gif
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper
----------------------------------------------------------------------------------------
Step 2
Malwarebytes' Anti-Malware
Let's reinstall MalwareBytes, that should cure the problem.
Please download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware
and Launch Malwarebytes' Anti-Malware
then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
If requested, please reboot
If you accidently close it, the log file is saved here and will be named like this:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
----------------------------------------------------------------------------------------
Step 3
Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)
NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html
Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.
**Note**
To optimize scanning time and produce a more sensible report for review: Close any open programs.
Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.
----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
Combofix Log
MalwareBytes Log
Kaspersky Log
ComboFix 09-08-10.06 - Administrator 08/17/2009 11:13.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1441 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090816-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_0005c497.sys
-------\Service_006dc4ff.sys
-------\Service_00b5bd3f.sys
-------\Service_00c8bd52.sys
-------\Service_00d3c565.sys
-------\Service_016dbdf7.sys
-------\Service_029266be.sys
-------\Service_030ec7a0.sys
-------\Service_0366c7f8.sys
-------\Service_03b0c842.sys
-------\Service_0427c0b1.sys
-------\Service_053ec1c7.sys
-------\Service_058e227e.sys
-------\Service_0629c2b2.sys
-------\Service_06f66b22.sys
-------\Service_06fdc387.sys
-------\Service_0761cbf3.sys
-------\Service_07a6c430.sys
-------\Service_0908c591.sys
-------\Service_0a05c68f.sys
-------\Service_0a13cea5.sys
-------\Service_0af35dfd.sys
-------\Service_0b2ecfc0.sys
-------\Service_0c6fc8f9.sys
-------\Service_0c86c90f.sys
-------\Service_0c8ad11c.sys
-------\Service_0cf57121.sys
-------\Service_0d577183.sys
-------\Service_0d8d71b9.sys
-------\Service_0e32cabb.sys
-------\Service_0e77d309.sys
-------\Service_0e98cb22.sys
-------\Service_0ebbcb45.sys
-------\Service_0f25cbaf.sys
-------\Service_0fe8cc72.sys
-------\Service_1004cc8d.sys
-------\Service_1124d5b6.sys
-------\Service_11a1ce2b.sys
-------\Service_11e2d674.sys
-------\Service_13a5d02e.sys
-------\Service_1428d8ba.sys
-------\Service_147d78aa.sys
-------\Service_1552d9e5.sys
-------\Service_15cfd258.sys
-------\Service_16b2d33c.sys
-------\Service_17db7c07.sys
-------\Service_180dd497.sys
-------\Service_182dd4b6.sys
-------\Service_18391c00.sys
-------\Service_189ed528.sys
-------\Service_19b87de4.sys
-------\Service_1a77df09.sys
-------\Service_1a8cd715.sys
-------\Service_1a93df25.sys
-------\Service_1b587f84.sys
-------\Service_1e3e826a.sys
-------\Service_1e88db11.sys
-------\Service_1f7a83a6.sys
-------\Service_2028dcb2.sys
-------\Service_212d855a.sys
-------\Service_2257e6e9.sys
-------\Service_229edf28.sys
-------\Service_22d5df5e.sys
-------\Service_22f5e787.sys
-------\Service_2425e0af.sys
-------\Service_262deac0.sys
-------\Service_269ceb2e.sys
-------\Service_27b4e43e.sys
-------\Service_28388c64.sys
-------\Service_28afe538.sys
-------\Service_290feda1.sys
-------\Service_29f2e67b.sys
-------\Service_2a0fe699.sys
-------\Service_2b85f017.sys
-------\Service_2c60f0f2.sys
-------\Service_2dbbea44.sys
-------\Service_2e00f292.sys
-------\Service_2e19f2ab.sys
-------\Service_2ee2eb6c.sys
-------\Service_2f9aec24.sys
-------\Service_31559581.sys
-------\Service_31f0f682.sys
-------\Service_324feed9.sys
-------\Service_33449771.sys
-------\Service_3361efea.sys
-------\Service_3369f7fb.sys
-------\Service_33aff039.sys
-------\Service_3471f0fa.sys
-------\Service_3485f10e.sys
-------\Service_35d3f25d.sys
-------\Service_35f1f27b.sys
-------\Service_3736f3c0.sys
-------\Service_3785f40e.sys
-------\Service_37d6f45f.sys
-------\Service_3808f491.sys
-------\Service_3877fd09.sys
-------\Service_38d0f559.sys
-------\Service_3904f58d.sys
-------\Service_391ef5a8.sys
-------\Service_39c9f653.sys
-------\Service_3ad2ff64.sys
-------\Service_3b2fffc1.sys
-------\Service_3bdbf865.sys
-------\Service_3be6a013.sys
-------\Service_3e2102b4.sys
-------\Service_3fc9a3f5.sys
-------\Service_4015a442.sys
-------\Service_4086fd10.sys
-------\Service_424fa67c.sys
-------\Service_4329ffb2.sys
-------\Service_43d70062.sys
-------\Service_43fa0085.sys
-------\Service_446900f3.sys
-------\Service_46b60b49.sys
-------\Service_485a04e5.sys
-------\Service_48f50d88.sys
-------\Service_494a05d5.sys
-------\Service_49cb0e5e.sys
-------\Service_4be8b014.sys
-------\Service_4bea107d.sys
-------\Service_4cd41167.sys
-------\Service_4e1d12b0.sys
-------\Service_4e801313.sys
-------\Service_4f6213f5.sys
-------\Service_507eb4aa.sys
-------\Service_50d60d60.sys
-------\Service_51310dbb.sys
-------\Service_51741607.sys
-------\Service_5208169b.sys
-------\Service_52d80f63.sys
-------\Service_52e70f72.sys
-------\Service_540cb838.sys
-------\Service_545218e6.sys
-------\Service_545f18f2.sys
-------\Service_554411cf.sys
-------\Service_577313fe.sys
-------\Service_580b1c9e.sys
-------\Service_58eb1d7e.sys
-------\Service_58f8bd24.sys
-------\Service_5ac61750.sys
-------\Service_5b211fb4.sys
-------\Service_5b44bf70.sys
-------\Service_5dcd2260.sys
-------\Service_5e1f1aa9.sys
-------\Service_5e44c271.sys
-------\Service_5eff1b8a.sys
-------\Service_61481dd3.sys
-------\Service_61dc266f.sys
-------\Service_61f42687.sys
-------\Service_62931f1e.sys
-------\Service_631327a6.sys
-------\Service_635427e7.sys
-------\Service_63b0c7dc.sys
-------\Service_63df2872.sys
-------\Service_64862919.sys
-------\Service_65772a0a.sys
-------\Service_6643ca6f.sys
-------\Service_6687cab3.sys
-------\Service_66e52370.sys
-------\Service_6701238c.sys
-------\Service_675a23e5.sys
-------\Service_67742c07.sys
-------\Service_67d12c64.sys
-------\Service_68ea2574.sys
-------\Service_691825a3.sys
-------\Service_695a25e5.sys
-------\Service_69a92634.sys
-------\Service_6b5a27e5.sys
-------\Service_6c4830db.sys
-------\Service_6c4a30dd.sys
-------\Service_6cad2937.sys
-------\Service_6d6729f1.sys
-------\Service_6e6a2af5.sys
-------\Service_6e8b2b16.sys
-------\Service_6f0e33a1.sys
-------\Service_6f4d33e0.sys
-------\Service_70ef3582.sys
-------\Service_71f7368b.sys
-------\Service_72723705.sys
-------\Service_73052f90.sys
-------\Service_732437b7.sys
-------\Service_7360d78d.sys
-------\Service_73a63839.sys
-------\Service_74b03943.sys
-------\Service_75d53260.sys
-------\Service_761932a4.sys
-------\Service_76243ab7.sys
-------\Service_762b3abe.sys
-------\Service_763d32c7.sys
-------\Service_76e93b7d.sys
-------\Service_77823c15.sys
-------\Service_77c3344d.sys
-------\Service_79843e17.sys
-------\Service_7af1377c.sys
-------\Service_7b4837d2.sys
-------\Service_7b79400c.sys
-------\Service_7c3a38c4.sys
-------\Service_7db04243.sys
-------\Service_7e043a8f.sys
-------\Service_7e173aa1.sys
-------\Service_7e5d42f0.sys
-------\Service_7ed2e2fe.sys
-------\Service_81804613.sys
-------\Service_83e0406a.sys
-------\Service_840e48a2.sys
-------\Service_842840b3.sys
-------\Service_845c40e6.sys
-------\Service_846d4900.sys
-------\Service_85d8ea04.sys
-------\Service_863b4ace.sys
-------\Service_8642ea6f.sys
-------\Service_86d74b6b.sys
-------\Service_874f4be2.sys
-------\Service_87718b38.sys
-------\Service_87d64461.sys
-------\Service_880b4496.sys
-------\Service_88f24d85.sys
-------\Service_890a4595.sys
-------\Service_894a45d4.sys
-------\Service_8a3046ba.sys
-------\Service_8b114fa5.sys
-------\Service_8b2b47b5.sys
-------\Service_8bca505d.sys
-------\Service_8c5850eb.sys
-------\Service_8c8a4914.sys
-------\Service_8d1651a9.sys
-------\Service_8d5949e4.sys
-------\Service_8d6a51fd.sys
-------\Service_8d804a0b.sys
-------\Service_8da94a34.sys
-------\Service_8dbb524e.sys
-------\Service_8e154aa0.sys
-------\Service_8e174aa2.sys
-------\Service_8ebd4b48.sys
-------\Service_8f0a539d.sys
-------\Service_914f4dda.sys
-------\Service_915ef58a.sys
-------\Service_916c4df7.sys
-------\Service_91a04e2b.sys
-------\Service_9208569b.sys
-------\Service_923556c8.sys
-------\Service_929f4f2a.sys
-------\Service_9308f735.sys
-------\Service_933cf768.sys
-------\Service_935857eb.sys
-------\Service_93d65869.sys
-------\Service_948d5920.sys
-------\Service_969a5325.sys
-------\Service_974e5be1.sys
-------\Service_981b5cae.sys
-------\Service_98225cb5.sys
-------\Service_986754f2.sys
-------\Service_98fa5d8d.sys
-------\Service_9ab2fede.sys
-------\Service_9b32ff5e.sys
-------\Service_9b5757e2.sys
-------\Service_9b7b600e.sys
-------\Service_9b99ffc5.sys
-------\Service_9bc06054.sys
-------\Service_9bda5864.sys
-------\Service_9bfa608d.sys
-------\Service_9c5f58e9.sys
-------\Service_9cb36146.sys
-------\Service_9cea617d.sys
-------\Service_9d6f59fa.sys
-------\Service_9d7a620d.sys
-------\Service_9ee06373.sys
-------\Service_9f4863dc.sys
-------\Service_a05c0489.sys
-------\Service_a0ae6541.sys
-------\Service_a32467b7.sys
-------\Service_a60a6295.sys
-------\Service_a7306bc3.sys
-------\Service_a8de6569.sys
-------\Service_abc3684e.sys
-------\Service_ac2970bc.sys
-------\Service_acb0693b.sys
-------\Service_adb57248.sys
-------\Service_adec727f.sys
-------\Service_aeb17344.sys
-------\Service_aeed7380.sys
-------\Service_af7d6c07.sys
-------\Service_afc813f5.sys
-------\Service_b0a96d34.sys
-------\Service_b14c1579.sys
-------\Service_b2027695.sys
-------\Service_b37a780d.sys
-------\Service_b3b817e5.sys
-------\Service_b3e1706b.sys
-------\Service_b504718e.sys
-------\Service_b5e21a0f.sys
-------\Service_b6357ac8.sys
-------\Service_b69d7327.sys
-------\Service_b7417bd4.sys
-------\Service_b79c7427.sys
-------\Service_b7ef7c82.sys
-------\Service_b8047c98.sys
-------\Service_b81c1c49.sys
-------\Service_b8587cec.sys
-------\Service_b8b57d49.sys
-------\Service_b9011d2e.sys
-------\Service_b92975b4.sys
-------\Service_ba4d7ee1.sys
-------\Service_bcc97953.sys
-------\Service_bdba824d.sys
-------\Service_bf767c01.sys
-------\Service_bff87c82.sys
-------\Service_c0347cbe.sys
-------\Service_c04b7cd5.sys
-------\Service_c088851b.sys
-------\Service_c17925a7.sys
-------\Service_c1f8868b.sys
-------\Service_c25a7ee5.sys
-------\Service_c2f28785.sys
-------\Service_c3b48847.sys
-------\Service_c41588a8.sys
-------\Service_c54381cd.sys
-------\Service_c57429a1.sys
-------\Service_c81d84a8.sys
-------\Service_c9602d8d.sys
-------\Service_c97a8e0d.sys
-------\Service_c9b0863a.sys
-------\Service_c9ee8679.sys
-------\Service_ca2e86b9.sys
-------\Service_ca6086eb.sys
-------\Service_ca918f24.sys
-------\Service_caa48f37.sys
-------\Service_cad5875f.sys
-------\Service_cb4187cb.sys
-------\Service_cc7c30aa.sys
-------\Service_cd2191b4.sys
-------\Service_cd7d8a07.sys
-------\Service_ce8932b6.sys
-------\Service_ce918b1c.sys
-------\Service_ced68b60.sys
-------\Service_cf009393.sys
-------\Service_cf088b93.sys
-------\Service_cf769409.sys
-------\Service_cf8733b4.sys
-------\Service_cfbc8c47.sys
-------\Service_cfc49458.sys
-------\Service_d0568ce1.sys
-------\Service_d0fc958f.sys
-------\Service_d1b68e41.sys
-------\Service_d20a8e95.sys
-------\Service_d23796ca.sys
-------\Service_d3019794.sys
-------\Service_d39037bd.sys
-------\Service_d3b79042.sys
-------\Service_d53d99d0.sys
-------\Service_d6643a92.sys
-------\Service_d6c69b59.sys
-------\Service_d7e93c16.sys
-------\Service_d7f19c85.sys
-------\Service_d9449dd7.sys
-------\Service_d9719e04.sys
-------\Service_da7c9706.sys
-------\Service_dad59f68.sys
-------\Service_db1f9fb3.sys
-------\Service_db209fb3.sys
-------\Service_dc2398ad.sys
-------\Service_dd56a1e9.sys
-------\Service_ddcb41f8.sys
-------\Service_ddf9a28c.sys
-------\Service_de8c9b17.sys
-------\Service_df549bdf.sys
-------\Service_e0ffa592.sys
-------\Service_e1de460c.sys
-------\Service_e22ba6bf.sys
-------\Service_e3279fb1.sys
-------\Service_e39ca82f.sys
-------\Service_e41ca0a7.sys
-------\Service_e46c015e.sys
-------\Service_e58ea218.sys
-------\Service_e75cabf0.sys
-------\Service_e7dcac70.sys
-------\Service_e7ebac7e.sys
-------\Service_e89dad30.sys
-------\Service_ea3caecf.sys
-------\Service_ea42a6cc.sys
-------\Service_eaa6af39.sys
-------\Service_ec79b10d.sys
-------\Service_ec85b118.sys
-------\Service_ed1fa9aa.sys
-------\Service_ed7b51a8.sys
-------\Service_edc8b25b.sys
-------\Service_ee0daa98.sys
-------\Service_ee435271.sys
-------\Service_ee93ab1e.sys
-------\Service_f04e0d40.sys
-------\Service_f161adeb.sys
-------\Service_f190b623.sys
-------\Service_f211ae9b.sys
-------\Service_f224b6b7.sys
-------\Service_f248b6db.sys
-------\Service_f294b727.sys
-------\Service_f360b7f3.sys
-------\Service_f434b0be.sys
-------\Service_f476b909.sys
-------\Service_f489b91c.sys
-------\Service_f60fb29a.sys
-------\Service_f6c2b34d.sys
-------\Service_f6e3b36d.sys
-------\Service_f822bcb5.sys
-------\Service_f833bcc6.sys
-------\Service_f8675c95.sys
-------\Service_f8c5b54f.sys
-------\Service_f8c85cf5.sys
-------\Service_f92bbdbe.sys
-------\Service_f963b5ed.sys
-------\Service_f9db5e08.sys
-------\Service_fa03b68d.sys
-------\Service_fb145f41.sys
-------\Service_fbc9c05d.sys
-------\Service_fc81c114.sys
-------\Service_fd46b9d1.sys
-------\Service_fd5c6189.sys
-------\Service_fd7961a6.sys
-------\Service_ff0ec3a1.sys
-------\Service_ff0fc3a2.sys
-------\Service_ff45bbd0.sys
-------\Service_ffdac46d.sys
((((((((((((((((((((((((( Files Created from 2009-07-17 to 2009-08-17 )))))))))))))))))))))))))))))))
.
2009-08-17 15:41 . 2009-08-17 15:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-17 15:33 . 2009-08-17 15:33 -------- d-----w- c:\program files\Foxit Software
2009-08-17 15:33 . 2009-08-17 15:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-08-17 14:56 . 2009-08-03 19:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 14:56 . 2009-08-03 19:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-16 15:30 . 2009-08-16 15:34 -------- d-----w- C:\rsit
2009-08-13 17:48 . 2009-08-13 17:48 -------- d-----w- c:\program files\Trend Micro
2009-08-13 17:29 . 2009-08-13 17:29 94493460 ----a-w- C:\regbackup.reg
2009-08-13 16:55 . 2009-08-13 16:55 16 ----a-w- c:\windows\system32\drivers\ZuneBusEnum.exe.sys
2009-08-13 16:20 . 2009-08-13 17:07 -------- d-----w- c:\documents and settings\Administrator\.housecall6.6
2009-08-13 16:02 . 2009-08-13 16:02 16 ----a-w- c:\windows\system32\drivers\sessionstore-1..sys
2009-08-13 15:44 . 2009-08-13 15:44 16 ----a-w- c:\windows\system32\drivers\History.IE5.sys
2009-08-13 15:41 . 2009-08-13 16:20 16 ----a-w- c:\windows\system32\drivers\Aavm4h.dll.sys
2009-08-13 15:37 . 2009-08-13 16:19 16 ----a-w- c:\windows\system32\drivers\zllictbl.dat.sys
2009-08-12 14:04 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-10 20:41 . 2008-08-14 10:04 138496 ------w- c:\windows\system32\dllcache\afd.sys
2009-08-10 06:03 . 2009-08-10 06:03 -------- d-----w- c:\program files\AskBarDis
2009-08-10 06:02 . 2009-02-16 06:10 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2009-08-10 06:00 . 2009-08-10 06:00 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- c:\program files\MSBuild
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- c:\program files\Reference Assemblies
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- C:\ddd1fcc9e2fae00c404e3e3bb27d
2009-08-10 05:59 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-10 05:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-10 05:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-10 05:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-10 05:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-10 05:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-10 05:59 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-10 04:20 . 2009-08-13 16:38 16 ----a-w- c:\windows\system32\drivers\.sys
2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-17 15:40 . 2006-12-07 09:51 -------- d-----w- c:\program files\Java
2009-08-17 15:34 . 2006-12-07 09:54 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-17 15:12 . 2008-10-04 01:22 1295234 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-08-10 06:02 . 2006-12-30 19:40 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-10 05:20 . 2008-07-09 01:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-10 04:19 . 2009-08-16 15:17 69632 ----a-w- c:\windows\system32\drivers\trz37D.tmp
2009-08-05 09:01 . 2004-08-04 08:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2004-08-04 08:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 05:30 . 2009-07-15 05:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-15 05:29 . 2009-07-15 05:29 -------- d-----w- c:\program files\Yahoo! Games
2009-07-14 05:43 . 2004-08-04 08:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 19:01 . 2007-03-24 15:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\IMVU
2009-06-29 16:12 . 2004-08-04 08:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2004-08-04 08:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-25 08:25 . 2004-08-04 08:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2004-08-04 08:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-04 08:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2004-08-04 08:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2004-08-04 08:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2004-08-04 08:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-04 08:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-23 19:13 . 2009-06-23 19:04 -------- d-----w- c:\documents and settings\Administrator\Application Data\W Photo Studio Viewer
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2009-06-18 18:34 . 2009-06-18 18:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-06-18 18:29 . 2009-06-18 18:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2009-06-18 18:29 . 2009-06-18 18:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-16 14:36 . 2004-08-04 08:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-08-04 08:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2004-08-04 08:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2004-08-04 08:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 15:19 . 2004-08-04 08:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2004-08-04 08:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2004-08-04 08:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2004-08-04 08:00 1291264 ----a-w- c:\windows\system32\quartz.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-08-17_15.12.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-17 17:18 . 2009-08-17 17:18 16384 c:\windows\Temp\Perflib_Perfdata_638.dat
+ 2009-08-17 17:18 . 2009-08-17 17:18 16384 c:\windows\Temp\Perflib_Perfdata_340.dat
- 2009-08-17 15:09 . 2009-08-17 15:09 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-17 17:17 . 2009-08-17 17:17 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-17 17:17 . 2009-08-17 17:17 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
- 2009-08-17 15:09 . 2009-08-17 15:09 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2009-08-17 15:41 . 2009-08-17 15:40 149280 c:\windows\system32\javaws.exe
+ 2009-08-17 15:41 . 2009-08-17 15:40 145184 c:\windows\system32\javaw.exe
+ 2009-08-17 15:41 . 2009-08-17 15:40 145184 c:\windows\system32\java.exe
+ 2009-08-17 17:17 . 2009-08-17 17:17 188416 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
- 2009-08-17 15:09 . 2009-08-17 15:09 229376 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
+ 2009-08-17 17:17 . 2009-08-17 17:17 229376 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
+ 2009-08-17 17:17 . 2009-08-17 17:17 229376 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
- 2009-08-17 15:09 . 2009-08-17 15:09 229376 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
+ 2009-08-17 15:40 . 2009-08-17 15:40 1757696 c:\windows\Installer\11a852.msi
+ 2009-08-17 17:17 . 2009-08-17 17:17 7172096 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-17 00:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-01-05 344064]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2005-07-23 176128]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-24 233472]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-17 149280]
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"ASKService"=2 (0x2)
"aawservice"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/8/2008 7:37 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/8/2008 7:37 PM 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7/13/2008 10:23 AM 222456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/17/2009 8:56 AM 38160]
S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [8/10/2009 12:03 AM 464264]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a6rjsg2e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 11:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3944)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ZoneLabs\vsmon.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2009-08-17 11:41 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-17 17:40
ComboFix2.txt 2009-08-17 15:23
Pre-Run: 65,217,654,784 bytes free
Post-Run: 65,247,047,680 bytes free
688 --- E O F --- 2009-08-13 09:02
completed the combo fix, I am currently at work, I will finish the rest once I am home, just wanted to provide an update, again thank you for your assistance.
This topic has been closed due to inactivity.
If you still require help, please start a new topic and include a new HijackThis log with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.