site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security Cleanup > [Virus] PC lagging & self restarting

Search Topic:
 Uniqs:
777		 Share Topic
Posting?
Post a:
Post a:
Links: ·SCU FAQ ·Pre-Clean ·Site IMs ·VundoFix ·Zlob/Smitfraud ·SCU Helpers
AuthorAll Replies

SteveRichard

join:2012-01-03
Westwood, NJ

[Virus] PC lagging & self restarting

Thank you in advance for your time and expertise!
I was on a tax info website and I seemed to take a hit. My PC restarted itself and occasionally continues to do so. It is running very slow, though I don't see anything unusual in the task manager hogging resources.

I also have what "appears" to be a bogus windows update icon in my taskbar, I'm suggesting it's fake because it looks different than usual; its much more golden in color, is blurry, of poor detail, and somewhat misshapen.

I have created the files specified to submit, though I did not receive the "extras" file when I ran OTL. Ran MBT in both safe mode and normal without a detection; my antivirus also showed no detection in testing prior to following your instructions.

The ESET online virus scanner also returned negative; I ran it twice and was not provided nor had the ability to retain a log of those scans

Thanks again for your thoughts and insight!
to forum · permalink · 2012-01-03 17:35:10 ·


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:51
Reviews:
·Comcast
Host:
TV over IP
Software
RCN
Inside Insight
Team Discovery
3 edits

Hi Steve..... the ESET scan log should be located in C:/Program Files/Eset/Log.txt

I'll get to work opening what you have for easier analysis..

*Note Extras will not be found if OTL was run more than once.
LPP will advise when he reviews

to forum · permalink · 2012-01-03 18:39:03 ·


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:51
Reviews:
·Comcast
Host:
TV over IP
Software
RCN
Inside Insight
Team Discovery

reply to SteveRichard

MBAM

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.03.01

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
NEAL :: NEWDELHIDELI [administrator]

1/3/2012 6:31:22 AM
mbam-log-2012-01-03 (06-31-22).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 342690
Time elapsed: 57 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
to forum · permalink · 2012-01-03 18:39:25 ·


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:51
Reviews:
·Comcast
Host:
TV over IP
Software
RCN
Inside Insight
Team Discovery

reply to SteveRichard

OTL

OTL logfile created on: 1/3/2012 5:43:15 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

127.52 Mb Total Physical Memory | 7.82 Mb Available Physical Memory | 6.14% Memory free
691.39 Mb Paging File | 553.59 Mb Available in Paging File | 80.07% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 11.99 Gb Free Space | 32.18% Space Free | Partition Type: NTFS

Computer Name: NEWDELHIDELI | User Name: NEAL | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/01/02 22:26:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\OTL.exe
PRC - [2011/11/25 22:26:06 | 000,044,032 | ---- | M] (mozilla.org) -- C:\Program Files\SeaMonkey\seamonkey.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011/11/25 22:26:09 | 001,982,464 | ---- | M] () -- C:\Program Files\SeaMonkey\mozjs.dll
MOD - [2011/11/25 22:26:09 | 000,155,648 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldap32v60.dll
MOD - [2011/11/25 22:26:08 | 000,015,360 | ---- | M] () -- C:\Program Files\SeaMonkey\nsldappr32v60.dll
MOD - [2011/11/22 16:23:00 | 004,735,032 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
MOD - [2010/12/20 19:53:43 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/02/01 04:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/02/01 04:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/03/31 14:29:00 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2002/07/13 06:27:04 | 000,155,008 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2002/03/04 13:10:00 | 000,027,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2001/08/17 17:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 14:06:02 | 000,154,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Icam4USB.sys -- (Icam4USB)
DRV - [2001/08/10 03:26:02 | 000,022,608 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wandrv.sys -- (wandrv)
DRV - [2001/08/08 15:13:36 | 000,158,140 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2001/08/08 15:13:30 | 000,012,479 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2001/08/08 15:13:30 | 000,012,031 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2001/08/08 15:13:30 | 000,011,679 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2001/08/08 15:13:28 | 000,019,359 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2001/08/08 15:13:28 | 000,011,999 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2001/08/08 15:13:26 | 000,033,503 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2001/08/08 15:13:24 | 000,029,215 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2001/08/08 15:13:24 | 000,023,519 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2001/08/08 15:13:24 | 000,019,199 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "localhoast, 127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\NEAL.NEWDELHIDELI\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\NEAL.NEWDELHIDELI\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/18 10:00:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.5\extensions\\Components: C:\Program Files\SeaMonkey\components [2011/11/25 22:26:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.5\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2011/09/30 12:49:58 | 000,000,000 | ---D | M]

[2010/12/20 19:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\Extensions
[2010/12/20 19:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2012/01/01 19:25:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\SeaMonkey\Profiles\7c1uq6ee.default\extensions
[2012/01/01 18:49:50 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\SeaMonkey\Profiles\7c1uq6ee.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}(2)
[2011/06/28 14:39:43 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\SeaMonkey\Profiles\7c1uq6ee.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2012/01/01 18:51:20 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Mozilla\SeaMonkey\Profiles\7c1uq6ee.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011/07/18 10:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/21 11:25:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/07/08 02:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2001/08/18 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [PxDotNetLoader] C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe (Fidelity Investments)
O4 - Startup: C:\Documents and Settings\NEAL.NEWDELHIDELI\Start Menu\Programs\Startup\Outlook Express.lnk = C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} »download.microsoft.com/download/···3dmo.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} »java.sun.com/products/plugin/1.3···-win.cab (Java Plug-in 1.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{436C5332-4099-40F9-AACF-6ADC7BA00B26}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\x-atng {7e8717b0-d862-11d5-8c9e-00010304f989} - C:\Program Files\Fidelity Investments\Fidelity Active Trader\System\atngprot.dll (Fidelity Investments)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/08/01 21:46:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b1b4d4f1-0c9a-11e0-bc01-00e0189cced2}\Shell\AutoRun\command - "" = E:\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/01/03 05:33:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Recent
[2012/01/03 05:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/02 23:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/02 23:04:33 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\esetsmartinstaller_enu.exe
[2012/01/02 22:25:55 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\OTL.exe
[2012/01/02 22:15:47 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\TFC.exe
[2012/01/02 15:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/02 12:52:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/01/02 12:52:57 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/02 12:52:56 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/02 12:52:50 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/02 12:52:49 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/02 12:52:49 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/02 12:52:47 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/02 12:52:47 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/02 12:52:46 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/02 12:51:58 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/01/02 12:51:57 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/02 12:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/01/02 11:05:05 | 000,317,200 | ---- | C] (AVAST Software) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\aswclear.exe
[2012/01/01 19:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/01 18:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\sitemap.php_files
[2011/12/31 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Malwarebytes
[2011/12/30 13:47:16 | 000,000,000 | ---D | C] -- C:\8603775fe2267d977d45810c5f2d37
[2011/12/28 12:38:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\502702-liquor-prices-state-lets-try-capt-morgan_files

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/01/03 05:38:50 | 000,209,682 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\My Documents\cc_20120103_053756.reg
[2012/01/03 05:27:44 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/01/02 23:04:37 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\esetsmartinstaller_enu.exe
[2012/01/02 22:55:26 | 000,879,683 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\SecurityCheck.exe
[2012/01/02 22:26:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\OTL.exe
[2012/01/02 22:22:08 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/02 22:15:52 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\TFC.exe
[2012/01/02 22:14:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/02 22:11:02 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/01/02 22:08:57 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1300003180-502944281-3359896355-1006UA.job
[2012/01/02 21:44:04 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-995690780-3030765705-3508293876-1006UA.job
[2012/01/02 21:32:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/02 16:25:15 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/02 15:50:08 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/02 15:42:18 | 000,000,297 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\auto_update.rtf
[2012/01/02 15:08:13 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/02 13:44:10 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-995690780-3030765705-3508293876-1006Core.job
[2012/01/02 12:52:59 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/02 12:03:22 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\SYSTEM_FAIL.rtf
[2012/01/02 11:05:31 | 000,317,200 | ---- | M] (AVAST Software) -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\aswclear.exe
[2012/01/02 09:08:02 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1300003180-502944281-3359896355-1006Core1cc6fac57cf31 9a.job
[2012/01/01 19:43:07 | 064,207,032 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\setup_av_free(1).exe
[2012/01/01 19:01:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/30 20:28:52 | 000,446,890 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/30 20:28:52 | 000,073,508 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/30 14:08:09 | 000,005,249 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\avast.rtf
[2011/12/28 13:53:48 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\express_pay.bmp
[2011/12/27 20:09:50 | 000,171,605 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\DisplayFrontImage.jpg
[2011/12/23 23:37:51 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\chase12_23.bmp
[2011/12/18 22:19:07 | 000,596,994 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\BlackBeatles.mp3
[2011/12/17 09:21:48 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Start Menu\Programs\Startup\Outlook Express.lnk
[2011/12/15 18:44:15 | 000,397,493 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\mongo.jpg
[2011/12/15 09:35:45 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\hoho_12_11.bmp
[2011/12/14 19:19:06 | 000,128,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/14 16:17:44 | 003,320,454 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\metrofireradio101.zip
[2011/12/14 13:34:04 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\cco_dec11_b.bmp
[2011/12/14 13:31:42 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\cco_dec11.bmp
[2011/12/11 18:02:43 | 000,000,173 | ---- | M] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\monkey.rtf
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/01/03 05:38:13 | 000,209,682 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\My Documents\cc_20120103_053756.reg
[2012/01/03 05:27:42 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/01/02 22:55:23 | 000,879,683 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\SecurityCheck.exe
[2012/01/02 15:50:08 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/02 15:42:18 | 000,000,297 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\auto_update.rtf
[2012/01/02 12:52:59 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/02 12:03:22 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\SYSTEM_FAIL.rtf
[2012/01/01 19:43:06 | 064,207,032 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\setup_av_free(1).exe
[2011/12/30 14:08:08 | 000,005,249 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\avast.rtf
[2011/12/28 13:53:46 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\express_pay.bmp
[2011/12/27 20:09:49 | 000,171,605 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\DisplayFrontImage.jpg
[2011/12/23 23:37:50 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\chase12_23.bmp
[2011/12/18 22:19:06 | 000,596,994 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\BlackBeatles.mp3
[2011/12/17 09:21:48 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Start Menu\Programs\Startup\Outlook Express.lnk
[2011/12/15 18:44:15 | 000,397,493 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\mongo.jpg
[2011/12/15 14:37:54 | 001,253,105 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\chessy_mamo_gdn.JPG
[2011/12/15 09:35:44 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\hoho_12_11.bmp
[2011/12/14 13:34:03 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\cco_dec11_b.bmp
[2011/12/14 13:31:41 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\cco_dec11.bmp
[2011/12/11 18:02:42 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Desktop\monkey.rtf
[2011/09/15 22:55:00 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/25 18:56:22 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/21 02:17:38 | 003,320,454 | ---- | C] () -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\metrofireradio101.zip
[2010/10/06 09:29:16 | 000,002,319 | ---- | C] () -- C:\WINDOWS\DigiPan.INI
[2010/05/13 12:07:58 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/01/12 15:18:18 | 000,882,688 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/09/04 14:53:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2009/08/01 06:48:16 | 000,057,552 | ---- | C] () -- C:\WINDOWS\System32\WKDOS.EXE
[2009/08/01 06:47:44 | 000,077,895 | ---- | C] () -- C:\WINDOWS\System32\unibus_tcutil.dll
[2009/07/30 20:58:42 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/03/01 09:53:08 | 000,154,970 | ---- | C] () -- C:\WINDOWS\DSPDLL.DLL
[2009/03/01 09:53:08 | 000,023,120 | ---- | C] () -- C:\WINDOWS\MRCPAKIT.DLL
[2009/03/01 09:53:08 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Afosplot.ini
[2007/12/26 21:06:51 | 000,000,855 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/05/08 12:13:56 | 000,000,207 | ---- | C] () -- C:\WINDOWS\CD_Viewer.INI
[2006/04/07 21:47:24 | 000,000,223 | ---- | C] () -- C:\WINDOWS\freedom.backup.dat
[2006/04/07 20:33:38 | 000,000,070 | ---- | C] () -- C:\WINDOWS\503CDC6C.ini
[2006/01/01 20:23:33 | 000,068,939 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2006/01/01 20:23:33 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2005/03/19 11:10:09 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/02/26 12:22:02 | 000,000,018 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/01/14 12:17:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msxmidi.exe
[2004/10/27 19:10:38 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2003/12/05 20:01:40 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/12/05 19:58:24 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/03/27 16:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/02/26 17:15:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2002/11/10 11:09:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/11/10 11:09:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/11/10 11:09:45 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/11/10 11:09:41 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/11/10 11:09:35 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/11/10 11:09:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/11/10 11:09:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/11/10 11:08:40 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/11/10 11:08:03 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/02 03:11:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/08/02 00:16:30 | 000,009,310 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2002/08/02 00:01:50 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/08/01 23:59:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2002/08/01 23:59:14 | 000,000,599 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2002/08/01 23:59:13 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2002/08/01 23:10:54 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2002/08/01 22:50:25 | 000,000,029 | ---- | C] () -- C:\WINDOWS\ALSndMgr.ini
[2002/08/01 22:41:52 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2002/08/01 22:41:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2002/08/01 22:41:23 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/08/01 21:52:20 | 000,000,799 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/08/01 21:50:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/08/01 21:43:39 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/01 21:41:46 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/08/01 21:33:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/08/01 21:32:23 | 000,446,890 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/01 21:32:23 | 000,073,508 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/01 14:37:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/01 14:36:30 | 000,128,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/05/22 21:44:14 | 000,009,785 | ---- | C] () -- C:\WINDOWS\System32\drivers\a312.sys
[2002/05/22 21:04:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2002/05/15 05:26:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll
[2001/09/05 07:25:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\LoadDll.dll
[2001/08/08 15:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012/01/02 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/07/30 07:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/11/14 18:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fidelity Investments
[2010/01/22 16:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickMediaConverter
[2011/06/20 11:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/12/16 00:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/04/07 20:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zero Knowledge
[2010/10/06 13:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{6B430C56-3C01-4E9F-AE70-D59AB5AF3FE6}
[2011/09/12 09:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Audacity
[2011/04/16 09:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Camfrog
[2010/12/28 16:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\CocoonSoftware
[2010/12/22 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Foxit Software
[2002/08/02 04:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\InterTrust
[2011/04/03 22:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\IrfanView
[2010/12/21 17:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\OpenOffice.org
[2011/06/20 10:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\TechWizard
[2011/01/03 19:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NEAL.NEWDELHIDELI\Application Data\Template

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
to forum · permalink · 2012-01-03 18:39:59 ·


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:51
Reviews:
·Comcast
Host:
TV over IP
Software
RCN
Inside Insight
Team Discovery

reply to SteveRichard

Checkup

Results of screen317's Security Check version 0.99.30
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
[u]Antivirus/Firewall Check:[/u]
[color=red]Windows Security Center service is not running! This report may not be accurate![/color]
Windows Firewall Enabled!
avast! Free Antivirus
```````````````````````````````
[u]Anti-malware/Other Utilities Check:[/u]
HijackThis 2.0.2
CCleaner
Java 2 Runtime Environment Standard Edition v1.3.1
Java(TM) 6 Update 23
[color=red]Java version out of date![/color]
Adobe Flash Player 10.1.102.64 [color=red]Flash Player out of Date![/color]
Mozilla Firefox 5.0.1 [color=red]Firefox out of Date![/color]
````````````````````````````````
Process Check:
[u]objlist.exe by Laurent[/u]
``````````End of Log````````````
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
to forum · permalink · 2012-01-03 18:40:53 ·


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:51
Reviews:
·Comcast
Host:
TV over IP
Software
RCN
Inside Insight
Team Discovery
3 edits

reply to SteveRichard

ESET

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e823f6f356845d4eb76c24ec4d1f492e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-04 04:39:11
# local_time=2012-01-03 11:39:11 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 32841052 32841052 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=68127
# found=0
# cleaned=0
# scan_time=13038

Noting

quote:
**During the scan I had the Google homepage open and received a suspicious unresponsive script warning, I have a screen shot of it.It has likely hundreds of characters in it, but the suffix ends in "JzooA:JS:97" **
00:22:59.0453 0872 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
00:22:59.0718 0872 ============================================================
00:22:59.0718 0872 Current date / time: 2012/01/04 00:22:59.0718
00:22:59.0718 0872 SystemInfo:
00:22:59.0718 0872
00:22:59.0718 0872 OS Version: 5.1.2600 ServicePack: 3.0
00:22:59.0718 0872 Product type: Workstation
00:22:59.0718 0872 ComputerName: NEWDELHIDELI
00:22:59.0718 0872 UserName: NEAL
00:22:59.0718 0872 Windows directory: C:\WINDOWS
00:22:59.0718 0872 System windows directory: C:\WINDOWS
00:22:59.0718 0872 Processor architecture: Intel x86
00:22:59.0718 0872 Number of processors: 1
00:22:59.0718 0872 Page size: 0x1000
00:22:59.0718 0872 Boot type: Safe boot with network
00:22:59.0718 0872 ============================================================
00:23:03.0578 0872 Initialize success
00:23:25.0828 0924 ============================================================
00:23:25.0828 0924 Scan started
00:23:25.0828 0924 Mode: Manual;
00:23:25.0828 0924 ============================================================
00:23:27.0578 0924 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
00:23:27.0578 0924 Aavmker4 - ok
00:23:27.0781 0924 Abiosdsk - ok
00:23:27.0968 0924 abp480n5 - ok
00:23:28.0187 0924 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:23:28.0203 0924 ACPI - ok
00:23:28.0437 0924 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:23:28.0437 0924 ACPIEC - ok
00:23:28.0625 0924 adpu160m - ok
00:23:28.0859 0924 aeaudio (85c33f7f55042f9034818b96948d94c0) C:\WINDOWS\system32\drivers\aeaudio.sys
00:23:28.0859 0924 aeaudio - ok
00:23:29.0109 0924 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:23:29.0125 0924 aec - ok
00:23:29.0359 0924 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:23:29.0375 0924 AFD - ok
00:23:29.0562 0924 Aha154x - ok
00:23:29.0750 0924 aic78u2 - ok
00:23:29.0906 0924 aic78xx - ok
00:23:30.0125 0924 AliIde - ok
00:23:30.0296 0924 amsint - ok
00:23:30.0500 0924 asc - ok
00:23:30.0671 0924 asc3350p - ok
00:23:30.0859 0924 asc3550 - ok
00:23:31.0140 0924 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
00:23:31.0140 0924 aswFsBlk - ok
00:23:31.0390 0924 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
00:23:31.0406 0924 aswMon2 - ok
00:23:31.0656 0924 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
00:23:31.0656 0924 aswRdr - ok
00:23:31.0953 0924 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
00:23:32.0000 0924 aswSnx - ok
00:23:32.0250 0924 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
00:23:32.0281 0924 aswSP - ok
00:23:32.0468 0924 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
00:23:32.0484 0924 aswTdi - ok
00:23:32.0703 0924 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:23:32.0703 0924 AsyncMac - ok
00:23:32.0937 0924 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
00:23:32.0937 0924 atapi - ok
00:23:33.0140 0924 Atdisk - ok
00:23:33.0359 0924 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:23:33.0359 0924 Atmarpc - ok
00:23:33.0562 0924 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:23:33.0562 0924 audstub - ok
00:23:33.0796 0924 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:23:33.0796 0924 Beep - ok
00:23:34.0062 0924 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:23:34.0062 0924 cbidf2k - ok
00:23:34.0281 0924 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:23:34.0281 0924 CCDECODE - ok
00:23:34.0468 0924 cd20xrnt - ok
00:23:34.0640 0924 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:23:34.0640 0924 Cdaudio - ok
00:23:34.0859 0924 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:23:34.0875 0924 Cdfs - ok
00:23:35.0093 0924 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:23:35.0093 0924 Cdrom - ok
00:23:35.0281 0924 Changer - ok
00:23:35.0531 0924 CmdIde - ok
00:23:35.0765 0924 Cpqarray - ok
00:23:35.0937 0924 dac2w2k - ok
00:23:36.0125 0924 dac960nt - ok
00:23:36.0390 0924 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:23:36.0390 0924 Disk - ok
00:23:36.0671 0924 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
00:23:36.0734 0924 dmboot - ok
00:23:36.0953 0924 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
00:23:36.0968 0924 dmio - ok
00:23:37.0187 0924 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:23:37.0187 0924 dmload - ok
00:23:37.0421 0924 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
00:23:37.0421 0924 DMusic - ok
00:23:37.0656 0924 dpti2o - ok
00:23:37.0859 0924 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
00:23:37.0859 0924 drmkaud - ok
00:23:38.0171 0924 eaps2kbd (53ce0799c9384cac99942ff032285f21) C:\WINDOWS\system32\DRIVERS\eaps2kbd.sys
00:23:38.0171 0924 eaps2kbd - ok
00:23:38.0468 0924 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:23:38.0468 0924 Fastfat - ok
00:23:38.0718 0924 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
00:23:38.0734 0924 Fdc - ok
00:23:38.0937 0924 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
00:23:38.0953 0924 Fips - ok
00:23:39.0156 0924 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:23:39.0156 0924 Flpydisk - ok
00:23:39.0375 0924 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
00:23:39.0390 0924 FltMgr - ok
00:23:39.0625 0924 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:23:39.0625 0924 Fs_Rec - ok
00:23:39.0859 0924 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:23:39.0875 0924 Ftdisk - ok
00:23:40.0093 0924 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
00:23:40.0093 0924 gameenum - ok
00:23:40.0328 0924 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:23:40.0328 0924 Gpc - ok
00:23:40.0562 0924 hpn - ok
00:23:40.0718 0924 hpt3xx - ok
00:23:41.0015 0924 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:23:41.0046 0924 HTTP - ok
00:23:41.0234 0924 i2omgmt - ok
00:23:41.0406 0924 i2omp - ok
00:23:41.0609 0924 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:23:41.0609 0924 i8042prt - ok
00:23:41.0812 0924 i81x (007dbb8f9c35df8f8a20b8e7c1204b8b) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
00:23:41.0828 0924 i81x - ok
00:23:42.0031 0924 iAimFP0 (19f03895ce0b9e7fb514e67bb17edcb5) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
00:23:42.0031 0924 iAimFP0 - ok
00:23:42.0234 0924 iAimFP1 (479278c265b596c4fc1a2e0f51e70736) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
00:23:42.0234 0924 iAimFP1 - ok
00:23:42.0453 0924 iAimFP2 (66317ecbed58d15541cad4ed60888430) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
00:23:42.0453 0924 iAimFP2 - ok
00:23:42.0656 0924 iAimFP3 (5807920dcd9fe760ffd733a1297d164a) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
00:23:42.0656 0924 iAimFP3 - ok
00:23:42.0859 0924 iAimFP4 (afb6725ddf3f417495ab99198979ffb1) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
00:23:42.0859 0924 iAimFP4 - ok
00:23:43.0062 0924 iAimTV0 (3de116fe9fc7f15b0a5e0e611b344236) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
00:23:43.0062 0924 iAimTV0 - ok
00:23:43.0265 0924 iAimTV1 (275b8ec3a1aa555e3f1586eaf1302ac5) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
00:23:43.0281 0924 iAimTV1 - ok
00:23:43.0484 0924 iAimTV2 - ok
00:23:43.0656 0924 iAimTV3 (31d5981e35d0f158cd1031e0ee74c6fe) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
00:23:43.0671 0924 iAimTV3 - ok
00:23:43.0875 0924 iAimTV4 (78b4456a11582a927e9b1eca87d1e4f6) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
00:23:43.0890 0924 iAimTV4 - ok
00:23:44.0093 0924 ialm (86ba1718dee415bcd63fbe35f425d874) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
00:23:44.0093 0924 ialm - ok
00:23:44.0328 0924 Icam4USB (222f74130a2e3a2ed655226d97f03812) C:\WINDOWS\system32\Drivers\Icam4USB.sys
00:23:44.0328 0924 Icam4USB - ok
00:23:44.0609 0924 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:23:44.0625 0924 Imapi - ok
00:23:44.0828 0924 ini910u - ok
00:23:45.0062 0924 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
00:23:45.0078 0924 IntelIde - ok
00:23:45.0281 0924 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
00:23:45.0281 0924 ip6fw - ok
00:23:45.0515 0924 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:23:45.0515 0924 IpFilterDriver - ok
00:23:45.0734 0924 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:23:45.0734 0924 IpInIp - ok
00:23:45.0984 0924 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:23:45.0984 0924 IpNat - ok
00:23:46.0218 0924 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:23:46.0218 0924 IPSec - ok
00:23:46.0421 0924 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:23:46.0437 0924 IRENUM - ok
00:23:46.0656 0924 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:23:46.0656 0924 isapnp - ok
00:23:46.0890 0924 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:23:46.0890 0924 Kbdclass - ok
00:23:47.0125 0924 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:23:47.0140 0924 kmixer - ok
00:23:47.0359 0924 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:23:47.0359 0924 KSecDD - ok
00:23:47.0593 0924 lbrtfdc - ok
00:23:47.0906 0924 ltmodem5 (fa2ed4a054360f3f873c15420f1f19cc) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
00:23:47.0968 0924 ltmodem5 - ok
00:23:48.0203 0924 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:23:48.0203 0924 mnmdd - ok
00:23:48.0453 0924 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
00:23:48.0453 0924 Modem - ok
00:23:48.0687 0924 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:23:48.0687 0924 Mouclass - ok
00:23:48.0921 0924 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:23:48.0921 0924 MountMgr - ok
00:23:49.0109 0924 mraid35x - ok
00:23:49.0328 0924 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:23:49.0343 0924 MRxDAV - ok
00:23:49.0593 0924 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:23:49.0640 0924 MRxSmb - ok
00:23:49.0859 0924 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:23:49.0859 0924 Msfs - ok
00:23:50.0078 0924 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:23:50.0093 0924 MSKSSRV - ok
00:23:50.0312 0924 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:23:50.0312 0924 MSPCLOCK - ok
00:23:50.0531 0924 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:23:50.0546 0924 MSPQM - ok
00:23:50.0765 0924 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:23:50.0765 0924 mssmbios - ok
00:23:51.0000 0924 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
00:23:51.0000 0924 MSTEE - ok
00:23:51.0234 0924 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
00:23:51.0234 0924 ms_mpu401 - ok
00:23:51.0484 0924 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:23:51.0484 0924 Mup - ok
00:23:51.0703 0924 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:23:51.0703 0924 NABTSFEC - ok
00:23:51.0968 0924 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:23:51.0984 0924 NDIS - ok
00:23:52.0203 0924 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:23:52.0218 0924 NdisIP - ok
00:23:52.0390 0924 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:23:52.0390 0924 NdisTapi - ok
00:23:52.0625 0924 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:23:52.0625 0924 Ndisuio - ok
00:23:52.0859 0924 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:23:52.0859 0924 NdisWan - ok
00:23:53.0078 0924 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:23:53.0078 0924 NDProxy - ok
00:23:53.0296 0924 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:23:53.0296 0924 NetBIOS - ok
00:23:53.0531 0924 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:23:53.0531 0924 NetBT - ok
00:23:53.0890 0924 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:23:53.0890 0924 Npfs - ok
00:23:54.0140 0924 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:23:54.0187 0924 Ntfs - ok
00:23:54.0453 0924 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:23:54.0453 0924 Null - ok
00:23:54.0656 0924 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:23:54.0656 0924 NwlnkFlt - ok
00:23:54.0875 0924 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:23:54.0875 0924 NwlnkFwd - ok
00:23:55.0078 0924 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
00:23:55.0093 0924 Parport - ok
00:23:55.0296 0924 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:23:55.0296 0924 PartMgr - ok
00:23:55.0515 0924 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
00:23:55.0515 0924 ParVdm - ok
00:23:55.0750 0924 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
00:23:55.0765 0924 PCI - ok
00:23:55.0953 0924 PCIDump - ok
00:23:56.0171 0924 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
00:23:56.0171 0924 PCIIde - ok
00:23:56.0390 0924 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:23:56.0390 0924 Pcmcia - ok
00:23:56.0546 0924 PDCOMP - ok
00:23:56.0734 0924 PDFRAME - ok
00:23:56.0906 0924 PDRELI - ok
00:23:57.0093 0924 PDRFRAME - ok
00:23:57.0296 0924 perc2 - ok
00:23:57.0468 0924 perc2hib - ok
00:23:57.0843 0924 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:23:57.0843 0924 PptpMiniport - ok
00:23:58.0046 0924 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
00:23:58.0046 0924 Processor - ok
00:23:58.0265 0924 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:23:58.0265 0924 PSched - ok
00:23:58.0484 0924 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:23:58.0484 0924 Ptilink - ok
00:23:58.0671 0924 ql1080 - ok
00:23:58.0859 0924 Ql10wnt - ok
00:23:59.0015 0924 ql12160 - ok
00:23:59.0218 0924 ql1240 - ok
00:23:59.0390 0924 ql1280 - ok
00:23:59.0593 0924 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:23:59.0593 0924 RasAcd - ok
00:23:59.0906 0924 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:23:59.0906 0924 Rasl2tp - ok
00:24:00.0125 0924 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:24:00.0140 0924 RasPppoe - ok
00:24:00.0343 0924 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:24:00.0343 0924 Raspti - ok
00:24:00.0562 0924 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:24:00.0593 0924 Rdbss - ok
00:24:00.0843 0924 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:24:00.0859 0924 RDPCDD - ok
00:24:01.0125 0924 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
00:24:01.0125 0924 RDPWD - ok
00:24:01.0390 0924 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:24:01.0390 0924 redbook - ok
00:24:01.0687 0924 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
00:24:01.0703 0924 rtl8139 - ok
00:24:01.0906 0924 S3Psddr (6d9e6867f89a3b06cf317fc4c7ee5029) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
00:24:01.0921 0924 S3Psddr - ok
00:24:02.0218 0924 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:24:02.0218 0924 Secdrv - ok
00:24:02.0453 0924 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
00:24:02.0453 0924 Serenum - ok
00:24:02.0671 0924 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
00:24:02.0687 0924 Serial - ok
00:24:02.0953 0924 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:24:02.0953 0924 Sfloppy - ok
00:24:03.0203 0924 Simbad - ok
00:24:03.0390 0924 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:24:03.0406 0924 SLIP - ok
00:24:03.0687 0924 smwdm (af723f71210d1ed3df9c5c91b4a37f93) C:\WINDOWS\system32\drivers\smwdm.sys
00:24:03.0734 0924 smwdm - ok
00:24:03.0906 0924 Sparrow - ok
00:24:04.0125 0924 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:24:04.0125 0924 splitter - ok
00:24:04.0390 0924 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
00:24:04.0406 0924 sr - ok
00:24:04.0703 0924 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:24:04.0734 0924 Srv - ok
00:24:05.0000 0924 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:24:05.0000 0924 streamip - ok
00:24:05.0203 0924 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:24:05.0203 0924 swenum - ok
00:24:05.0437 0924 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
00:24:05.0437 0924 swmidi - ok
00:24:05.0656 0924 symc810 - ok
00:24:05.0812 0924 symc8xx - ok
00:24:06.0000 0924 sym_hi - ok
00:24:06.0171 0924 sym_u3 - ok
00:24:06.0375 0924 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
00:24:06.0375 0924 sysaudio - ok
00:24:06.0656 0924 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:24:06.0703 0924 Tcpip - ok
00:24:06.0937 0924 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:24:06.0937 0924 TDPIPE - ok
00:24:07.0140 0924 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:24:07.0156 0924 TDTCP - ok
00:24:07.0343 0924 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:24:07.0343 0924 TermDD - ok
00:24:07.0562 0924 TosIde - ok
00:24:07.0812 0924 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:24:07.0812 0924 Udfs - ok
00:24:08.0000 0924 ultra - ok
00:24:08.0218 0924 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:24:08.0250 0924 Update - ok
00:24:08.0531 0924 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:24:08.0531 0924 usbccgp - ok
00:24:08.0781 0924 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:24:08.0781 0924 usbehci - ok
00:24:09.0000 0924 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:24:09.0015 0924 usbhub - ok
00:24:09.0234 0924 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:24:09.0250 0924 USBSTOR - ok
00:24:09.0437 0924 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:24:09.0437 0924 usbuhci - ok
00:24:09.0656 0924 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:24:09.0656 0924 VgaSave - ok
00:24:09.0875 0924 viaagp1 (099f10c7b9d4c7a2bf48d4c6eca1e7f1) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
00:24:09.0875 0924 viaagp1 - ok
00:24:10.0109 0924 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
00:24:10.0125 0924 ViaIde - ok
00:24:10.0328 0924 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
00:24:10.0328 0924 VolSnap - ok
00:24:10.0640 0924 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:24:10.0640 0924 Wanarp - ok
00:24:10.0859 0924 wandrv (30211add92098d4b5cfadbf3da01e69b) C:\WINDOWS\system32\DRIVERS\wandrv.sys
00:24:10.0859 0924 wandrv - ok
00:24:11.0046 0924 WDICA - ok
00:24:11.0250 0924 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:24:11.0250 0924 wdmaud - ok
00:24:11.0750 0924 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:24:11.0750 0924 WSTCODEC - ok
00:24:12.0000 0924 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:24:12.0000 0924 WudfPf - ok
00:24:12.0250 0924 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:24:12.0250 0924 WudfRd - ok
00:24:12.0593 0924 {6080A529-897E-4629-A488-ABA0C29B635E} (5b3d453a2f38105bcd0c573b94dea346) C:\WINDOWS\system32\drivers\ialmsbw.sys
00:24:12.0593 0924 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
00:24:12.0828 0924 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (e147bd61a697701096ca5c830a5adb90) C:\WINDOWS\system32\drivers\ialmkchw.sys
00:24:12.0828 0924 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
00:24:12.0875 0924 MBR (0x1B8) (24bf22b59c30b9b11e1af62cfc3c418e) \Device\Harddisk0\DR0
00:24:12.0921 0924 \Device\Harddisk0\DR0 - ok
00:24:12.0953 0924 Boot (0x1200) (1b801603894e31d44a6e3ec8217d6273) \Device\Harddisk0\DR0\Partition0
00:24:12.0953 0924 \Device\Harddisk0\DR0\Partition0 - ok
00:24:12.0984 0924 ============================================================
00:24:12.0984 0924 Scan finished
00:24:12.0984 0924 ============================================================
00:24:13.0093 0868 Detected object count: 0
00:24:13.0093 0868 Actual detected object count: 0
to forum · permalink · 2012-01-03 18:41:12 ·


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23
Reviews:
·Comcast

reply to SteveRichard

Re: [Virus] PC lagging & self restarting

First:
Can you post a screen shot of the tray icon in question.

Second:
Download and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found.

You find link(s) and instructions here:
»Security Cleanup FAQ »Rootkit Detection Applications
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum
to forum · permalink · 2012-01-04 11:59:55 ·


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:51
Reviews:
·Comcast
Host:
TV over IP
Software
RCN
Inside Insight
Team Discovery

reply to SteveRichard
When you perform the guidelines here - and start a help thread - you are embarking on a journey.

You're one part of the effort to confirm safe passage on the internet, and your "helper" is the other. It's teamwork at it's finest.

Our expectations - from start to finish are that we leave you safe and clean, and educated on how to prevent re-infection.
This is a free service we offer, and our volunteers are unpaid. They do it because they truly enjoy helping people.

Please follow all of the requests made by your Helper, including submitting to the Forum all log results.
This helps others who frequent this forum to learn or who are seeking answers as well, to see what is going on.

We need to ascertain that everything is truly "ok".

Note that many of the utilities utilized require a formal uninstall process to return your system to a normal operating state.

It's work - yes, but it's necessary.

Therefore, we ask you please see this through till your "helper" deems you "clean". You can do it!
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~

to forum · permalink · 2012-01-08 20:54:46 ·
Forums > Broadband Tech > Security > Security Cleanup

Monday, 04-Jun 13:20:47 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics