TechSpot

[Closed] Infected Computer cant access Internet

Inactive
By Jackiesp
Aug 11, 2013
  1. Hi my name is Jackie

    I hope you can help. I have recently moved and haven't used my PC for a couple of months. I have just started it up and tried to access the internet. I received an error message saying "The Server's Security Certificates Revoked! You attempted to reach accounts@google.com but the certificate that the server presented has been revoked by its issuer. This means that the security credentials the server presented absolutely should not be trusted. You may be communicating with an attacker. You cannot proceed because the website operator has requested heightened security for this domain"

    Also my Avast security keeps alerting me to infected webpages. Malwarebytes have also detected some malware.

    I had a similar problem to this previously however due to moving I have not had access to internet or my computer and I think my previous post was closed.

    I have posted my logs below:

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.08.11.04

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Max :: MAX [administrator]

    11/08/2013 18:25:21
    mbam-log-2013-08-11 (18-25-21).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 258775
    Time elapsed: 29 minute(s), 20 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\RECYCLER\S-1-5-21-823518204-1547161642-839522115-1004\$RA766E186 (Trojan.FakeMS) -> Quarantined and deleted successfully.

    (end)

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/06/2010 15:36:45
    System Uptime: 11/08/2013 19:18:39 (0 hours ago)
    .
    Motherboard: eveshamvale | | MS-7125
    Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket 939 | 2010/201mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 147 GiB total, 25.167 GiB free.
    J: is FIXED (NTFS) - 932 GiB total, 198.292 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMSONY_DVD_RW_DW-Q28A_____________________KYS1____\4&FB5CB90&0&1.0.0
    Manufacturer: (Standard CD-ROM drives)
    Name: SONY DVD RW DW-Q28A
    PNP Device ID: IDE\CDROMSONY_DVD_RW_DW-Q28A_____________________KYS1____\4&FB5CB90&0&1.0.0
    Service: cdrom
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMSONY_DVD-ROM_DDU1615____________________FYS2____\4&FB5CB90&0&1.1.0
    Manufacturer: (Standard CD-ROM drives)
    Name: SONY DVD-ROM DDU1615
    PNP Device ID: IDE\CDROMSONY_DVD-ROM_DDU1615____________________FYS2____\4&FB5CB90&0&1.1.0
    Service: cdrom
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: SCSI\CDROM&VEN_CRMB&PROD_C1AZKLIBSH&REV_3.5Z\5&2134D835&0&000
    Manufacturer: (Standard CD-ROM drives)
    Name: CRMB C1AZKLIBSH SCSI CdRom Device
    PNP Device ID: SCSI\CDROM&VEN_CRMB&PROD_C1AZKLIBSH&REV_3.5Z\5&2134D835&0&000
    Service: cdrom
    .
    ==== System Restore Points ===================
    .
    RP975: 13/06/2013 02:32:23 - System Checkpoint
    RP976: 13/06/2013 02:32:32 - OTL Restore Point - 13/06/2013 02:32:29
    RP977: 13/06/2013 02:47:09 - Removed Java 7 Update 9
    RP978: 13/06/2013 02:47:23 - Removed Java(TM) 6 Update 29
    RP979: 13/06/2013 02:54:09 - Installed QuickTime
    RP980: 24/06/2013 21:09:33 - Revo Uninstaller's restore point - Java(TM) 6 Update 29
    RP981: 24/06/2013 21:13:38 - Removed Java(TM) 6 Update 29
    RP982: 24/06/2013 21:20:33 - Revo Uninstaller's restore point - Java 7 Update 9
    RP983: 24/06/2013 21:22:00 - Removed Java 7 Update 9
    RP984: 11/08/2013 15:45:26 - Revo Uninstaller's restore point - Avira Free Antivirus
    RP985: 11/08/2013 16:23:40 - Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 1.75.0.1300
    RP986: 11/08/2013 17:09:15 - avast! Free Antivirus Setup
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Media Player
    Adobe Reader XI (11.0.03)
    Agatha Christie - And Then There Were None
    Apple Application Support
    Apple Software Update
    avast! Free Antivirus
    BitComet 1.35
    BlackBerry App World Browser Plugin
    BlackBerry Desktop Software 7.1
    BlackBerry Device Software Updater
    Bonjour
    CCleaner
    Compatibility Pack for the 2007 Office system
    Free Video to MP3 Converter version 5.0.22.128
    Free YouTube Download version 3.2.0.128
    Free YouTube to MP3 Converter version 3.12.0.128
    Freemake Video Converter version 3.1.2
    Google Chrome
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office File Validation Add-In
    Microsoft Office Live Add-in 1.5
    Microsoft Office Outlook Connector
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual J# 2.0 Redistributable Package
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    NVIDIA ForceWare Network Access Manager
    PowerDVD
    QuickTime
    Realtek AC'97 Audio
    RegCure Pro
    Revo Uninstaller 1.94
    Secunia PSI (3.0.0.7009)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB2792100)
    Security Update for Windows Internet Explorer 8 (KB2797052)
    Security Update for Windows Internet Explorer 8 (KB2799329)
    Security Update for Windows Internet Explorer 8 (KB2809289)
    Security Update for Windows Internet Explorer 8 (KB2817183)
    Security Update for Windows Internet Explorer 8 (KB2829530)
    Security Update for Windows Internet Explorer 8 (KB2838727)
    Security Update for Windows Internet Explorer 8 (KB2847204)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows XP (KB2839229)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB982381)
    Segoe UI
    Sky Broadband
    Sky Broadband Browser Branding
    SmartSound Quicktracks Plugin
    Tweaking.com - Windows Repair (All in One)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB982632)
    Virtual DJ - Atomix Productions
    VLC media player 2.0.6
    WebFldrs XP
    Winamp
    Winamp Detector Plug-in
    Windows Imaging Component
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format Runtime
    Windows Media Player Firefox Plugin
    Windows XP Service Pack 3
    WinRAR archiver
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/08/2013 19:32:39, information: Windows File Protection [64002] - File replacement was attempted on the protected system file serial.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
    11/08/2013 19:21:10, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi PCIIde
    11/08/2013 19:19:41, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    11/08/2013 16:33:30, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    11/08/2013 16:33:30, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    11/08/2013 15:32:54, error: Service Control Manager [7024] - The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).
    11/08/2013 15:13:08, error: Service Control Manager [7031] - The Avira Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    11/08/2013 15:13:07, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    11/08/2013 15:12:54, error: Service Control Manager [7031] - The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    11/08/2013 15:09:04, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Volume Shadow Copy service to connect.
    11/08/2013 15:09:04, error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/08/2013 15:08:36, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
    .
    ==== End Of File ===========================

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702
    Run by Max at 19:31:17 on 2013-08-11
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.511.263 [GMT 1:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ================
    .
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    C:\Program Files\Secunia\PSI\sua.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.co.uk/
    BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    uPolicies-Explorer: NoDriveAutoRun = dword:67108863
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
    IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\program files\common files\dvdvideosoft\plugins\freeytvdownloader.htm
    IE: Free YouTube to MP3 Converter - c:\program files\common files\dvdvideosoft\plugins\freeytmp3downloader.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    LSP: mswsock.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1351086641375
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{46B03ACA-D47D-4E37-BA15-FA6D2FEBA269} : DHCPNameServer = 192.168.1.254
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-8-11 49376]
    R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-8-11 175176]
    R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2005-2-11 16640]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-8-11 770344]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-8-11 369584]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-8-11 29816]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-8-11 66336]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-12-7 54760]
    R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-4-18 16024]
    S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 83208]
    S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 15112]
    S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 108680]
    S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 100488]
    S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 98568]
    S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [2010-6-12 223128]
    .
    =============== File Associations ===============
    .
    ShellExec: BitComet.exe: open="c:\program files\bitcomet\BitComet.exe"
    .
    =============== Created Last 30 ================
    .
    2013-08-11 17:23:3122856----a-w-c:\windows\system32\drivers\mbam.sys
    2013-08-11 17:22:51--------d-----w-c:\program files\Malwarebytes' Anti-Malware
    2013-08-11 16:13:53770344----a-w-c:\windows\system32\drivers\aswSnx.sys
    2013-08-11 16:13:5249376----a-w-c:\windows\system32\drivers\aswRvrt.sys
    2013-08-11 16:13:52175176----a-w-c:\windows\system32\drivers\aswVmm.sys
    2013-08-11 16:13:5166336----a-w-c:\windows\system32\drivers\aswMonFlt.sys
    2013-08-11 16:11:0341664----a-w-c:\windows\avastSS.scr
    2013-08-11 16:08:11--------d-----w-c:\documents and settings\all users\application data\AVAST Software
    .
    ==================== Find3M ====================
    .
    2013-08-11 14:30:3171048----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-08-11 14:30:31692104----a-w-c:\windows\system32\FlashPlayerApp.exe
    2013-06-12 01:37:3615616----a-w-c:\windows\system32\drivers\TrueSight.sys
    .
    ============= FINISH: 19:33:46.07 ===============
     
  2. Broni

    Broni Malware Annihilator Posts: 47,156   +264

Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.