Solved Suspect virus infection with my HP netbook

[Carmen__Tsamg]

Hi, my situation is that it takes such a long time to turn on and turn off (min. 5 mins ) and also for every program I try to open, it always becomes unresponsive for the first and second times. It always takes a few time to open it, I don't know why, and it is so slow, please help me, I will try to post up the 4 step procedures in the following 10 mins. Thank you so much again.

 

[Carmen__Tsamg]

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.07.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
hp :: CARMENTSANG-HP [administrator]

07/02/13 17:53:43
mbam-log-2013-02-07 (17-53-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232470
Time elapsed: 1 hour(s), 42 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
P.S. It takes me three attempts to open malwarebytes....

 

[Carmen__Tsamg]

Avg froze when I tried to disable it for the DDS run....
Chrome is again, unresponsive, (for the third time since I turn on the computer)

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

============================

Unless you have paid version of MBAM you don't have to disable it to run DDS.

 

[Carmen__Tsamg]

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2
Run by hp at 20:16:16 on 2013-02-07
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
c:\program files\soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Western Digital\WD Apps\WDDriveAutoUnlock.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PPStream\PPSAP.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
C:\Program Files\Ginger\GingerClient.exe
C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\sdclt.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Ginger\GingerServices\GingerServices.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intuit\QuickBooks 2010\QBW32PremierGeneric.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intuit\QuickBooks 2010\QBHelp.exe
C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\conhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.143.1636.0.exe
C:\Windows\system32\MpSigStub.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hp\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k PPTVServiceGroup
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.155.com/?id=2012
uWindow Title = Internet Explorer, optimized for Bing and MSN
uURLSearchHooks: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - c:\program files\utorrentbar_fr\prxtbuTor.dll
mURLSearchHooks: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - c:\program files\utorrentbar_fr\prxtbuTor.dll
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
BHO: VideoUrlSniffer Class: {00000ADA-7E0D-47C1-986C-F017D09C4304} - c:\users\public\thunder network\xmp4\core\program\VideoUrlSniffer.2.0.3.100.(349).dll
BHO: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - c:\program files\utorrentbar_fr\prxtbuTor.dll
BHO: Ginger Grammar & Spell Checker: {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - c:\program files\ginger\gingerieaddin\adxloader.dll
BHO: N﹐A×FLVEOAμDaI??°IAOOO§3O: {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - c:\program files\thunder network\thunder\bho\XlBrowserAddin1.0.6.69.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: N﹐A×IAOOO§3O: {889D2FEB-5411-4565-8998-1DD2C5261283} - c:\program files\thunder network\thunder\bho\XunleiBHO7.2.5.3364.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.0.2.14\AVG Secure Search_toolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: KMP Media Toolbar: {daf5b34c-1aa3-4c33-ae24-766a370635d2} - c:\program files\kmpmediatoolbar\searchresultsDx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - c:\program files\softonic\softonic\1.5.11.5\bh\softonic.dll
TB: uTorrentBar_FR Toolbar: {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - c:\program files\utorrentbar_fr\prxtbuTor.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - c:\program files\softonic\softonic\1.5.11.5\softonicTlbr.dll
TB: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - c:\program files\utorrentbar_fr\prxtbuTor.dll
TB: KMP Media Toolbar: {daf5b34c-1aa3-4c33-ae24-766a370635d2} - c:\program files\kmpmediatoolbar\searchresultsDx.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.0.2.14\AVG Secure Search_toolbar.dll
uRun: [Google Update] "c:\users\hp\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Key Name] c:\users\hp\appdata\local\temp\winupdate.exe
uRun: [PPS Accelerator] c:\program files\ppstream\ppsap.exe
uRun: [PPAP] "c:\program files\common files\pplivenetwork\PPAP.exe" -background
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [IME14 CHT Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /CHT /Log
mRun: [IME14 JPN Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /JPN /Log
mRun: [IME14 KOR Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /KOR /Log
mRun: [IME14 CHS Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /CHS /Log
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [BingDesktop] c:\program files\microsoft\bingdesktop\BingDesktop.exe /fromkey
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [WD Drive Unlocker] c:\program files\western digital\wd apps\WDDriveAutoUnlock.exe
mRun: [WD Quick View] c:\program files\western digital\wd smartware\WDDMStatus.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &妏蚚&捃濘燭盄狟婥 - c:\program files\thunder network\thunder\bho\OfflineDownload.htm
IE: &妏蚚&捃濘狟婥 - c:\program files\thunder network\thunder\bho\geturl.htm
IE: &妏蚚&捃濘狟婥窒蟈諉 - c:\program files\thunder network\thunder\bho\GetAllUrl.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: 使用迅雷看看播放器播放 - c:\users\public\thunder network\xmp4\core\program\XmpIEMenu.htm
IE: {019c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\users\public\thunder network\xmp4\core\program\XmpIEToolMenu.htm
IE: {119c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\users\public\thunder network\xmp4\core\program\XmpIEToolBar.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {95B3F550-91C4-4627-BCC4-521288C52977} - c:\program files\pplive\pptv\PPLive.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 204.197.191.194 38.117.85.2
TCP: Interfaces\{473F745D-849F-411F-84CE-A05CA216843D} : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{473F745D-849F-411F-84CE-A05CA216843D}\055726C69636 : DHCPNameServer = 192.168.101.111 192.168.101.112
TCP: Interfaces\{473F745D-849F-411F-84CE-A05CA216843D}\142434 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{473F745D-849F-411F-84CE-A05CA216843D}\46C696E6B6023762E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{473F745D-849F-411F-84CE-A05CA216843D}\C4162657474716 : DHCPNameServer = 64.71.255.198
TCP: Interfaces\{DB35DE6F-4B92-4CBE-A049-D84E7FFE3BAA} : DHCPNameServer = 204.197.191.194 38.117.85.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - c:\program files\kugou2012\KuGoo3DownXControl.ocx
Handler: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - c:\program files\kugou2012\KuGoo3DownXControl.ocx
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.0.1\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
2 AVGIDSAgent;AVGIDSAgent
R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
R? BBSvc;Bing Bar Update Service
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz136;cpuz136
R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
R? GamesAppService;GamesAppService
R? HPAuto;HP Auto
R? HPClientSvc;HP Client Services
R? hpCMSrv;HP Connection Manager 4.0 Service
R? HPWMISVC;HPWMISVC
R? IAStorDataMgrSvc;Intel(R) Rapid Storage Technology
R? KMService;KMService
R? PanService;PandoraService
R? RdpVideoMiniport;Remote Desktop Video Miniport Driver
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? Sage Simply Accounting Transaction Manager 2012 - CDN;Sage Simply Accounting Transaction Manager 2012 - CDN
R? SkypeUpdate;Skype Updater
R? SolutoRemoteService;Soluto Remote Service
R? SrvHsfHDA;SrvHsfHDA
R? SrvHsfV92;SrvHsfV92
R? SrvHsfWinac;SrvHsfWinac
R? ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? WDC_SAM;WD SCSI Pass Thru driver
R? wlcrasvc;Windows Live Mesh remote connections service
S? AESTFilters;Andrea ST Filters Service
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgtp;avgtp
S? avgwd;AVG WatchDog
S? BingDesktopUpdate;Bing Desktop Update service
S? cpuz135;cpuz135
S? HP Support Assistant Service;HP Support Assistant Service
S? HPDrvMntSvc.exe;HP Quick Synchronization Service
S? ImeDictUpdateService;Microsoft IME Dictionary Update
S? MpFilter;Microsoft Malware Protection Driver
S? MpKslbc5e93f2;MpKslbc5e93f2
S? netr28;Ralink 802.11n Extensible Wireless Driver
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
S? persdwmsrv;Personalization Panel DWM controller
S? PPTVService;PPTVService
S? RTL8167;Realtek 8167 NT Driver
S? Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager
S? Skype C2C Service;Skype C2C Service
S? Soluto;Soluto
S? SolutoLauncherService;Soluto Launcher Service
S? SolutoService;Soluto PCGenome Core Service
S? vToolbarUpdater14.0.1;vToolbarUpdater14.0.1
S? WDDMService;WDDMService
S? WDDriveService;WD Drive Manager
S? WDFMEService;WDFME
S? WDRulesService;WDRules
S? XLServicePlatform;XLServicePlatform
.
=============== File Associations ===============
.
FileExt: .txt: Applications\Winword.exe="c:\program files\microsoft office\office14\WINWORD.EXE" /n "%1" [UserChoice] [default=edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2013-02-07 22:45:3629904----a-w-c:\programdata\microsoft\microsoft antimalware\definition updates\{f10273d4-bcb4-4b9f-a38c-78a59af82751}\MpKslbc5e93f2.sys
2013-02-06 03:29:3151144----a-w-c:\windows\system32\drivers\Soluto.sys
2013-02-06 03:29:08--------d-----w-c:\program files\Soluto
2013-02-06 03:24:006991832------w-c:\programdata\microsoft\microsoft antimalware\definition updates\{f10273d4-bcb4-4b9f-a38c-78a59af82751}\mpengine.dll
2013-02-02 14:16:056991832------w-c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-02-02 03:41:3094112----a-w-c:\windows\system32\WindowsAccessBridge.dll
2013-01-25 16:45:422551808----a-w-c:\programdata\microsoft\bingdesktop\updater\BingDesktop.msi
2013-01-20 23:59:19154624----a-w-c:\windows\system32\iisRtl.dll
2013-01-20 23:59:1150688----a-w-c:\windows\system32\admwprox.dll
2013-01-20 23:59:0915360----a-w-c:\windows\system32\iisreset.exe
2013-01-20 23:59:0826624----a-w-c:\windows\system32\ahadmin.dll
2013-01-20 23:59:0810752----a-w-c:\windows\system32\wamregps.dll
2013-01-20 23:59:058192----a-w-c:\windows\system32\iisrstap.dll
2013-01-18 04:38:34--------d-----w-C:\inetpub
2013-01-14 02:08:49626688----a-w-c:\windows\system32\usp10.dll
2013-01-14 02:08:24492032----a-w-c:\windows\system32\win32spl.dll
2013-01-14 02:06:583072---ha-w-c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-14 02:02:231389568----a-w-c:\windows\system32\msxml6.dll
2013-01-10 03:26:27--------d-----w-c:\users\hp\appdata\local\{431FCEA0-4E67-4FC8-BB13-85D6FE0735DA}
2013-01-10 03:24:50--------d-----w-c:\users\hp\appdata\local\{61760343-1D37-4A28-9B6C-EA896F8735B7}
2013-01-10 03:17:34--------d-----w-c:\users\hp\appdata\local\{C999CF02-02F8-46A5-96D7-3EC374F13191}
.
==================== Find3M ====================
.
2013-02-08 00:11:04697712----a-w-c:\windows\system32\FlashPlayerApp.exe
2013-02-08 00:11:0374096----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-02 03:39:02861088----a-w-c:\windows\system32\npdeployJava1.dll
2013-02-02 03:39:01782240----a-w-c:\windows\system32\deployJava1.dll
2013-01-30 10:53:21232336------w-c:\windows\system32\MpSigStub.exe
2013-01-25 01:49:2831576----a-w-c:\windows\system32\drivers\avgtpx86.sys
2012-12-27 07:34:133072----a-w-c:\windows\system32\drivers\fr-fr\nfsrdr.sys.mui
2012-12-27 07:33:1114336----a-w-c:\windows\system32\drivers\fr-fr\vpcvmm.sys.mui
2012-12-27 07:33:107168----a-w-c:\windows\system32\drivers\fr-fr\rdvgkmd.sys.mui
2012-12-27 07:33:042048----a-w-c:\windows\system32\drivers\fr-fr\vpcnfltr.sys.mui
2012-12-27 07:33:033584----a-w-c:\windows\system32\drivers\fr-fr\vpchbus.sys.mui
2012-12-27 07:33:024608----a-w-c:\windows\system32\drivers\fr-fr\tsusbhub.sys.mui
2012-12-27 07:33:022048----a-w-c:\windows\system32\drivers\fr-fr\vpcuxd.sys.mui
2012-12-27 07:33:022048----a-w-c:\windows\system32\drivers\fr-fr\vpcusb.sys.mui
2012-12-27 04:42:342048----a-w-c:\windows\system32\drivers\zh-tw\usbrpm.sys.mui
2012-12-27 04:41:307680----a-w-c:\windows\system32\drivers\zh-tw\fvevol.sys.mui
2012-12-27 04:39:322048----a-w-c:\windows\system32\drivers\umdf\zh-tw\WpdMtpDr.dll.mui
2012-12-27 04:36:119728----a-w-c:\windows\system32\drivers\zh-tw\nwifi.sys.mui
2012-12-27 04:36:102560----a-w-c:\windows\system32\drivers\zh-tw\qwavedrv.sys.mui
2012-12-27 04:33:5513824----a-w-c:\windows\system32\drivers\zh-tw\bfe.dll.mui
2012-12-27 04:32:573072----a-w-c:\windows\system32\drivers\zh-tw\modem.sys.mui
2012-12-27 04:32:562048----a-w-c:\windows\system32\drivers\zh-tw\volmgrx.sys.mui
2012-12-27 04:32:5210752----a-w-c:\windows\system32\drivers\zh-tw\afd.sys.mui
2012-12-27 04:32:465120----a-w-c:\windows\system32\drivers\zh-tw\tunnel.sys.mui
2012-12-27 04:32:434096----a-w-c:\windows\system32\drivers\zh-tw\luafv.sys.mui
2012-12-27 04:32:433584----a-w-c:\windows\system32\drivers\zh-tw\rdbss.sys.mui
2012-12-27 04:32:3230208----a-w-c:\windows\system32\drivers\zh-tw\ntfs.sys.mui
2012-12-27 04:31:532048----a-w-c:\windows\system32\drivers\zh-tw\partmgr.sys.mui
2012-12-27 04:31:502560----a-w-c:\windows\system32\drivers\zh-tw\ndisuio.sys.mui
2012-12-27 04:31:502048----a-w-c:\windows\system32\drivers\zh-tw\mountmgr.sys.mui
2012-12-27 04:31:134608----a-w-c:\windows\system32\drivers\zh-tw\ndiscap.sys.mui
2012-12-27 04:31:112048----a-w-c:\windows\system32\drivers\zh-tw\scfilter.sys.mui
2012-12-27 04:30:503584----a-w-c:\windows\system32\drivers\zh-tw\fltmgr.sys.mui
2012-12-27 04:30:2225088----a-w-c:\windows\system32\drivers\zh-tw\ndis.sys.mui
2012-12-27 04:29:4821504----a-w-c:\windows\system32\drivers\zh-tw\http.sys.mui
2012-12-27 04:29:432048----a-w-c:\windows\system32\drivers\zh-tw\ws2ifsl.sys.mui
2012-12-27 04:29:4230208----a-w-c:\windows\system32\drivers\zh-tw\tcpip.sys.mui
2012-12-27 03:19:592560----a-w-c:\windows\system32\drivers\fr-fr\usbrpm.sys.mui
2012-12-27 03:18:4318432----a-w-c:\windows\system32\drivers\fr-fr\fvevol.sys.mui
2012-12-27 03:17:012560----a-w-c:\windows\system32\drivers\umdf\fr-fr\WpdMtpDr.dll.mui
2012-12-27 03:15:2516896----a-w-c:\windows\system32\drivers\fr-fr\nwifi.sys.mui
2012-12-27 03:15:242560----a-w-c:\windows\system32\drivers\fr-fr\qwavedrv.sys.mui
2012-12-27 03:12:193584----a-w-c:\windows\system32\spool\prtprocs\w32x86\fr-fr\LXKPTPRC.DLL.mui
2012-12-27 03:08:594096----a-w-c:\windows\system32\drivers\fr-fr\hdaudbus.sys.mui
2012-12-27 03:08:488192----a-w-c:\windows\system32\drivers\fr-fr\bthport.sys.mui
2012-12-27 03:08:482560----a-w-c:\windows\system32\drivers\fr-fr\BTHUSB.SYS.mui
2012-12-27 03:08:482048----a-w-c:\windows\system32\drivers\fr-fr\bthenum.sys.mui
2012-12-27 03:08:473584----a-w-c:\windows\system32\drivers\fr-fr\atikmdag.sys.mui
2012-12-27 03:06:492560----a-w-c:\windows\system32\drivers\fr-fr\pnpmem.sys.mui
2012-12-27 03:06:484608----a-w-c:\windows\system32\drivers\fr-fr\pcmcia.sys.mui
2012-12-27 03:06:394096----a-w-c:\windows\system32\drivers\fr-fr\pscr.sys.mui
2012-12-27 03:06:367168----a-w-c:\windows\system32\drivers\umdf\fr-fr\WUDFUsbccidDriver.dll.mui
2012-12-27 03:06:317168----a-w-c:\windows\system32\drivers\fr-fr\msdsm.sys.mui
2012-12-27 03:06:3138400----a-w-c:\windows\system32\drivers\fr-fr\mpio.sys.mui
2012-12-27 03:06:273072----a-w-c:\windows\system32\drivers\fr-fr\hidbth.sys.mui
2012-12-27 03:06:224608----a-w-c:\windows\system32\drivers\fr-fr\bthpan.sys.mui
2012-12-27 03:06:0511776----a-w-c:\windows\system32\drivers\fr-fr\BrSerId.sys.mui
2012-12-27 03:06:022560----a-w-c:\windows\system32\drivers\fr-fr\BrParwdm.sys.mui
2012-12-27 03:05:593072----a-w-c:\windows\system32\drivers\fr-fr\Dot4usb.sys.mui
2012-12-27 03:05:503584----a-w-c:\windows\system32\drivers\fr-fr\HdAudio.sys.mui
2012-12-27 03:05:483584----a-w-c:\windows\system32\drivers\fr-fr\portcls.sys.mui
2012-12-27 03:05:483072----a-w-c:\windows\system32\drivers\fr-fr\serscan.sys.mui
2012-12-27 03:05:463072----a-w-c:\windows\system32\drivers\fr-fr\rndismpx.sys.mui
2012-12-27 03:05:463072----a-w-c:\windows\system32\drivers\fr-fr\rndismp6.sys.mui
2012-12-27 03:03:1029696----a-w-c:\windows\system32\drivers\fr-fr\bfe.dll.mui
2012-12-27 02:50:463584----a-w-c:\windows\system32\drivers\fr-fr\modem.sys.mui
2012-12-27 02:50:463584----a-w-c:\windows\system32\drivers\fr-fr\ipnat.sys.mui
2012-12-27 02:50:332560----a-w-c:\windows\system32\drivers\fr-fr\volmgrx.sys.mui
2012-12-27 02:49:3518432----a-w-c:\windows\system32\drivers\fr-fr\afd.sys.mui
2012-12-27 02:48:498704----a-w-c:\windows\system32\drivers\fr-fr\tunnel.sys.mui
2012-12-27 02:48:477680----a-w-c:\windows\system32\drivers\fr-fr\luafv.sys.mui
2012-12-27 02:48:465120----a-w-c:\windows\system32\drivers\fr-fr\rdbss.sys.mui
2012-12-27 02:48:382560----a-w-c:\windows\system32\drivers\fr-fr\srv.sys.mui
2012-12-27 02:48:3772704----a-w-c:\windows\system32\drivers\fr-fr\ntfs.sys.mui
2012-12-27 02:48:042560----a-w-c:\windows\system32\drivers\fr-fr\partmgr.sys.mui
2012-12-27 02:47:183072----a-w-c:\windows\system32\drivers\fr-fr\ndisuio.sys.mui
2012-12-27 02:47:182560----a-w-c:\windows\system32\drivers\fr-fr\mountmgr.sys.mui
2012-12-27 02:46:293072----a-w-c:\windows\system32\drivers\fr-fr\RNDISMP.sys.mui
2012-12-27 02:46:236144----a-w-c:\windows\system32\drivers\fr-fr\ndiscap.sys.mui
2012-12-27 02:46:192560----a-w-c:\windows\system32\drivers\fr-fr\scfilter.sys.mui
2012-12-27 02:45:535632----a-w-c:\windows\system32\drivers\fr-fr\fltmgr.sys.mui
2012-12-27 02:45:3739936----a-w-c:\windows\system32\drivers\fr-fr\ndis.sys.mui
2012-12-27 02:45:363072----a-w-c:\windows\system32\drivers\fr-fr\scsiport.sys.mui
2012-12-27 02:44:3339424----a-w-c:\windows\system32\drivers\fr-fr\http.sys.mui
2012-12-27 02:44:272048----a-w-c:\windows\system32\drivers\fr-fr\ws2ifsl.sys.mui
2012-12-27 02:44:2549152----a-w-c:\windows\system32\drivers\fr-fr\tcpip.sys.mui
2012-12-27 02:43:3415872----a-w-c:\windows\system32\drivers\fr-fr\pacer.sys.mui
2012-12-27 02:42:532560----a-w-c:\windows\system32\drivers\fr-fr\rdpwd.sys.mui
2012-12-16 14:13:28295424----a-w-c:\windows\system32\atmfd.dll
2012-12-16 14:13:2034304----a-w-c:\windows\system32\atmlib.dll
2012-12-14 21:49:2821104----a-w-c:\windows\system32\drivers\mbam.sys
2012-12-07 12:26:17308736----a-w-c:\windows\system32\Wpc.dll
2012-12-07 12:20:432576384----a-w-c:\windows\system32\gameux.dll
2012-11-30 04:53:34169984----a-w-c:\windows\system32\winsrv.dll
2012-11-30 04:47:45293376----a-w-c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25271360----a-w-c:\windows\system32\conhost.exe
2012-11-30 02:38:596144---ha-w-c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:594608---ha-w-c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:593584---ha-w-c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:593072---ha-w-c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 20:23:06,67 ===============

 

[Carmen__Tsamg]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume1
Install Date: 26/01/12 19:47:39
System Uptime: 07/02/13 17:30:18 (3 hours ago)
.
Motherboard: Hewlett-Packard | | 3594
Processor: Intel(R) Atom(TM) CPU N570 @ 1.66GHz | CPU | 1666/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 216 GiB total, 120,687 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1,364 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 0,56 GiB free.
.
==== Disabled Device Manager Items =============
.
==== Installed Programs ======================
.
360安全??器 4.1正式版
3DMark06
7-Zip 9.20
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5) MUI
Adobe Shockwave Player 11.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Registry Cleaner
AVG 2012
AVG 2013
AVG Security Toolbar
Bejeweled 2 Deluxe
Bing Bar
Bing Desktop
Blasterball 3
Blio
Bonjour
Bounce Symphony
CCleaner
Chuzzle Deluxe
Controle ActiveX Windows Live Mesh pour connexions a distance
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dream Chronicles
Dropbox
Energy Star Digital Logo
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Farm Frenzy
FATE
Fishdom
Free MP3 Ringtone Converter 6.2
Galerie de photos Windows Live
Ginger
GOM Player
Google Chrome
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Camera
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP QuickWeb
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
IDT Audio
Insaniquarium Deluxe
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
iTunes
Java 7 Update 13
Java Auto Updater
Java(TM) 6 Update 35
Jewel Quest - Heritage
Jewel Quest Solitaire
JoJo's Fashion Show
Junk Mail filter update
jZip
KMP Media Toolbar
Mah Jong Medley
Mahjongg Artifacts
Malwarebytes Anti-Malware 版本 1.70.0.1100
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware Service FR-FR Language Pack
Microsoft Application Error Reporting
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Proofing Tools Kit Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Chinese (Traditional)) 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access MUI (French) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (Chinese (Traditional)) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Excel MUI (French) 2010
Microsoft Office Groove MUI (Chinese (Traditional)) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office Groove MUI (French) 2010
Microsoft Office IME (Chinese (Simplified)) 2010
Microsoft Office IME (Chinese (Traditional)) 2010
Microsoft Office IME (Japanese) 2010
Microsoft Office IME (Korean) 2010
Microsoft Office InfoPath MUI (Chinese (Traditional)) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office InfoPath MUI (French) 2010
Microsoft Office Language Pack 2010 - Chinese (Traditional)/中文(繁體)
Microsoft Office Language Pack 2010 - French/Francais
Microsoft Office O MUI (Chinese (Traditional)) 2010
Microsoft Office O MUI (French) 2010
Microsoft Office OneNote MUI (Chinese (Traditional)) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office OneNote MUI (French) 2010
Microsoft Office Outlook MUI (Chinese (Traditional)) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office Outlook MUI (French) 2010
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint MUI (French) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Arabic) 2010
Microsoft Office Proof (Basque) 2010
Microsoft Office Proof (Bulgarian) 2010
Microsoft Office Proof (Catalan) 2010
Microsoft Office Proof (Chinese (Simplified)) 2010
Microsoft Office Proof (Chinese (Traditional)) 2010
Microsoft Office Proof (Croatian) 2010
Microsoft Office Proof (Czech) 2010
Microsoft Office Proof (Danish) 2010
Microsoft Office Proof (Dutch) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (Estonian) 2010
Microsoft Office Proof (Finnish) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Galician) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Greek) 2010
Microsoft Office Proof (Gujarati) 2010
Microsoft Office Proof (Hebrew) 2010
Microsoft Office Proof (Hindi) 2010
Microsoft Office Proof (Hungarian) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proof (Japanese) 2010
Microsoft Office Proof (Kannada) 2010
Microsoft Office Proof (Kazakh) 2010
Microsoft Office Proof (Korean) 2010
Microsoft Office Proof (Latvian) 2010
Microsoft Office Proof (Lithuanian) 2010
Microsoft Office Proof (Marathi) 2010
Microsoft Office Proof (Norwegian (Bokmal)) 2010
Microsoft Office Proof (Norwegian (Nynorsk)) 2010
Microsoft Office Proof (Polish) 2010
Microsoft Office Proof (Portuguese (Brazil)) 2010
Microsoft Office Proof (Portuguese (Portugal)) 2010
Microsoft Office Proof (Punjabi) 2010
Microsoft Office Proof (Romanian) 2010
Microsoft Office Proof (Russian) 2010
Microsoft Office Proof (Serbian (Latin)) 2010
Microsoft Office Proof (Slovak) 2010
Microsoft Office Proof (Slovenian) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proof (Swedish) 2010
Microsoft Office Proof (Tamil) 2010
Microsoft Office Proof (Telugu) 2010
Microsoft Office Proof (Thai) 2010
Microsoft Office Proof (Turkish) 2010
Microsoft Office Proof (Ukrainian) 2010
Microsoft Office Proof (Urdu) 2010
Microsoft Office Proofing (Chinese (Traditional)) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing (French) 2010
Microsoft Office Proofing Kit 2010
Microsoft Office Proofing Tools Kit Compilation 2010
Microsoft Office ProofMUI (French) 2010
Microsoft Office Publisher MUI (Chinese (Traditional)) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Publisher MUI (French) 2010
Microsoft Office Shared MUI (Chinese (Traditional)) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared MUI (French) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer MUI (Chinese (Traditional)) 2010
Microsoft Office SharePoint Designer MUI (French) 2010
Microsoft Office Word MUI (Chinese (Traditional)) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office Word MUI (French) 2010
Microsoft Office X MUI (Chinese (Traditional)) 2010
Microsoft Office X MUI (French) 2010
Microsoft Security Client
Microsoft Security Client FR-FR Language Pack
Microsoft Security Essentials
Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MySQL Connector/ODBC 3.51
Namco All-Stars PAC-MAN
OpenOffice.org 3.3
Pandora Service
Penguins!
Personalization Panel
Personalization Panel DWM Controller
Picasa 3
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Polar Bowler
PPSGame V1.0.1.450
PPStream V2.7.0.1505 Final
PPTV V3.1.9.0042
QQ音? 2011
QuickBooks
QuickBooks Premier Edition 2010
QuickTime
Ralink RT5390 802.11b/g/n WiFi Adapter
Real Alternative 1.8.0
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Recovery Manager
Safari
Sage Simply Accounting 2012
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skip-Bo - Castaway Caper
Skype Click to Call
Skype? 5.10
Slingo Deluxe
Softonic toolbar on IE and Chrome
Soluto
SupportSoft Assisted Service
Synaptics Pointing Device Driver
The KMPlayer (remove only)
Tradewinds Legends
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596963) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598241) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
uTorrentBar_FR Toolbar
VideoFileDownload
Virtual Villagers - The Secret City
WD Drive Utilities
WD Security
WD SmartWare
Wedding Dash
WildTangent Games App (HP Games)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Wise Registry Cleaner 7.15
Zuma Deluxe
μTorrent
捃濘7
蹄僩秞氈2012
迅雷看看播放器
騰訊QQ2012
.
==== End Of File ===========================
thanks

 

[Broni]

• Download RogueKiller on the desktop
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

============================

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[Carmen__Tsamg]

RogueKiller V8.4.4 [Feb 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : hp [Admin rights]
Mode : Remove -- Date : 07/02/2013 21:32:50
| ARK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Key Name (C:\Users\hp\AppData\Local\Temp\winupdate.exe) -> DELETED
[TASK][SUSP PATH] {40B21ED9-4A8E-4783-9B14-FA7CFC050AD6} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> DELETED
[TASK][SUSP PATH] {4A9794A3-4BF1-49BF-ACEE-63AED9EF86C1} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> DELETED
[TASK][SUSP PATH] {58F07CBA-4358-46A6-BD43-62BB1380521D} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> DELETED
[TASK][SUSP PATH] {69FE00D5-8A52-4FF0-94D4-2530C394058A} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> DELETED
[TASK][SUSP PATH] {C132B4D2-F2E3-48A6-8495-3D64F50276D5} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2576GSX +++++
--- User ---
[MBR] 56709e6c2193109cb35620e0ec15d83a
[BSP] 631f283e8d2ae8d0ddf201f4394856c1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 221112 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 453246976 | Size: 13099 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 480073728 | Size: 4063 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 67a490777cd6fb4ea645f21be67878ef
[BSP] 631f283e8d2ae8d0ddf201f4394856c1 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 69631 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 143013888 | Size: 400 Mo

Finished : << RKreport[2]_D_07022013_213250.txt >>
RKreport[1]_S_07022013_213031.txt ; RKreport[2]_D_07022013_213250.txt

 

[Carmen__Tsamg]

Hold on I miss one report

 

[Carmen__Tsamg]

[FONT=Courier New]RogueKiller V8.4.4 [Feb 5 2013] by Tigzy[/FONT]
[FONT=Courier New]mail : tigzyRK<at>gmail<dot>com[/FONT]
[FONT=Courier New]Feedback : https://www.techspot.com/downloads/5562-roguekiller.html[/FONT]
[FONT=Courier New]Website : http://tigzy.geekstogo.com/roguekiller.php[/FONT]
[FONT=Courier New]Blog : http://tigzyrk.blogspot.com/[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version[/FONT]
[FONT=Courier New]Started in : Normal mode[/FONT]
[FONT=Courier New]User : hp [Admin rights][/FONT]
[FONT=Courier New]Mode : Scan -- Date : 07/02/2013 21:30:31[/FONT]
[FONT=Courier New]| ARK || MBR |[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]¤¤¤ Bad processes : 0 ¤¤¤[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]¤¤¤ Registry Entries : 9 ¤¤¤[/FONT]
[FONT=Courier New][RUN][SUSP PATH] HKCU\[...]\Run : Key Name (C:\Users\hp\AppData\Local\Temp\winupdate.exe) -> FOUND[/FONT]
[FONT=Courier New][RUN][SUSP PATH] HKUS\S-1-5-21-2174158749-396340439-4157524416-1000[...]\Run : Key Name (C:\Users\hp\AppData\Local\Temp\winupdate.exe) -> FOUND[/FONT]
[FONT=Courier New][TASK][SUSP PATH] {40B21ED9-4A8E-4783-9B14-FA7CFC050AD6} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> FOUND[/FONT]
[FONT=Courier New][TASK][SUSP PATH] {4A9794A3-4BF1-49BF-ACEE-63AED9EF86C1} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> FOUND[/FONT]
[FONT=Courier New][TASK][SUSP PATH] {58F07CBA-4358-46A6-BD43-62BB1380521D} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> FOUND[/FONT]
[FONT=Courier New][TASK][SUSP PATH] {69FE00D5-8A52-4FF0-94D4-2530C394058A} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> FOUND[/FONT]
[FONT=Courier New][TASK][SUSP PATH] {C132B4D2-F2E3-48A6-8495-3D64F50276D5} : C:\Users\hp\Desktop\美酷主题★杨幂Lolita风.exe -> FOUND[/FONT]
[FONT=Courier New][HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[/FONT]
[FONT=Courier New][HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]¤¤¤ Particular Files / Folders: ¤¤¤[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]¤¤¤ Driver : [LOADED] ¤¤¤[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]¤¤¤ HOSTS File: ¤¤¤[/FONT]
[FONT=Courier New]--> C:\Windows\system32\drivers\etc\hosts[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]¤¤¤ MBR Check: ¤¤¤[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]+++++ PhysicalDrive0: TOSHIBA MK2576GSX +++++[/FONT]
[FONT=Courier New]--- User ---[/FONT]
[FONT=Courier New][MBR] 56709e6c2193109cb35620e0ec15d83a[/FONT]
[FONT=Courier New][BSP] 631f283e8d2ae8d0ddf201f4394856c1 : Windows 7/8 MBR Code[/FONT]
[FONT=Courier New]Partition table:[/FONT]
[FONT=Courier New]0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo[/FONT]
[FONT=Courier New]1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 221112 Mo[/FONT]
[FONT=Courier New]2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 453246976 | Size: 13099 Mo[/FONT]
[FONT=Courier New]3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 480073728 | Size: 4063 Mo[/FONT]
[FONT=Courier New]User = LL1 ... OK![/FONT]
[FONT=Courier New]User != LL2 ... KO![/FONT]
[FONT=Courier New]--- LL2 ---[/FONT]
[FONT=Courier New][MBR] 67a490777cd6fb4ea645f21be67878ef[/FONT]
[FONT=Courier New][BSP] 631f283e8d2ae8d0ddf201f4394856c1 : Windows 7/8 MBR Code[/FONT]
[FONT=Courier New]Partition table:[/FONT]
[FONT=Courier New]0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 69631 Mo[/FONT]
[FONT=Courier New]1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 143013888 | Size: 400 Mo[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New]Finished : << RKreport[1]_S_07022013_213031.txt >>[/FONT]
[FONT=Courier New]RKreport[1]_S_07022013_213031.txt[/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New] [/FONT]
[FONT=Courier New] [/FONT]

 

[Broni]

MBAR?

 

[Carmen__Tsamg]

Sorry, around ten my computer froze and I have to do a hard log off

so here you go

Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.08.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
hp :: CARMENTSANG-HP [administrator]

07/02/13 23:54:53
mbar-log-2013-02-07 (23-54-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 9795
Time elapsed: 1 hour(s), 4 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 14
HKLM\SOFTWARE\CLASSES\INTERFACE\{23C70BCA-6E23-4A65-AD2E-1389062074F1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{295CACB4-51F5-46FD-914E-C72BAAE1B672} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{C0585B2F-74D7-4734-88DE-6C150C5D4036} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{EF0588D6-1621-4A75-B8BE-F4BC34794136} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[Carmen__Tsamg]

Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org
Database version: v2013.02.08.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
hp :: CARMENTSANG-HP [administrator]
08/02/13 01:19:40
mbar-log-2013-02-08 (01-19-40).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31821
Time elapsed: 1 hour(s), 12 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

[Broni]

I still need system-log.txt

 

[Carmen__Tsamg]

Sorry I missed it
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_35

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 60018688

------------ Kernel report ------------
02/07/2013 22:44:35
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\netr28.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKslbc5e93f2.sys
\??\C:\Users\hp\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------

 

[Carmen__Tsamg]

<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff867d14c8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 69705728
------------ Kernel report ------------
02/07/2013 22:44:48
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\netr28.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKslbc5e93f2.sys
\??\C:\Users\hp\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff867d14c8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Driver\iaStor\
Device already Exists: 0xffffffff84df0560
Downloaded database version: v2013.02.08.02
Downloaded database version: v2013.01.23.01
=======================================
Initializing...
Done!
The system volume seems inaccessible or encrypted. Scan can't continue.
The system volume seems inaccessible or encrypted. Scan can't continue.
=======================================
Could not remove DDA driver
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 157224960
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 148811776
------------ Kernel report ------------
02/07/2013 22:48:45
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\netr28.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKslbc5e93f2.sys
\??\C:\Users\hp\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\Soluto.sys
\??\C:\Windows\system32\drivers\238E405A.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
<<<1>>>
Upper Device Name: Upper Device Name: \Device\Harddisk0\DR0\Device\Harddisk0\DR0
Upper Device Object: 0xffffffff867d14c8
Upper Device Object: 0xffffffff867d14c8
Upper Device Driver Name: Upper Device Driver Name: \Driver\Disk\
\Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Driver\iaStor\
Device already Exists: 0xffffffff84df0560
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Driver\iaStor\
Device already Exists: 0xffffffff84df0560
=======================================

 

[Carmen__Tsamg]

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 117858304
Could not load protection driver
Initializing...
------------ Kernel report ------------
Done!
02/07/2013 22:50:06
------------ Loaded modules -----------
The system volume seems inaccessible or encrypted. Scan can't continue.
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\netr28.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKslbc5e93f2.sys
\??\C:\Users\hp\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\Soluto.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff867d14c8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Driver\iaStor\
Device already Exists: 0xffffffff84df0560
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff867d14c8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff867d2020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff867d14c8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85063958, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85068028, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffff8462e998, 0xffffffff867d14c8, 0xffffffff8df27ac8
Lower DeviceData: 0xffffffffbfb4be48, 0xffffffff85068028, 0xffffffff84df0560
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
=======================================
File kernel read failed: C:\Windows\system32\drivers\avgldx86.sys
File kernel read failed: C:\Windows\system32\drivers\avglogx.sys
File kernel read failed: C:\Windows\system32\drivers\avgmfx86.sys
File kernel read failed: C:\Windows\system32\drivers\avgrkx86.sys
File kernel read failed: C:\Windows\system32\drivers\avgtdix.sys
File kernel read failed: C:\Windows\system32\drivers\avgtpx86.sys
File kernel read failed: C:\Windows\system32\drivers\b57nd60x.sys
File kernel read failed: C:\Windows\system32\drivers\battc.sys
File kernel read failed: C:\Windows\system32\drivers\BCMWL6.SYS
File kernel read failed: C:\Windows\system32\drivers\beep.sys
File kernel read failed: C:\Windows\system32\drivers\blbdrive.sys
File kernel read failed: C:\Windows\system32\drivers\bowser.sys
File kernel read failed: C:\Windows\system32\drivers\BrFiltLo.sys
File kernel read failed: C:\Windows\system32\drivers\BrFiltUp.sys
File kernel read failed: C:\Windows\system32\drivers\bridge.sys
File kernel read failed: C:\Windows\system32\drivers\BrSerId.sys
File kernel read failed: C:\Windows\system32\drivers\BrSerWdm.sys
File kernel read failed: C:\Windows\system32\drivers\BrUsbMdm.sys
File kernel read failed: C:\Windows\system32\drivers\BrUsbSer.sys
File kernel read failed: C:\Windows\system32\drivers\bthmodem.sys
File kernel read failed: C:\Windows\system32\drivers\cdfs.sys
File kernel read failed: C:\Windows\system32\drivers\cdrom.sys
File kernel read failed: C:\Windows\system32\drivers\circlass.sys
File kernel read failed: C:\Windows\system32\drivers\Classpnp.sys
File kernel read failed: C:\Windows\system32\drivers\CmBatt.sys
File kernel read failed: C:\Windows\system32\drivers\cmdide.sys
File kernel read failed: C:\Windows\system32\drivers\cng.sys
File kernel read failed: C:\Windows\system32\drivers\compbatt.sys
File kernel read failed: C:\Windows\system32\drivers\CompositeBus.sys
File kernel read failed: C:\Windows\system32\drivers\crashdmp.sys
File kernel read failed: C:\Windows\system32\drivers\crcdisk.sys
File kernel read failed: C:\Windows\system32\drivers\dfsc.sys
File kernel read failed: C:\Windows\system32\drivers\discache.sys
File kernel read failed: C:\Windows\system32\drivers\disk.sys
File kernel read failed: C:\Windows\system32\drivers\Diskdump.sys
File kernel read failed: C:\Windows\system32\drivers\djsvs.sys
File kernel read failed: C:\Windows\system32\drivers\drmk.sys
File kernel read failed: C:\Windows\system32\drivers\drmkaud.sys
File kernel read failed: C:\Windows\system32\drivers\Dumpata.sys
File kernel read failed: C:\Windows\system32\drivers\dumpfve.sys
File kernel read failed: C:\Windows\system32\drivers\dxapi.sys
File kernel read failed: C:\Windows\system32\drivers\dxg.sys
File kernel read failed: C:\Windows\system32\drivers\dxgkrnl.sys
File kernel read failed: C:\Windows\system32\drivers\dxgmms1.sys
File kernel read failed: C:\Windows\system32\drivers\Entech.sys
File kernel read failed: C:\Windows\system32\drivers\Entech.vxd
File kernel read failed: C:\Windows\system32\drivers\Entech64.sys
File kernel read failed: C:\Windows\system32\drivers\errdev.sys
File kernel read failed: C:\Windows\system32\drivers\evbdx.sys
File kernel read failed: C:\Windows\system32\drivers\exfat.sys
File kernel read failed: C:\Windows\system32\drivers\fastfat.sys
File kernel read failed: C:\Windows\system32\drivers\fdc.sys
File kernel read failed: C:\Windows\system32\drivers\fileinfo.sys
File kernel read failed: C:\Windows\system32\drivers\filetrace.sys
File kernel read failed: C:\Windows\system32\drivers\flpydisk.sys
File kernel read failed: C:\Windows\system32\drivers\fltMgr.sys
File kernel read failed: C:\Windows\system32\drivers\fsdepends.sys
File kernel read failed: C:\Windows\system32\drivers\fs_rec.sys
File kernel read failed: C:\Windows\system32\drivers\fvevol.sys
File kernel read failed: C:\Windows\system32\drivers\FWPKCLNT.SYS
File kernel read failed: C:\Windows\system32\drivers\GAGP30KX.SYS
File kernel read failed: C:\Windows\system32\drivers\GEARAspiWDM.sys
File kernel read failed: C:\Windows\system32\drivers\gm.dls
File kernel read failed: C:\Windows\system32\drivers\gmreadme.txt
File kernel read failed: C:\Windows\system32\drivers\hcw85cir.sys
File kernel read failed: C:\Windows\system32\drivers\hdaudbus.sys
File kernel read failed: C:\Windows\system32\drivers\HdAudio.sys
File kernel read failed: C:\Windows\system32\drivers\hidbatt.sys
File kernel read failed: C:\Windows\system32\drivers\hidbth.sys
File kernel read failed: C:\Windows\system32\drivers\hidclass.sys
File kernel read failed: C:\Windows\system32\drivers\hidir.sys
File kernel read failed: C:\Windows\system32\drivers\hidparse.sys
File kernel read failed: C:\Windows\system32\drivers\hidusb.sys
File kernel read failed: C:\Windows\system32\drivers\http.sys
File kernel read failed: C:\Windows\system32\drivers\hwpolicy.sys
File kernel read failed: C:\Windows\system32\drivers\i8042prt.sys
File kernel read failed: C:\Windows\system32\drivers\iaStor.sys
File kernel read failed: C:\Windows\system32\drivers\iaStorV.sys
File kernel read failed: C:\Windows\system32\drivers\igdkmd32.sys
File kernel read failed: C:\Windows\system32\drivers\iirsp.sys
File kernel read failed: C:\Windows\system32\drivers\intelide.sys
File kernel read failed: C:\Windows\system32\drivers\intelppm.sys
File kernel read failed: C:\Windows\system32\drivers\ipfltdrv.sys
File kernel read failed: C:\Windows\system32\drivers\IPMIDrv.sys
File kernel read failed: C:\Windows\system32\drivers\ipnat.sys
File kernel read failed: C:\Windows\system32\drivers\irda.sys
File kernel read failed: C:\Windows\system32\drivers\irenum.sys
File kernel read failed: C:\Windows\system32\drivers\isapnp.sys
File kernel read failed: C:\Windows\system32\drivers\kbdclass.sys
File kernel read failed: C:\Windows\system32\drivers\kbdhid.sys
File kernel read failed: C:\Windows\system32\drivers\ks.sys
File kernel read failed: C:\Windows\system32\drivers\ksecdd.sys
File kernel read failed: C:\Windows\system32\drivers\ksecpkg.sys
File kernel read failed: C:\Windows\system32\drivers\lltdio.sys
File kernel read failed: C:\Windows\system32\drivers\lsi_fc.sys
File kernel read failed: C:\Windows\system32\drivers\lsi_sas.sys
File kernel read failed: C:\Windows\system32\drivers\lsi_sas2.sys
File kernel read failed: C:\Windows\system32\drivers\lsi_scsi.sys
File kernel read failed: C:\Windows\system32\drivers\luafv.sys
File kernel read failed: C:\Windows\system32\drivers\mbam.sys
File kernel read failed: C:\Windows\system32\drivers\mcd.sys
File kernel read failed: C:\Windows\system32\drivers\megasas.sys
File kernel read failed: C:\Windows\system32\drivers\modem.sys
File kernel read failed: C:\Windows\system32\drivers\monitor.sys
File kernel read failed: C:\Windows\system32\drivers\mouclass.sys
File kernel read failed: C:\Windows\system32\drivers\mouhid.sys
File kernel read failed: C:\Windows\system32\drivers\mountmgr.sys
File kernel read failed: C:\Windows\system32\drivers\MpFilter.sys
File kernel read failed: C:\Windows\system32\drivers\mpio.sys
File kernel read failed: C:\Windows\system32\drivers\mpsdrv.sys
File kernel read failed: C:\Windows\system32\drivers\mrxdav.sys
File kernel read failed: C:\Windows\system32\drivers\mrxsmb.sys
File kernel read failed: C:\Windows\system32\drivers\mrxsmb10.sys
File kernel read failed: C:\Windows\system32\drivers\mrxsmb20.sys
File kernel read failed: C:\Windows\system32\drivers\msahci.sys
File kernel read failed: C:\Windows\system32\drivers\msdsm.sys
File kernel read failed: C:\Windows\system32\drivers\msfs.sys
File kernel read failed: C:\Windows\system32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
File kernel read failed: C:\Windows\system32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
File kernel read failed: C:\Windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
File kernel read failed: C:\Windows\system32\drivers\Msft_Kernel_WinUsb_01007.Wdf
File kernel read failed: C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
File kernel read failed: C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
File kernel read failed: C:\Windows\system32\drivers\mshidkmdf.sys
File kernel read failed: C:\Windows\system32\drivers\msisadrv.sys
File kernel read failed: C:\Windows\system32\drivers\msiscsi.sys
File kernel read failed: C:\Windows\system32\drivers\arc.sys
File kernel read failed: C:\Windows\system32\drivers\bxvbdx.sys
File kernel read failed: C:\Windows\system32\drivers\elxstor.sys
File kernel read failed: C:\Windows\system32\drivers\HpSAMD.sys
File kernel read failed: C:\Windows\system32\drivers\MegaSR.sys
File kernel read failed: C:\Windows\system32\drivers\mskssrv.sys
File kernel read failed: C:\Windows\system32\drivers\nvm62x32.sys
File kernel read failed: C:\Windows\system32\drivers\qwavedrv.sys
File kernel read failed: C:\Windows\system32\drivers\serenum.sys
File kernel read failed: C:\Windows\system32\drivers\stream.sys
File kernel read failed: C:\Windows\system32\drivers\USBCAMD2.sys
File kernel read failed: C:\Windows\system32\drivers\videoprt.sys
File kernel read failed: C:\Windows\system32\drivers\nvraid.sys
File kernel read failed: C:\Windows\system32\drivers\nvstor.sys
File kernel read failed: C:\Windows\system32\drivers\NV_AGP.SYS
File kernel read failed: C:\Windows\system32\drivers\nwifi.sys
File kernel read failed: C:\Windows\system32\drivers\ohci1394.sys
File kernel read failed: C:\Windows\system32\drivers\pacer.sys
File kernel read failed: C:\Windows\system32\drivers\parport.sys
File kernel read failed: C:\Windows\system32\drivers\partmgr.sys
File kernel read failed: C:\Windows\system32\drivers\parvdm.sys
File kernel read failed: C:\Windows\system32\drivers\pci.sys
File kernel read failed: C:\Windows\system32\drivers\PciBus.sys
File kernel read failed: C:\Windows\system32\drivers\pciide.sys
File kernel read failed: C:\Windows\system32\drivers\pciidex.sys
File kernel read failed: C:\Windows\system32\drivers\pcmcia.sys
File kernel read failed: C:\Windows\system32\drivers\pcw.sys
File kernel read failed: C:\Windows\system32\drivers\PEAuth.sys
File kernel read failed: C:\Windows\system32\drivers\portcls.sys
File kernel read failed: C:\Windows\system32\drivers\processr.sys
File kernel read failed: C:\Windows\system32\drivers\ql2300.sys
File kernel read failed: C:\Windows\system32\drivers\ql40xx.sys
File kernel read failed: C:\Windows\system32\drivers\mspclock.sys
File kernel read failed: C:\Windows\system32\drivers\mspqm.sys
File kernel read failed: C:\Windows\system32\drivers\msrpc.sys
File kernel read failed: C:\Windows\system32\drivers\mssmbios.sys
File kernel read failed: C:\Windows\system32\drivers\mstee.sys
File kernel read failed: C:\Windows\system32\drivers\MTConfig.sys
File kernel read failed: C:\Windows\system32\drivers\mup.sys
File kernel read failed: C:\Windows\system32\drivers\ndis.sys
File kernel read failed: C:\Windows\system32\drivers\ndiscap.sys
File kernel read failed: C:\Windows\system32\drivers\ndistapi.sys
File kernel read failed: C:\Windows\system32\drivers\ndisuio.sys
File kernel read failed: C:\Windows\system32\drivers\ndiswan.sys
File kernel read failed: C:\Windows\system32\drivers\ndproxy.sys
File kernel read failed: C:\Windows\system32\drivers\netbios.sys
File kernel read failed: C:\Windows\system32\drivers\netbt.sys
File kernel read failed: C:\Windows\system32\drivers\netio.sys
File kernel read failed: C:\Windows\system32\drivers\netr28.sys
File kernel read failed: C:\Windows\system32\drivers\nfrd960.sys
File kernel read failed: C:\Windows\system32\drivers\NisDrvWFP.sys
File kernel read failed: C:\Windows\system32\drivers\npfs.sys
File kernel read failed: C:\Windows\system32\drivers\nsiproxy.sys
File kernel read failed: C:\Windows\system32\drivers\ntfs.sys
File kernel read failed: C:\Windows\system32\drivers\null.sys
File kernel read failed: C:\Windows\system32\drivers\serial.sys
File kernel read failed: C:\Windows\system32\drivers\sermouse.sys
File kernel read failed: C:\Windows\system32\drivers\SET1CF5.tmp
File kernel read failed: C:\Windows\system32\drivers\sffdisk.sys
File kernel read failed: C:\Windows\system32\drivers\sffp_mmc.sys
File kernel read failed: C:\Windows\system32\drivers\sffp_sd.sys
File kernel read failed: C:\Windows\system32\drivers\sfloppy.sys
File kernel read failed: C:\Windows\system32\drivers\SISAGP.SYS
File kernel read failed: C:\Windows\system32\drivers\sisraid2.sys
File kernel read failed: C:\Windows\system32\drivers\sisraid4.sys
File kernel read failed: C:\Windows\system32\drivers\smb.sys
File kernel read failed: C:\Windows\system32\drivers\smclib.sys
File kernel read failed: C:\Windows\system32\drivers\Soluto.sys
File kernel read failed: C:\Windows\system32\drivers\spldr.sys
File kernel read failed: C:\Windows\system32\drivers\spsys.sys
File kernel read failed: C:\Windows\system32\drivers\srv.sys
File kernel read failed: C:\Windows\system32\drivers\srv2.sys
File kernel read failed: C:\Windows\system32\drivers\srvnet.sys
File kernel read failed: C:\Windows\system32\drivers\ssudbus.sys
File kernel read failed: C:\Windows\system32\drivers\ssudmdm.sys
File kernel read failed: C:\Windows\system32\drivers\stexstor.sys
File kernel read failed: C:\Windows\system32\drivers\storport.sys
File kernel read failed: C:\Windows\system32\drivers\usbccgp.sys
File kernel read failed: C:\Windows\system32\drivers\usbcir.sys
File kernel read failed: C:\Windows\system32\drivers\usbd.sys
File kernel read failed: C:\Windows\system32\drivers\usbehci.sys
File kernel read failed: C:\Windows\system32\drivers\usbhub.sys
File kernel read failed: C:\Windows\system32\drivers\usbohci.sys
File kernel read failed: C:\Windows\system32\drivers\usbport.sys
File kernel read failed: C:\Windows\system32\drivers\usbprint.sys
File kernel read failed: C:\Windows\system32\drivers\usbrpm.sys
File kernel read failed: C:\Windows\system32\drivers\USBSTOR.SYS
File kernel read failed: C:\Windows\system32\drivers\usbuhci.sys
File kernel read failed: C:\Windows\system32\drivers\usbvideo.sys
File kernel read failed: C:\Windows\system32\drivers\vdrvroot.sys
File kernel read failed: C:\Windows\system32\drivers\vga.sys
File kernel read failed: C:\Windows\system32\drivers\vgapnp.sys
File kernel read failed: C:\Windows\system32\drivers\vhdmp.sys
File kernel read failed: C:\Windows\system32\drivers\VIAAGP.SYS
File kernel read failed: C:\Windows\system32\drivers\viac7.sys
File kernel read failed: C:\Windows\system32\drivers\viaide.sys
File kernel read failed: C:\Windows\system32\drivers\rasacd.sys
File kernel read failed: C:\Windows\system32\drivers\rasl2tp.sys
File kernel read failed: C:\Windows\system32\drivers\raspppoe.sys
File kernel read failed: C:\Windows\system32\drivers\raspptp.sys
File kernel read failed: C:\Windows\system32\drivers\rassstp.sys
File kernel read failed: C:\Windows\system32\drivers\rdbss.sys
File kernel read failed: C:\Windows\system32\drivers\rdpbus.sys
File kernel read failed: C:\Windows\system32\drivers\RDPCDD.sys
File kernel read failed: C:\Windows\system32\drivers\RDPENCDD.sys
File kernel read failed: C:\Windows\system32\drivers\RDPREFMP.sys
File kernel read failed: C:\Windows\system32\drivers\rdpvideominiport.sys
File kernel read failed: C:\Windows\system32\drivers\rdpwd.sys
File kernel read failed: C:\Windows\system32\drivers\rdyboost.sys
File kernel read failed: C:\Windows\system32\drivers\rmcast.sys
File kernel read failed: C:\Windows\system32\drivers\RNDISMP.sys
File kernel read failed: C:\Windows\system32\drivers\rootmdm.sys
File kernel read failed: C:\Windows\system32\drivers\rspndr.sys
File kernel read failed: C:\Windows\system32\drivers\Rt86win7.sys
File kernel read failed: C:\Windows\system32\drivers\RtsUStor.sys
File kernel read failed: C:\Windows\system32\drivers\sbp2port.sys
File kernel read failed: C:\Windows\system32\drivers\scfilter.sys
File kernel read failed: C:\Windows\system32\drivers\scsiport.sys
File kernel read failed: C:\Windows\system32\drivers\sdbus.sys
File kernel read failed: C:\Windows\system32\drivers\secdrv.sys
File kernel read failed: C:\Windows\system32\drivers\stwrt.sys
File kernel read failed: C:\Windows\system32\drivers\swenum.sys
File kernel read failed: C:\Windows\system32\drivers\SynTP.sys
File kernel read failed: C:\Windows\system32\drivers\tape.sys
File kernel read failed: C:\Windows\system32\drivers\tcpip.sys
File kernel read failed: C:\Windows\system32\drivers\tcpipreg.sys
File kernel read failed: C:\Windows\system32\drivers\tdi.sys
File kernel read failed: C:\Windows\system32\drivers\tdpipe.sys
File kernel read failed: C:\Windows\system32\drivers\tdtcp.sys
File kernel read failed: C:\Windows\system32\drivers\tdx.sys
File kernel read failed: C:\Windows\system32\drivers\termdd.sys
File kernel read failed: C:\Windows\system32\drivers\tssecsrv.sys
File kernel read failed: C:\Windows\system32\drivers\TsUsbFlt.sys
File kernel read failed: C:\Windows\system32\drivers\TsUsbGD.sys
File kernel read failed: C:\Windows\system32\drivers\tunnel.sys
File kernel read failed: C:\Windows\system32\drivers\UAGP35.SYS
File kernel read failed: C:\Windows\system32\drivers\udfs.sys
File kernel read failed: C:\Windows\system32\drivers\ULIAGPKX.SYS
File kernel read failed: C:\Windows\system32\drivers\umbus.sys
File kernel read failed: C:\Windows\system32\drivers\umpass.sys
File kernel read failed: C:\Windows\system32\drivers\usb8023.sys
File kernel read failed: C:\Windows\system32\drivers\usbaapl.sys
File kernel read failed: C:\Windows\system32\drivers\USBCAMD.sys
File kernel read failed: C:\Windows\system32\drivers\volmgr.sys
File kernel read failed: C:\Windows\system32\drivers\volmgrx.sys
File kernel read failed: C:\Windows\system32\drivers\volsnap.sys
File kernel read failed: C:\Windows\system32\drivers\vsmraid.sys
File kernel read failed: C:\Windows\system32\drivers\VSTAZL3.SYS
File kernel read failed: C:\Windows\system32\drivers\VSTCNXT3.SYS
File kernel read failed: C:\Windows\system32\drivers\VSTDPV3.SYS
File kernel read failed: C:\Windows\system32\drivers\VSTProf.cty
File kernel read failed: C:\Windows\system32\drivers\vwifibus.sys
File kernel read failed: C:\Windows\system32\drivers\vwififlt.sys
File kernel read failed: C:\Windows\system32\drivers\vwifimp.sys
File kernel read failed: C:\Windows\system32\drivers\wacompen.sys
File kernel read failed: C:\Windows\system32\drivers\wanarp.sys
File kernel read failed: C:\Windows\system32\drivers\watchdog.sys
File kernel read failed: C:\Windows\system32\drivers\wd.sys
File kernel read failed: C:\Windows\system32\drivers\wdcsam.sys
File kernel read failed: C:\Windows\system32\drivers\Wdf01000.sys
File kernel read failed: C:\Windows\system32\drivers\WdfLdr.sys
File kernel read failed: C:\Windows\system32\drivers\wfplwf.sys
File kernel read failed: C:\Windows\system32\drivers\wimmount.sys
File kernel read failed: C:\Windows\system32\drivers\winusb.sys
File kernel read failed: C:\Windows\system32\drivers\wmiacpi.sys
File kernel read failed: C:\Windows\system32\drivers\wmilib.sys
File kernel read failed: C:\Windows\system32\drivers\ws2ifsl.sys
File kernel read failed: C:\Windows\system32\drivers\WUDFPf.sys
File kernel read failed: C:\Windows\system32\drivers\WUDFRd.sys
Done!
Done!

 

[Broni]

Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

===============================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[Carmen__Tsamg]

Performing system, memory and registry scan...
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{23C70BCA-6E23-4A65-AD2E-1389062074F1} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{295CACB4-51F5-46FD-914E-C72BAAE1B672} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{C0585B2F-74D7-4734-88DE-6C150C5D4036} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{EF0588D6-1621-4A75-B8BE-F4BC34794136} --> [PUP.Funmoods]
Infected: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kincjchfokkeneeofpeefomkikfkiedl --> [PUP.FCTPlugin]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
Removal successful. No system shutdown is required.
=======================================
Could not remove DDA driver
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 112615424
------------ Kernel report ------------
02/08/2013 00:04:47
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 77467648
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\netr28.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKslbc5e93f2.sys
\??\C:\Users\hp\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\Soluto.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
<<<1>>>
Upper Device Name: Upper Device Name: \Device\Harddisk0\DR0\Device\Harddisk0\DR0
Upper Device Object: 0xffffffff867d14c8
Upper Device Object: 0xffffffff867d14c8
Upper Device Driver Name: Upper Device Driver Name: \Driver\Disk\
\Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Name: Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Device\Ide\IAAStorageDevice-0\\Driver\iaStor\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: Device already Exists: 0xffffffff84df0560
\Driver\iaStor\
Device already Exists: 0xffffffff84df0560
=======================================
Initializing...
Done!
The system volume seems inaccessible or encrypted. Scan can't continue.
The system volume seems inaccessible or encrypted. Scan can't continue.
=======================================
Could not remove DDA driver
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 213512192
------------ Kernel report ------------
02/08/2013 00:06:52
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avglogx.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx86.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\netr28.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\usbuhci.sys---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 181055488
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKslbc5e93f2.sys
\??\C:\Users\hp\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\Soluto.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
<<<1>>>
Upper Device Name: Upper Device Name: \Device\Harddisk0\DR0\Device\Harddisk0\DR0
Upper Device Object: 0xffffffff867d14c8
Upper Device Object: 0xffffffff867d14c8
Upper Device Driver Name: Upper Device Driver Name: \Driver\Disk\\Driver\Disk\
Lower Device Name: Lower Device Name: \Device\Ide\IAAStorageDevice-0\\Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85068028
Lower Device Driver Name: \Driver\iaStor\
Lower Device Object: 0xffffffff85068028
Device already Exists: 0xffffffff84df0560
Lower Device Driver Name: \Driver\iaStor\
Device already Exists: 0xffffffff84df0560
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff867d14c8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff867d2020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff867d14c8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85063958, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85068028, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffba5aea28, 0xffffffff867d14c8, 0xffffffff8df27ac8
Lower DeviceData: 0xffffffffb4328060, 0xffffffff85068028, 0xffffffff84df0560
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F8687538
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 407552
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 409600 Numsec = 452837376
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 453246976 Numsec = 26826752
Partition 3 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 480073728 Numsec = 8321392
Disk Size: 250059350016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-488377168-488397168)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_35
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.662000 GHz
Memory total: 1061019648, free: 223125504
Removal queue found; removal started
Removal finished
=======================================

 

[Broni]

We posted at the same time.
Please read my previous reply.

 

[Carmen__Tsamg]

ComboFix 13-02-07.02 - hp 08/02/13 14:59:35.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.950.852.1033.18.1012.70 [GMT -5:00]
執行位置: c:\users\hp\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( 被刪除的檔案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\bidconfig_v1.2.dat
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\collecttask_v1.2.dat
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\domainreg_v1.1.dat
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi191F.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi287C.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi29EF.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi3A72.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi3FE.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi5417.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi5782.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi6880.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi7423.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi810.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi8754.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exi95C4.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiA443.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiB937.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiB977.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiBF0D.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiC92D.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiD33D.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiDCAC.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiE9A5.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\exiFE52.tmp
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\repairtp_v1.1.dat
c:\users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\template1_v1.1.zip
c:\users\hp\AppData\Roaming\022C27D7EC0685
c:\users\hp\Documents\~WRL3644.tmp
.
.
((((((((((((((((((((((((( 2013-01-08 至 2013-02-08 的新的檔案 )))))))))))))))))))))))))))))))
.
.
2013-02-08 20:52 . 2013-02-08 20:56--------d-----w-c:\users\hp\AppData\Local\temp
2013-02-08 20:52 . 2013-02-08 20:52--------d-----w-c:\users\Default\AppData\Local\temp
2013-02-08 18:18 . 2013-02-08 18:1829904----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKsl193fced7.sys
2013-02-08 08:16 . 2013-02-08 08:16--------d-----w-c:\users\hp\AppData\Local\Bart_Ubing
2013-02-08 08:01 . 2013-02-08 08:0129904----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKsl918c735f.sys
2013-02-08 05:06 . 2013-02-08 05:07142152----a-w-c:\windows\system32\drivers\mbamswissarmy.sys
2013-02-08 03:49 . 2013-02-08 03:4931560----a-w-c:\windows\system32\drivers\430E2B08.sys
2013-02-08 03:48 . 2013-02-08 03:48142152----a-w-c:\windows\system32\drivers\07D17247.sys
2013-02-08 03:48 . 2013-02-08 03:4831560----a-w-c:\windows\system32\drivers\457357F5.sys
2013-02-06 03:29 . 2013-02-04 00:3251144----a-w-c:\windows\system32\drivers\Soluto.sys
2013-02-06 03:29 . 2013-02-06 03:29--------d-----w-c:\program files\Soluto
2013-02-06 03:24 . 2013-01-08 04:576991832------w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\mpengine.dll
2013-02-02 14:16 . 2013-01-08 04:576991832------w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-02 03:48 . 2013-02-02 03:48--------d-----w-c:\program files\Common Files\Java
2013-02-02 03:41 . 2013-02-02 03:3994112----a-w-c:\windows\system32\WindowsAccessBridge.dll
2013-01-25 16:45 . 2013-01-25 16:452551808----a-w-c:\programdata\Microsoft\BingDesktop\Updater\BingDesktop.msi
2013-01-20 23:59 . 2012-06-01 04:37154624----a-w-c:\windows\system32\iisRtl.dll
2013-01-20 23:59 . 2012-06-01 04:3550688----a-w-c:\windows\system32\admwprox.dll
2013-01-20 23:59 . 2012-06-01 04:3415360----a-w-c:\windows\system32\iisreset.exe
2013-01-20 23:59 . 2012-06-01 04:4010752----a-w-c:\windows\system32\wamregps.dll
2013-01-20 23:59 . 2012-06-01 04:3526624----a-w-c:\windows\system32\ahadmin.dll
2013-01-20 23:59 . 2012-06-01 04:378192----a-w-c:\windows\system32\iisrstap.dll
2013-01-18 04:38 . 2013-01-18 04:38--------d-----w-C:\inetpub
2013-01-14 02:08 . 2012-11-22 04:45626688----a-w-c:\windows\system32\usp10.dll
2013-01-14 02:08 . 2012-11-09 04:43492032----a-w-c:\windows\system32\win32spl.dll
2013-01-14 02:06 . 2012-11-30 04:453072---ha-w-c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-14 02:02 . 2012-11-01 04:471389568----a-w-c:\windows\system32\msxml6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( 在三個月內被修改的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 00:11 . 2012-04-10 05:43697712----a-w-c:\windows\system32\FlashPlayerApp.exe
2013-02-08 00:11 . 2012-01-29 05:1274096----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-02 03:39 . 2012-06-13 23:59861088----a-w-c:\windows\system32\npdeployJava1.dll
2013-02-02 03:39 . 2011-04-27 09:51782240----a-w-c:\windows\system32\deployJava1.dll
2013-01-30 10:53 . 2012-01-27 17:17232336------w-c:\windows\system32\MpSigStub.exe
2013-01-25 01:49 . 2012-09-29 04:0131576----a-w-c:\windows\system32\drivers\avgtpx86.sys
2012-12-27 07:34 . 2012-12-27 07:343072----a-w-c:\windows\system32\drivers\fr-FR\nfsrdr.sys.mui
2012-12-27 07:33 . 2012-12-27 07:3314336----a-w-c:\windows\system32\drivers\fr-FR\vpcvmm.sys.mui
2012-12-27 07:33 . 2012-12-27 07:337168----a-w-c:\windows\system32\drivers\fr-FR\rdvgkmd.sys.mui
2012-12-27 07:33 . 2012-12-27 07:332048----a-w-c:\windows\system32\drivers\fr-FR\vpcnfltr.sys.mui
2012-12-27 07:33 . 2012-12-27 07:333584----a-w-c:\windows\system32\drivers\fr-FR\vpchbus.sys.mui
2012-12-27 07:33 . 2012-12-27 07:334608----a-w-c:\windows\system32\drivers\fr-FR\tsusbhub.sys.mui
2012-12-27 07:33 . 2012-12-27 07:332048----a-w-c:\windows\system32\drivers\fr-FR\vpcuxd.sys.mui
2012-12-27 07:33 . 2012-12-27 07:332048----a-w-c:\windows\system32\drivers\fr-FR\vpcusb.sys.mui
2012-12-27 04:42 . 2012-12-27 04:422048----a-w-c:\windows\system32\drivers\zh-TW\usbrpm.sys.mui
2012-12-27 04:41 . 2012-12-27 04:417680----a-w-c:\windows\system32\drivers\zh-TW\fvevol.sys.mui
2012-12-27 04:39 . 2012-12-27 04:392048----a-w-c:\windows\system32\drivers\UMDF\zh-TW\WpdMtpDr.dll.mui
2012-12-27 04:36 . 2012-12-27 04:369728----a-w-c:\windows\system32\drivers\zh-TW\nwifi.sys.mui
2012-12-27 04:36 . 2012-12-27 04:362560----a-w-c:\windows\system32\drivers\zh-TW\qwavedrv.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\Spool\prtprocs\w32x86\zh-TW\LXKPTPRC.DLL.mui
2012-12-27 04:34 . 2012-12-27 04:348704----a-w-c:\windows\system32\drivers\zh-TW\E1G60I32.sys.mui
2012-12-27 04:34 . 2012-12-27 04:344096----a-w-c:\windows\system32\drivers\zh-TW\e100b325.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343584----a-w-c:\windows\system32\drivers\zh-TW\bcm4sbxp.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3430720----a-w-c:\windows\system32\drivers\zh-TW\yk62x86.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3410752----a-w-c:\windows\system32\drivers\zh-TW\k57nd60x.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3410752----a-w-c:\windows\system32\drivers\zh-TW\b57nd60x.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3410240----a-w-c:\windows\system32\drivers\zh-TW\e1y6032.sys.mui
2012-12-27 04:34 . 2012-12-27 04:346144----a-w-c:\windows\system32\drivers\zh-TW\e1q6032.sys.mui
2012-12-27 04:34 . 2012-12-27 04:346144----a-w-c:\windows\system32\drivers\zh-TW\e1k6032.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\getn62.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3410240----a-w-c:\windows\system32\drivers\zh-TW\e1e6032.sys.mui
2012-12-27 04:34 . 2012-12-27 04:345120----a-w-c:\windows\system32\drivers\zh-TW\ltmdmnt.sys.mui
2012-12-27 04:34 . 2012-12-27 04:345120----a-w-c:\windows\system32\drivers\zh-TW\BrSerId.sys.mui
2012-12-27 04:34 . 2012-12-27 04:345120----a-w-c:\windows\system32\drivers\zh-TW\BrSerIb.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\MTConfig.sys.mui
2012-12-27 04:34 . 2012-12-27 04:349728----a-w-c:\windows\system32\drivers\zh-TW\battc.sys.mui
2012-12-27 04:34 . 2012-12-27 04:345120----a-w-c:\windows\system32\drivers\zh-TW\serial.sys.mui
2012-12-27 04:34 . 2012-12-27 04:344096----a-w-c:\windows\system32\drivers\zh-TW\wacompen.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343584----a-w-c:\windows\system32\drivers\zh-TW\IPMIDrv.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\tpm.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\parvdm.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\parport.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\ataport.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\amdide.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\umbus.sys.mui
2012-12-27 04:34 . 2012-12-27 04:349728----a-w-c:\windows\system32\drivers\zh-TW\volsnap.sys.mui
2012-12-27 04:34 . 2012-12-27 04:345632----a-w-c:\windows\system32\drivers\zh-TW\acpi.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3423552----a-w-c:\windows\system32\drivers\zh-TW\usbport.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3420992----a-w-c:\windows\system32\drivers\zh-TW\viac7.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3420992----a-w-c:\windows\system32\drivers\zh-TW\processr.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3420992----a-w-c:\windows\system32\drivers\zh-TW\intelppm.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3420992----a-w-c:\windows\system32\drivers\zh-TW\amdppm.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3420992----a-w-c:\windows\system32\drivers\zh-TW\amdk8.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\wd.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\disk.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\cdrom.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3411776----a-w-c:\windows\system32\drivers\zh-TW\usbhub.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\GAGP30KX.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\UAGP35.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:3411776----a-w-c:\windows\system32\drivers\zh-TW\ohci1394.sys.mui
2012-12-27 04:34 . 2012-12-27 04:3411776----a-w-c:\windows\system32\drivers\zh-TW\1394ohci.sys.mui
2012-12-27 04:34 . 2012-12-27 04:345120----a-w-c:\windows\system32\drivers\zh-TW\i8042prt.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\vhdmp.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\mouclass.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\mouhid.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343584----a-w-c:\windows\system32\drivers\zh-TW\sermouse.sys.mui
2012-12-27 04:34 . 2012-12-27 04:346144----a-w-c:\windows\system32\drivers\zh-TW\pci.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\vdrvroot.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\mssmbios.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\kbdclass.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\isapnp.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\ULIAGPKX.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\VIAAGP.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\SISAGP.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\NV_AGP.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\kbdhid.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\AMDAGP.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\AGP440.sys.mui
2012-12-27 04:34 . 2012-12-27 04:344096----a-w-c:\windows\system32\drivers\zh-TW\hdaudbus.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\vwifibus.sys.mui
2012-12-27 04:34 . 2012-12-27 04:344608----a-w-c:\windows\system32\drivers\zh-HK\bthport.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-HK\BTHUSB.SYS.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-HK\bthenum.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\atikmdag.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\pnpmem.sys.mui
2012-12-27 04:34 . 2012-12-27 04:346656----a-w-c:\windows\system32\drivers\zh-TW\msdsm.sys.mui
2012-12-27 04:34 . 2012-12-27 04:344608----a-w-c:\windows\system32\drivers\UMDF\zh-TW\WUDFUsbccidDriver.dll.mui
2012-12-27 04:34 . 2012-12-27 04:3432768----a-w-c:\windows\system32\drivers\zh-TW\mpio.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\pcmcia.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\pscr.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-HK\hidbth.sys.mui
2012-12-27 04:34 . 2012-12-27 04:344608----a-w-c:\windows\system32\drivers\zh-TW\bthpan.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343584----a-w-c:\windows\system32\drivers\zh-TW\HdAudio.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\serscan.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342560----a-w-c:\windows\system32\drivers\zh-TW\Dot4usb.sys.mui
2012-12-27 04:34 . 2012-12-27 04:342048----a-w-c:\windows\system32\drivers\zh-TW\BrParwdm.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343584----a-w-c:\windows\system32\drivers\zh-TW\portcls.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\tsusbflt.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\rndismpx.sys.mui
2012-12-27 04:34 . 2012-12-27 04:343072----a-w-c:\windows\system32\drivers\zh-TW\rndismp6.sys.mui
.
.
((((((((((((((((((((((((((((((((((((( 重要登入點 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白與合法缺省登錄將不會被顯示
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{00000ADA-7E0D-47C1-986C-F017D09C4304}]
2012-11-20 21:30518096----a-w-c:\users\Public\Thunder Network\XMP4\Core\Program\VideoUrlSniffer.2.0.3.100.(349).dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
2011-05-09 08:49176936----a-w-c:\program files\uTorrentBar_FR\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-01-25 01:491883824----a-w-c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-01-11 14:29241872----a-w-c:\program files\Softonic\softonic\1.5.11.5\bh\softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files\Softonic\softonic\1.5.11.5\softonicTlbr.dll" [2012-01-11 250064]
"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll" [2013-01-25 1883824]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}"= "c:\program files\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AAADesktopTips]
@="{4562B511-62E9-4533-B7B2-56A8BB10B482}"
[HKEY_CLASSES_ROOT\CLSID\{4562B511-62E9-4533-B7B2-56A8BB10B482}]
2012-11-14 11:32251856----a-w-c:\program files\Common Files\Thunder Network\Kankan\xappex.1.1.1.62.(368).dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\hp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PPS Accelerator"="c:\program files\PPStream\ppsap.exe" [2010-02-24 214408]
"PPAP"="c:\program files\Common Files\PPLiveNetwork\PPAP.exe" [2012-08-15 250784]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-02 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-02 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IME14 CHT Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-14 81200]
"IME14 JPN Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-14 81200]
"IME14 KOR Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-14 81200]
"IME14 CHS Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-14 81200]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2012-03-14 1138780]
"BingDesktop"="c:\program files\Microsoft\BingDesktop\BingDesktop.exe" [2013-01-25 2127896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-11 997320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"WD Drive Unlocker"="c:\program files\Western Digital\WD Apps\WDDriveAutoUnlock.exe" [2011-12-16 1687968]
"WD Quick View"="c:\program files\Western Digital\WD SmartWare\WDDMStatus.exe" [2011-12-15 3998616]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-11-29 151952]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Soluto"="c:\program files\soluto\soluto.exe" [2013-02-04 1229280]
.
c:\users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ginger.lnk - c:\windows\Installer\{4715760F-AF61-494C-A699-7DF5D29A03A8}\GingerClientStartu_A2F7C7DB989E489495DD2D78EDBE914A.exe [2013-1-20 90112]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2010-1-25 984408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e00f0404]
IME FileREG_SZ IMTCJ14.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-18 14:2838112----a-w-c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
2010-11-09 22:20586296----a-w-c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
2011-02-15 23:4994264----a-w-c:\program files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]
2011-01-27 19:38318520----a-w-c:\program files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
2011-04-08 08:1378904----a-w-c:\program files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 Sage Simply Accounting Transaction Manager 2012 - CDN;Sage Simply Accounting Transaction Manager 2012 - CDN;c:\program files\Winsim\TransactionManager2012 - CDN\Sage_SA.TransactionManager.exe [x]
R3 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager;c:\program files\Winsim\ConnectionManager\SimplyConnectionManager.exe [x]
R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
R4 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
R4 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
R4 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R4 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 MpKsl193fced7;MpKsl193fced7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKsl193fced7.sys [x]
S1 MpKsl918c735f;MpKsl918c735f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10273D4-BCB4-4B9F-A38C-78A59AF82751}\MpKsl918c735f.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 ImeDictUpdateService;Microsoft IME Dictionary Update;c:\program files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [x]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
S2 persdwmsrv;Personalization Panel DWM controller;c:\program files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [x]
S2 PPTVService;PPTVService;c:\windows\System32\svchost.exe [x]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [x]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S2 WDFMEService;WDFME;c:\program files\Western Digital\WD SmartWare\WDFME.exe [x]
S2 WDRulesService;WDRules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [x]
S2 XLServicePlatform;XLServicePlatform;c:\windows\system32\svchost [x]
S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL193FCED7
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonationREG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
XLServicePlatformREG_MULTI_SZ XLServicePlatform
PPTVServiceGroupREG_MULTI_SZ PPTVService
GPSvcGroupREG_MULTI_SZ GPSvc
iissvcsREG_MULTI_SZ w3svc was
apphostREG_MULTI_SZ apphostsvc
.
‘計劃任務’ 文件夾 裡的內容
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 00:11]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2174158749-396340439-4157524416-1000Core.job
- c:\users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 15:43]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2174158749-396340439-4157524416-1000UA.job
- c:\users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 15:43]
.
2012-12-11 c:\windows\Tasks\HPCeeScheduleForhp.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-02-08 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-25 01:49]
.
.
------- 而外的掃描 -------
.
uStart Page = hxxp://www.155.com/?id=2012
uInternet Settings,ProxyOverride = *.local
IE: &妏蚚&捃濘燭盄狟婥 - c:\program files\Thunder Network\Thunder\BHO\OfflineDownload.htm
IE: &妏蚚&捃濘狟婥 - c:\program files\Thunder Network\Thunder\BHO\geturl.htm
IE: &妏蚚&捃濘狟婥窒蟈諉 - c:\program files\Thunder Network\Thunder\BHO\GetAllUrl.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: 使用迅雷看看播放器播放 - c:\users\Public\Thunder Network\XMP4\Core\Program\XmpIEMenu.htm
IE: {{019c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolMenu.htm
IE: {{119c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\users\Public\Thunder Network\XMP4\Core\Program\XmpIEToolBar.htm
TCP: DhcpNameServer = 172.18.0.36 172.18.0.37
Handler: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - c:\progra~1\KUGOU2~1\KUGOO3~1.OCX
Handler: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - c:\progra~1\KUGOU2~1\KUGOO3~1.OCX
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-AVG_TRAY - c:\program files\AVG\AVG2012\avgtray.exe
AddRemove-PPSGame - d:\pps.tv\PPSGame\unppsgame.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Internet Explorer\MenuExt\&*?&*Cc喏甒競腤eZ]
@="c:\\Program Files\\Thunder Network\\Thunder\\BHO\\OfflineDownload.htm"
"Name"="xl_offlinedownload"
"Contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Internet Explorer\MenuExt\&*?&*Cc喏腤eZ]
@="c:\\Program Files\\Thunder Network\\Thunder\\BHO\\geturl.htm"
"Name"="xl_geturl"
"Contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Internet Explorer\MenuExt\&*?&*Cc喏腤eZ蘙??]
@="c:\\Program Files\\Thunder Network\\Thunder\\BHO\\GetAllUrl.htm"
"Name"="xl_getallurl"
"Contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2174158749-396340439-4157524416-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2174158749-396340439-4157524416-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2174158749-396340439-4157524416-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2174158749-396340439-4157524416-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2174158749-396340439-4157524416-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2174158749-396340439-4157524416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
完成時間: 2013-02-08 16:03:25
ComboFix-quarantined-files.txt 2013-02-08 21:03
.
Pre-Run: 127?635?922?944 bytes free
Post-Run: 128?544?309?248 bytes free
.
- - End Of File - - 0EF878D7CF8A208C5823598609C47998

 

[Broni]

Looks good.

How is computer doing?

===============================

You're running two AV programs, AVG and MSE.
You must uninstall one of them.
If AVG use AVG Remover: http://www.avg.com/us-en/utilities

===========================

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

==========================

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

========================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[Carmen__Tsamg]

Which one do you reccomand to uninstall???? I am not sure which should I unintall

 

[Broni]

If you ask me I'm not a big fan of AVG.

 

[Carmen__Tsamg]

Lol why? (can I know the reasons? I hope I don't sound rude) So MSE is better?