Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 48

Thread: hjt log

  1. #11
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default

    antimalwarebyte scan got to 10.53 minutes then asked to shut down.
    starting to go on with other downloads.
    kevin

  2. #12
    Member Net_Surfer's Avatar
    Join Date
    May 2008
    Location
    Paradise Ca.
    Posts
    1,179
    Points
    89
    Blog Entries
    4

    Default

    Hi Kevin

    Does malwarebytes program gave you an error code?
    Our help here is always free but it does cost money to keep the site running. If you feel we've helped you kindly, Click here: >> Please Donate to the Forum <<


    "Obstacles are what you see when yo take your eyes off your Goals"

    Net_Surfer is a Graduate of BleepingComputer Malware Removal Training ProgramYou too could train to help others!.

  3. #13
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default

    HI Net server I have some logs for you.
    I also blocked pv.cfxx and quarantined handle.cfxx;rmbr.cfxx; when combo fix rebooted my machine which kaspersky picked up.
    I am still having huge issues with staying connected to the internet on the desk top which is connected to modem. wireless applications and sons laptop no issue.
    odd for mine.anyway keep ticking the boxes and eliminating stuff.
    thanks heaps mate.
    kevin
    ================
    exeHelper by Raktor
    Build 20100414
    Run at 15:32:52 on 05/08/11
    Now searching...
    Checking for numerical processes...
    Checking for sysguard processes...
    Checking for bad processes...
    Checking for bad files...
    Checking for bad registry entries...
    Resetting filetype association for .exe
    Resetting filetype association for .com
    Resetting userinit and shell values...
    Resetting policies...
    --Finished--
    =========================
    2011/05/08 15:38:19.0578 2096 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
    2011/05/08 15:38:21.0593 2096 ================================================================================
    2011/05/08 15:38:21.0593 2096 SystemInfo:
    2011/05/08 15:38:21.0593 2096
    2011/05/08 15:38:21.0593 2096 OS Version: 5.1.2600 ServicePack: 3.0
    2011/05/08 15:38:21.0593 2096 Product type: Workstation
    2011/05/08 15:38:21.0593 2096 ComputerName: KAMMBOYD
    2011/05/08 15:38:21.0593 2096 UserName: Kevin
    2011/05/08 15:38:21.0593 2096 Windows directory: C:\WINDOWS
    2011/05/08 15:38:21.0593 2096 System windows directory: C:\WINDOWS
    2011/05/08 15:38:21.0593 2096 Processor architecture: Intel x86
    2011/05/08 15:38:21.0593 2096 Number of processors: 1
    2011/05/08 15:38:21.0593 2096 Page size: 0x1000
    2011/05/08 15:38:21.0593 2096 Boot type: Normal boot
    2011/05/08 15:38:21.0593 2096 ================================================================================
    2011/05/08 15:38:22.0125 2096 Initialize success
    2011/05/08 15:38:25.0187 2972 ================================================================================
    2011/05/08 15:38:25.0187 2972 Scan started
    2011/05/08 15:38:25.0187 2972 Mode: Manual;
    2011/05/08 15:38:25.0187 2972 ================================================================================
    2011/05/08 15:38:26.0109 2972 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
    2011/05/08 15:38:27.0093 2972 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/05/08 15:38:27.0250 2972 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    2011/05/08 15:38:27.0828 2972 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/05/08 15:38:28.0187 2972 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
    2011/05/08 15:38:29.0562 2972 alcan5ln (a1ea42f5d92b8af153fade3f3d10a428) C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
    2011/05/08 15:38:29.0937 2972 alcaudsl (04980fc44329263f318d45325a525f06) C:\WINDOWS\system32\DRIVERS\alcaudsl.sys
    2011/05/08 15:38:30.0421 2972 ALCXWDM (bea942ff21154fee4f71ddd477621c70) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
    2011/05/08 15:38:31.0109 2972 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
    2011/05/08 15:38:31.0640 2972 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2011/05/08 15:38:32.0906 2972 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/05/08 15:38:33.0078 2972 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/05/08 15:38:33.0609 2972 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/05/08 15:38:33.0812 2972 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/05/08 15:38:33.0984 2972 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
    2011/05/08 15:38:34.0328 2972 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
    2011/05/08 15:38:34.0484 2972 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/05/08 15:38:34.0656 2972 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    2011/05/08 15:38:34.0671 2972 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    2011/05/08 15:38:34.0968 2972 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/05/08 15:38:35.0109 2972 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    2011/05/08 15:38:35.0562 2972 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/05/08 15:38:35.0718 2972 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/05/08 15:38:35.0875 2972 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/05/08 15:38:36.0656 2972 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
    2011/05/08 15:38:38.0296 2972 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/05/08 15:38:38.0625 2972 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/05/08 15:38:38.0843 2972 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    2011/05/08 15:38:38.0968 2972 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/05/08 15:38:39.0203 2972 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/05/08 15:38:39.0796 2972 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/05/08 15:38:40.0078 2972 ENIMSR (5ef446083a3712ce8a237182bb9c7934) C:\PROGRA~1\EFFICI~1\ENTERN~1\app\ENIMSR.SYS
    2011/05/08 15:38:40.0453 2972 ENTECH (bdd170fecb0e496a914318009d85b819) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
    2011/05/08 15:38:40.0640 2972 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/05/08 15:38:40.0765 2972 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    2011/05/08 15:38:41.0109 2972 FilterService (f83c0fd028dd37be4a337b138eba6b7b) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
    2011/05/08 15:38:41.0281 2972 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    2011/05/08 15:38:41.0531 2972 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    2011/05/08 15:38:41.0859 2972 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/05/08 15:38:41.0921 2972 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/05/08 15:38:42.0062 2972 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/05/08 15:38:42.0453 2972 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    2011/05/08 15:38:42.0625 2972 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/05/08 15:38:42.0937 2972 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/05/08 15:38:43.0843 2972 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    2011/05/08 15:38:44.0218 2972 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    2011/05/08 15:38:44.0578 2972 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    2011/05/08 15:38:45.0015 2972 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/05/08 15:38:45.0984 2972 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/05/08 15:38:46.0140 2972 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/05/08 15:38:47.0093 2972 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/05/08 15:38:47.0203 2972 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/05/08 15:38:47.0406 2972 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/05/08 15:38:47.0593 2972 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/05/08 15:38:47.0765 2972 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/05/08 15:38:47.0968 2972 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/05/08 15:38:48.0156 2972 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/05/08 15:38:48.0390 2972 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/05/08 15:38:48.0703 2972 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
    2011/05/08 15:38:48.0875 2972 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
    2011/05/08 15:38:49.0109 2972 KLIF (44ec6b3dbe167c7fa818f9918d2cbf22) C:\WINDOWS\system32\DRIVERS\klif.sys
    2011/05/08 15:38:49.0437 2972 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
    2011/05/08 15:38:49.0640 2972 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
    2011/05/08 15:38:49.0875 2972 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/05/08 15:38:50.0250 2972 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/05/08 15:38:51.0015 2972 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
    2011/05/08 15:38:51.0375 2972 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
    2011/05/08 15:38:51.0718 2972 LVRS (a198cd8a1c813d9ceba29a29d45fc94c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
    2011/05/08 15:38:52.0171 2972 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
    2011/05/08 15:38:52.0687 2972 LVUVC (5c20c4be679842cbee729b0cff5928bd) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
    2011/05/08 15:38:53.0031 2972 MBAMSwissArmy (d68e165c3123aba3b1282eddb4213bd8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2011/05/08 15:38:53.0218 2972 Memctl (6dc926c53624755b07cfe254f3845afa) C:\Program Files\ABIT\ABIT uGuru\Memctl.sys
    2011/05/08 15:38:53.0406 2972 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/05/08 15:38:53.0609 2972 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    2011/05/08 15:38:53.0750 2972 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/05/08 15:38:54.0437 2972 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/05/08 15:38:54.0656 2972 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/05/08 15:38:55.0296 2972 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/05/08 15:38:55.0750 2972 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/05/08 15:38:55.0984 2972 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
    2011/05/08 15:38:56.0171 2972 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/05/08 15:38:56.0375 2972 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/05/08 15:38:56.0546 2972 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/05/08 15:38:56.0718 2972 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/05/08 15:38:56.0953 2972 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/05/08 15:38:57.0078 2972 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    2011/05/08 15:38:57.0234 2972 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2011/05/08 15:38:57.0375 2972 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    2011/05/08 15:38:57.0531 2972 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/05/08 15:38:57.0671 2972 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    2011/05/08 15:38:57.0828 2972 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/05/08 15:38:57.0984 2972 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/05/08 15:38:58.0093 2972 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/05/08 15:38:58.0437 2972 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/05/08 15:38:58.0656 2972 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/05/08 15:38:58.0828 2972 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/05/08 15:38:59.0062 2972 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2011/05/08 15:38:59.0234 2972 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/05/08 15:38:59.0593 2972 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys
    2011/05/08 15:38:59.0781 2972 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/05/08 15:39:00.0140 2972 NTSPPPOE (6309899ba2cef2fec5b87d70aee27b25) C:\WINDOWS\system32\DRIVERS\ntspppoe.sys
    2011/05/08 15:39:00.0406 2972 NTSTAP1 (8fc0ebec34a84994293b0d32a6ebe624) C:\PROGRA~1\EFFICI~1\ENTERN~1\app\NTSTAP1.SYS
    2011/05/08 15:39:00.0750 2972 NTSTAP2 (8fc0ebec34a84994293b0d32a6ebe624) C:\PROGRA~1\EFFICI~1\ENTERN~1\app\NTSTAP2.SYS
    2011/05/08 15:39:00.0843 2972 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/05/08 15:39:01.0812 2972 nv (ceab17ba3e0f7de96a4649f896b35131) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    2011/05/08 15:39:02.0187 2972 nvatabus (83f0275a21d9772b51cef57e35afae61) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
    2011/05/08 15:39:02.0281 2972 nvax (f3d3015e52f2732042197d4edcaac2cb) C:\WINDOWS\system32\drivers\nvax.sys
    2011/05/08 15:39:02.0593 2972 nvcchflt (fb7213bc5279c1af5e4e9ca05d944f2c) C:\WINDOWS\system32\DRIVERS\nvcchflt.sys
    2011/05/08 15:39:02.0843 2972 NVENETFD (468e839f0f7aff5c9baa4717b82cdd11) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
    2011/05/08 15:39:03.0093 2972 nvnetbus (7a6444c5f0d53c7e6e7f500bc4c930f7) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
    2011/05/08 15:39:03.0343 2972 nvnforce (6d6fd2b7035d415621acaf1e555c8b90) C:\WINDOWS\system32\drivers\nvapu.sys
    2011/05/08 15:39:03.0437 2972 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/05/08 15:39:03.0531 2972 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/05/08 15:39:03.0671 2972 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2011/05/08 15:39:03.0718 2972 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
    2011/05/08 15:39:03.0875 2972 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/05/08 15:39:03.0984 2972 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/05/08 15:39:04.0343 2972 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
    2011/05/08 15:39:04.0500 2972 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/05/08 15:39:04.0984 2972 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/05/08 15:39:05.0125 2972 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    2011/05/08 15:39:07.0593 2972 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    2011/05/08 15:39:07.0765 2972 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/05/08 15:39:07.0984 2972 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
    2011/05/08 15:39:08.0140 2972 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/05/08 15:39:08.0265 2972 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/05/08 15:39:10.0125 2972 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/05/08 15:39:10.0296 2972 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/05/08 15:39:10.0453 2972 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/05/08 15:39:10.0515 2972 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/05/08 15:39:10.0750 2972 RAWESR (e13bdfb79b2b9a8fadb4cbdd171e4375) C:\PROGRA~1\EFFICI~1\ENTERN~1\app\RAWESR.SYS
    2011/05/08 15:39:10.0921 2972 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/05/08 15:39:11.0046 2972 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/05/08 15:39:11.0218 2972 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    2011/05/08 15:39:11.0343 2972 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/05/08 15:39:11.0531 2972 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/05/08 15:39:11.0750 2972 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    2011/05/08 15:39:11.0968 2972 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    2011/05/08 15:39:12.0359 2972 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/05/08 15:39:12.0515 2972 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
    2011/05/08 15:39:12.0687 2972 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/05/08 15:39:13.0296 2972 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    2011/05/08 15:39:14.0000 2972 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/05/08 15:39:14.0390 2972 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/05/08 15:39:14.0640 2972 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/05/08 15:39:15.0046 2972 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    2011/05/08 15:39:15.0484 2972 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/05/08 15:39:15.0859 2972 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/05/08 15:39:17.0765 2972 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/05/08 15:39:18.0046 2972 TAPBIND (88ad4a7d066a2a004d6d93e736f1070e) C:\PROGRA~1\EFFICI~1\ENTERN~1\app\TAPBIND1.SYS
    2011/05/08 15:39:18.0390 2972 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/05/08 15:39:18.0828 2972 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/05/08 15:39:19.0281 2972 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/05/08 15:39:19.0718 2972 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/05/08 15:39:20.0703 2972 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/05/08 15:39:21.0000 2972 uGuru (f28a8acac1ba129aa5a8fc51c27fedd1) C:\WINDOWS\system32\Drivers\uGuru.sys
    2011/05/08 15:39:21.0578 2972 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/05/08 15:39:21.0796 2972 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2011/05/08 15:39:22.0140 2972 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    2011/05/08 15:39:22.0468 2972 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/05/08 15:39:22.0718 2972 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/05/08 15:39:23.0093 2972 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/05/08 15:39:23.0546 2972 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    2011/05/08 15:39:23.0921 2972 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/05/08 15:39:24.0343 2972 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2011/05/08 15:39:24.0734 2972 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/05/08 15:39:24.0937 2972 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    2011/05/08 15:39:25.0687 2972 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/05/08 15:39:26.0468 2972 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/05/08 15:39:26.0875 2972 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/05/08 15:39:27.0218 2972 wceusbsh (4c0b8ef721783f52f8e531fbdc4b1f74) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
    2011/05/08 15:39:27.0968 2972 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/05/08 15:39:28.0109 2972 Winflash (fd5b87cd55134bf3545116dbbd45be88) C:\Program Files\ABIT\ABIT uGuru\WinFlash.sys
    2011/05/08 15:39:28.0531 2972 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    2011/05/08 15:39:28.0687 2972 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    2011/05/08 15:39:29.0062 2972 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    2011/05/08 15:39:29.0390 2972 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2011/05/08 15:39:29.0765 2972 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2011/05/08 15:39:30.0437 2972 ================================================================================
    2011/05/08 15:39:30.0437 2972 Scan finished
    2011/05/08 15:39:30.0437 2972 ================================================================================
    ================================
    ComboFix 11-05-04.04 - Kevin 08/05/2011 15:53:27.6.1 - FAT32x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2047.1560 [GMT 10:00]
    Running from: c:\documents and settings\Kevin\Desktop\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\Kevin\WINDOWS
    c:\windows\system32\win.ini
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-04-08 to 2011-05-08 )))))))))))))))))))))))))))))))
    .
    .
    2011-05-08 05:06 . 2010-12-20 08:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-08 05:06 . 2010-12-20 08:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-04-27 07:40 . 2010-10-05 11:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
    2011-04-27 07:40 . 2010-10-05 11:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
    2011-04-27 07:40 . 2011-04-27 07:55 97859 ----a-w- c:\windows\system32\drivers\klick.dat
    2011-04-27 07:40 . 2011-04-27 07:55 115267 ----a-w- c:\windows\system32\drivers\klin.dat
    2011-04-27 07:39 . 2011-04-27 07:39 -------- d-----w- c:\program files\Kaspersky Lab
    2011-04-27 07:39 . 2011-04-27 07:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
    2011-04-27 07:25 . 2011-04-27 07:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
    2011-04-23 01:02 . 2011-04-23 01:02 -------- d-----w- c:\program files\iPod
    2011-04-23 01:02 . 2011-04-23 01:02 -------- d-----w- c:\program files\iTunes
    2011-04-23 01:00 . 2011-04-23 01:00 -------- d-----w- c:\documents and settings\Megan
    2011-04-23 00:58 . 2011-04-23 00:58 -------- d-----w- c:\program files\Bonjour
    2011-04-21 06:04 . 2011-04-21 06:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-04-20 01:22 . 2011-04-20 01:22 -------- d-----w- c:\documents and settings\Kevin\Application Data\ImgBurn
    2011-04-20 01:13 . 2011-04-20 01:14 -------- d-----w- c:\program files\ImgBurn
    2011-04-19 01:32 . 2011-04-19 01:32 -------- d-----w- c:\program files\ParetoLogic
    2011-04-18 05:10 . 2011-04-18 05:10 -------- d-----w- C:\FOUND.042
    2011-04-18 02:43 . 2011-04-18 02:43 -------- d-----w- c:\documents and settings\Kevin\DoctorWeb
    2011-04-17 10:09 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
    2011-04-17 10:09 . 2001-08-17 12:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
    2011-04-17 10:09 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
    2011-04-17 10:09 . 2001-08-17 12:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
    2011-04-17 10:09 . 2001-08-17 12:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
    2011-04-17 10:08 . 2001-08-17 12:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
    2011-04-17 10:08 . 2001-08-17 02:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
    2011-04-17 10:08 . 2004-08-03 12:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
    2011-04-17 10:08 . 2004-08-03 12:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
    2011-04-17 10:08 . 2008-04-14 00:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
    2011-04-17 10:07 . 2008-04-13 18:36 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
    2011-04-17 10:07 . 2004-08-03 12:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
    2011-04-17 10:07 . 2001-08-17 02:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
    2011-04-17 10:07 . 2001-08-17 03:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
    2011-04-17 10:07 . 2001-08-17 12:36 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
    2011-04-17 10:07 . 2001-08-17 12:36 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
    2011-04-17 10:07 . 2001-08-17 03:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
    2011-04-17 10:05 . 2001-08-17 02:14 249402 ----a-w- c:\windows\system32\dllcache\vinwm.sys
    2011-04-17 10:04 . 2001-08-17 12:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
    2011-04-17 10:04 . 2001-08-17 12:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll
    2011-04-17 10:04 . 2001-08-17 12:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
    2011-04-17 10:04 . 2001-08-17 12:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll
    2011-04-17 10:04 . 2001-08-17 03:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
    2011-04-17 10:04 . 2001-08-17 12:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
    2011-04-17 10:04 . 2001-08-17 12:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll
    2011-04-17 10:04 . 2001-08-17 12:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
    2011-04-17 10:04 . 2001-08-17 12:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
    2011-04-17 10:04 . 2001-08-17 03:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys
    2011-04-17 10:04 . 2001-08-17 03:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys
    2011-04-17 10:04 . 2001-08-17 02:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys
    2011-04-17 10:04 . 2001-08-17 12:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll
    2011-04-17 10:02 . 2001-08-17 04:56 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
    2011-04-17 10:01 . 2001-08-17 12:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll
    2011-04-17 10:00 . 2001-08-17 12:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll
    2011-04-17 09:59 . 2001-08-17 12:36 28160 ----a-w- c:\windows\system32\dllcache\sm91w.dll
    2011-04-17 09:59 . 2004-08-03 12:31 63547 ----a-w- c:\windows\system32\dllcache\sla30nd5.sys
    2011-04-17 09:59 . 2001-08-17 02:12 91294 ----a-w- c:\windows\system32\dllcache\skfpwin.sys
    2011-04-17 09:59 . 2001-08-17 02:12 94698 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys
    2011-04-17 09:59 . 2001-08-17 04:56 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
    2011-04-17 09:59 . 2001-08-17 02:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys
    2011-04-17 09:59 . 2004-08-03 12:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys
    2011-04-17 09:59 . 2001-08-17 12:36 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll
    2011-04-17 09:59 . 2001-08-17 02:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys
    2011-04-17 09:59 . 2001-08-17 04:56 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll
    2011-04-17 09:59 . 2001-08-17 02:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys
    2011-04-17 09:59 . 2001-08-17 04:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
    2011-04-17 09:59 . 2001-08-17 02:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys
    2011-04-17 09:58 . 2001-07-21 04:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys
    2011-04-17 09:58 . 2001-07-21 04:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys
    2011-04-17 09:58 . 2001-08-17 02:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys
    2011-04-17 09:58 . 2001-08-17 12:36 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll
    2011-04-17 09:58 . 2001-08-17 02:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys
    2011-04-17 09:58 . 2001-08-17 03:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
    2011-04-17 09:58 . 2001-08-17 03:48 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
    2011-04-17 09:58 . 2001-08-17 03:53 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys
    2011-04-17 09:58 . 2008-04-13 18:45 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys
    2011-04-17 09:58 . 2001-08-17 03:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys
    2011-04-17 09:58 . 2001-08-17 03:51 17280 ----a-w- c:\windows\system32\dllcache\scr111.sys
    2011-04-17 09:58 . 2001-08-17 03:51 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys
    2011-04-17 09:56 . 2008-04-14 00:12 27648 ----a-w- c:\windows\system32\dllcache\rw430ext.dll
    2011-04-17 09:55 . 2001-08-17 03:52 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
    2011-04-17 09:54 . 2001-08-17 03:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
    2011-04-17 09:53 . 2001-08-17 02:11 29769 ----a-w- c:\windows\system32\dllcache\pcntn5m.sys
    2011-04-17 09:52 . 2001-08-17 04:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
    2011-04-17 09:52 . 2001-08-17 03:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
    2011-04-17 09:52 . 2001-08-17 02:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
    2011-04-17 09:52 . 2001-08-17 02:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
    2011-04-17 09:52 . 2001-08-17 02:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
    2011-04-17 09:52 . 2001-08-17 02:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
    2011-04-17 09:52 . 2001-08-17 12:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
    2011-04-17 09:52 . 2001-08-17 02:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
    2011-04-17 09:52 . 2001-08-17 03:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
    2011-04-17 09:50 . 2001-08-17 12:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
    2011-04-17 09:50 . 2001-08-17 02:50 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
    2011-04-17 09:50 . 2001-08-17 04:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
    2011-04-17 09:50 . 2001-08-17 02:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
    2011-04-17 09:50 . 2001-08-17 02:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
    2011-04-17 09:50 . 2001-08-17 03:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
    2011-04-17 09:50 . 2001-08-17 12:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
    2011-04-17 09:50 . 2001-08-17 03:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
    2011-04-17 09:50 . 2001-08-17 12:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
    2011-04-17 09:50 . 2001-08-17 03:50 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
    2011-04-17 09:50 . 2001-08-17 02:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
    2011-04-17 09:50 . 2008-04-13 18:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
    2011-04-17 09:49 . 2001-08-17 03:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
    2011-04-17 09:49 . 2001-08-17 04:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
    2011-04-17 09:49 . 2008-04-13 18:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
    2011-04-17 09:49 . 2001-08-17 04:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
    2011-04-17 09:49 . 2001-08-17 03:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
    2011-04-17 09:47 . 2001-08-17 12:36 58368 ----a-w- c:\windows\system32\dllcache\m3091dc.dll
    2011-04-17 09:46 . 2008-04-13 18:39 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
    2011-04-17 09:46 . 2001-08-17 03:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
    2011-04-17 09:46 . 2001-08-17 03:51 18688 ----a-w- c:\windows\system32\dllcache\irsir.sys
    2011-04-17 09:46 . 2008-04-14 00:11 28160 ----a-w- c:\windows\system32\dllcache\irmon.dll
    2011-04-17 09:46 . 2001-08-17 03:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys
    2011-04-17 09:46 . 2008-04-14 00:12 151552 ----a-w- c:\windows\system32\dllcache\irftp.exe
    2011-04-17 09:46 . 2008-04-13 18:54 88192 ----a-w- c:\windows\system32\dllcache\irda.sys
    2011-04-17 09:46 . 2001-08-17 02:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
    2011-04-17 09:46 . 2001-08-17 12:36 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll
    2011-04-17 09:46 . 2001-08-17 03:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys
    2011-04-17 09:46 . 2008-04-13 18:40 5504 ----a-w- c:\windows\system32\dllcache\intelide.sys
    2011-04-17 09:46 . 2001-08-17 03:47 13056 ----a-w- c:\windows\system32\dllcache\inport.sys
    2011-04-17 09:46 . 2001-08-17 03:52 16000 ----a-w- c:\windows\system32\dllcache\ini910u.sys
    2011-04-17 09:45 . 2001-08-17 12:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
    2011-04-17 09:45 . 2001-08-17 04:06 100992 ----a-w- c:\windows\system32\dllcache\icam5usb.sys
    2011-04-17 09:45 . 2001-08-17 12:36 20480 ----a-w- c:\windows\system32\dllcache\icam5ext.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-04-06 06:20 . 2011-04-06 06:20 91424 ----a-w- c:\windows\system32\dnssd.dll
    2011-04-06 06:20 . 2011-04-06 06:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2011-03-07 05:33 . 2005-12-12 07:11 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-04 06:37 . 2004-08-04 02:00 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-03-03 13:21 . 2004-08-04 02:00 1857920 ----a-w- c:\windows\system32\win32k.sys
    2011-02-22 23:06 . 2004-08-04 02:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-02-22 23:06 . 2004-08-04 02:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-02-22 23:06 . 2004-08-04 02:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-02-22 11:42 . 2004-08-04 02:00 385024 ----a-w- c:\windows\system32\html.iec
    2011-02-18 06:36 . 2010-12-07 11:34 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2011-02-18 06:36 . 2010-12-07 11:34 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2011-02-17 13:18 . 2004-08-04 02:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-02-17 13:18 . 2004-08-04 02:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-02-17 12:32 . 2009-04-16 07:26 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2011-02-15 12:56 . 2004-08-04 02:00 290432 ----a-w- c:\windows\system32\atmfd.dll
    2011-02-09 14:53 . 2004-08-04 02:00 270848 ----a-w- c:\windows\system32\sbe.dll
    2011-02-09 14:53 . 2004-08-04 02:00 186880 ----a-w- c:\windows\system32\encdec.dll
    2011-02-08 13:33 . 2004-08-04 02:00 978944 ----a-w- c:\windows\system32\mfc42.dll
    2011-02-08 13:33 . 2004-08-04 02:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2006-02-23 00:33 . 2006-02-23 00:32 3780096 ----a-w- c:\program files\ow32enen852.exe
    2006-01-05 05:12 . 2006-01-05 05:09 6910088 ----a-w- c:\program files\MicrosoftAntiSpywareInstall.exe
    2006-01-05 05:08 . 2006-01-05 05:08 466696 ----a-w- c:\program files\GenuineCheck.exe
    .
    .
    ------- Sigcheck -------
    .
    [7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
    [7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
    [7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\erdnt\cache\wscntfy.exe
    [7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
    [7] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-04-27 365336]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-10 8429568]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
    backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
    backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Kevin^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
    path=c:\documents and settings\Kevin\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
    backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\JAVAW.EXE"=
    "c:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"=
    "c:\\Program Files\\Opera\\OPERA.EXE"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\FireTrust\\MailWasher\\MailWasherPro.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    .
    R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [12/12/2005 6:07 PM 16640]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [31/03/2010 8:56 PM 28552]
    R0 uGuru;uGuru;c:\windows\system32\drivers\uGuru.SYS [12/12/2005 6:17 PM 10752]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [9/06/2010 5:43 PM 11352]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [18/02/2010 4:25 AM 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [11/05/2010 4:41 AM 67656]
    R2 PPPoEService;PPPoE Service;c:\progra~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe [28/12/2005 1:20 PM 49152]
    R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [29/08/2007 8:22 PM 33792]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [7/05/2010 12:06 PM 32856]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2/11/2009 8:27 PM 19472]
    R3 NTSPPPOE;Efficient Networks Enternet P.P.P.o.E LAN Miniport Driver;c:\windows\system32\drivers\ntspppoe.sys [28/12/2005 1:20 PM 161640]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
    S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [28/12/2005 1:10 PM 36960]
    S3 ENIMSR;ENIMSR;c:\progra~1\EFFICI~1\ENTERN~1\app\ENIMSR.SYS [28/12/2005 1:20 PM 12924]
    S3 NTSTAP1;NTSTAP1;c:\progra~1\EFFICI~1\ENTERN~1\app\NTSTAP1.SYS [28/12/2005 1:20 PM 120128]
    S3 NTSTAP2;NTSTAP2;c:\progra~1\EFFICI~1\ENTERN~1\app\NTSTAP2.SYS [31/12/2005 2:22 PM 120128]
    S3 PSEXESVC;PsExec; [x]
    S3 RAWESR;RAWESR;c:\progra~1\EFFICI~1\ENTERN~1\app\RAWESR.SYS [28/12/2005 1:20 PM 12924]
    S3 SIWIO;SIWIO;\??\c:\windows\TEMP\SiwIo.sys --> c:\windows\TEMP\SiwIo.sys [?]
    S3 TAPBIND;TAPBIND;c:\progra~1\EFFICI~1\ENTERN~1\app\TAPBIND1.SYS [28/12/2005 1:20 PM 44544]
    S3 uti2mte3;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\uti2mte3.sys --> c:\windows\system32\Drivers\uti2mte3.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
    S4 EYOWS;EYOWS; [x]
    S4 HYLEOYVA;HYLEOYVA; [x]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-08-23 07:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 01:50]
    .
    2011-05-08 c:\windows\Tasks\User_Feed_Synchronization-{3571BDA7-0595-4FEC-B0F8-5145FB9BC0C7}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 18:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://pegasus2.pearsoned.com/Pegasus/Modules/TeachingPlan/frmCoursePreview.aspx
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    uInternet Settings,ProxyOverride = *.local
    IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    FF - ProfilePath - c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
    FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
    FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    pref(dom.disable_open_during_load, true);
    .
    - - - - ORPHANS REMOVED - - - -
    .
    AddRemove-Harmony Light 6 - c:\harmon~1\LIGHT6\UNWISE.EXE
    AddRemove-Harmony Light V5.02 - c:\harmon~1\LIGHT5\BIN\UNWISE.EXE
    AddRemove-HijackThis - c:\documents and settings\Kevin\My Documents\hjt2.02\HijackThis.exe
    AddRemove-Macromedia Shockwave Player - c:\windows\system32\MACROMED\SHOCKW~1\UNWISE.EXE
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-08 16:30
    Windows 5.1.2600 Service Pack 3 FAT NTAPI
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    .
    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\windows\system32\nvsvc32.exe
    c:\windows\system32\SearchIndexer.exe
    c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    c:\program files\Microsoft ActiveSync\WCESCOMM.EXE
    .
    **************************************************************************
    .
    Completion time: 2011-05-08 16:32:35 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-05-08 06:32
    ComboFix2.txt 2010-11-07 04:32
    ComboFix3.txt 2010-06-24 03:11
    ComboFix4.txt 2009-09-26 02:28
    .
    Pre-Run: 14,480,900,096 bytes free
    Post-Run: 14,087,192,576 bytes free
    .
    - - End Of File - - 5CCC8539BEBC0E250A1C413F7DE50104
    ====================
    ComboFix 11-05-04.04 - Kevin 08/05/2011 16:39:50.7.1 - FAT32x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2047.1526 [GMT 10:00]
    Running from: c:\documents and settings\Kevin\Desktop\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-04-08 to 2011-05-08 )))))))))))))))))))))))))))))))
    .
    .
    2011-05-08 05:06 . 2010-12-20 08:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-08 05:06 . 2010-12-20 08:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-04-27 07:40 . 2010-10-05 11:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
    2011-04-27 07:40 . 2010-10-05 11:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
    2011-04-27 07:40 . 2011-04-27 07:55 97859 ----a-w- c:\windows\system32\drivers\klick.dat
    2011-04-27 07:40 . 2011-04-27 07:55 115267 ----a-w- c:\windows\system32\drivers\klin.dat
    2011-04-27 07:39 . 2011-04-27 07:39 -------- d-----w- c:\program files\Kaspersky Lab
    2011-04-27 07:39 . 2011-04-27 07:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
    2011-04-27 07:25 . 2011-04-27 07:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
    2011-04-23 01:02 . 2011-04-23 01:02 -------- d-----w- c:\program files\iPod
    2011-04-23 01:02 . 2011-04-23 01:02 -------- d-----w- c:\program files\iTunes
    2011-04-23 01:00 . 2011-04-23 01:00 -------- d-----w- c:\documents and settings\Megan
    2011-04-23 00:58 . 2011-04-23 00:58 -------- d-----w- c:\program files\Bonjour
    2011-04-21 06:04 . 2011-04-21 06:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-04-20 01:22 . 2011-04-20 01:22 -------- d-----w- c:\documents and settings\Kevin\Application Data\ImgBurn
    2011-04-20 01:13 . 2011-04-20 01:14 -------- d-----w- c:\program files\ImgBurn
    2011-04-19 01:32 . 2011-04-19 01:32 -------- d-----w- c:\program files\ParetoLogic
    2011-04-18 05:10 . 2011-04-18 05:10 -------- d-----w- C:\FOUND.042
    2011-04-18 02:43 . 2011-04-18 02:43 -------- d-----w- c:\documents and settings\Kevin\DoctorWeb
    2011-04-17 10:09 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
    2011-04-17 10:09 . 2001-08-17 12:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
    2011-04-17 10:09 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
    2011-04-17 10:09 . 2001-08-17 12:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
    2011-04-17 10:09 . 2001-08-17 12:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
    2011-04-17 10:08 . 2001-08-17 12:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
    2011-04-17 10:08 . 2001-08-17 02:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
    2011-04-17 10:08 . 2004-08-03 12:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
    2011-04-17 10:08 . 2004-08-03 12:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
    2011-04-17 10:08 . 2008-04-14 00:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
    2011-04-17 10:07 . 2008-04-13 18:36 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
    2011-04-17 10:07 . 2004-08-03 12:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
    2011-04-17 10:07 . 2001-08-17 02:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
    2011-04-17 10:07 . 2001-08-17 03:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
    2011-04-17 10:07 . 2001-08-17 12:36 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
    2011-04-17 10:07 . 2001-08-17 12:36 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
    2011-04-17 10:07 . 2001-08-17 03:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
    2011-04-17 10:05 . 2001-08-17 02:14 249402 ----a-w- c:\windows\system32\dllcache\vinwm.sys
    2011-04-17 10:04 . 2001-08-17 12:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
    2011-04-17 10:04 . 2001-08-17 12:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll
    2011-04-17 10:04 . 2001-08-17 12:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
    2011-04-17 10:04 . 2001-08-17 12:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll
    2011-04-17 10:04 . 2001-08-17 03:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
    2011-04-17 10:04 . 2001-08-17 12:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
    2011-04-17 10:04 . 2001-08-17 12:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll
    2011-04-17 10:04 . 2001-08-17 12:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
    2011-04-17 10:04 . 2001-08-17 12:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
    2011-04-17 10:04 . 2001-08-17 03:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys
    2011-04-17 10:04 . 2001-08-17 03:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys
    2011-04-17 10:04 . 2001-08-17 02:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys
    2011-04-17 10:04 . 2001-08-17 12:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll
    2011-04-17 10:02 . 2001-08-17 04:56 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
    2011-04-17 10:01 . 2001-08-17 12:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll
    2011-04-17 10:00 . 2001-08-17 12:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll
    2011-04-17 09:59 . 2001-08-17 12:36 28160 ----a-w- c:\windows\system32\dllcache\sm91w.dll
    2011-04-17 09:59 . 2004-08-03 12:31 63547 ----a-w- c:\windows\system32\dllcache\sla30nd5.sys
    2011-04-17 09:59 . 2001-08-17 02:12 91294 ----a-w- c:\windows\system32\dllcache\skfpwin.sys
    2011-04-17 09:59 . 2001-08-17 02:12 94698 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys
    2011-04-17 09:59 . 2001-08-17 04:56 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
    2011-04-17 09:59 . 2001-08-17 02:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys
    2011-04-17 09:59 . 2004-08-03 12:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys
    2011-04-17 09:59 . 2001-08-17 12:36 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll
    2011-04-17 09:59 . 2001-08-17 02:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys
    2011-04-17 09:59 . 2001-08-17 04:56 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll
    2011-04-17 09:59 . 2001-08-17 02:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys
    2011-04-17 09:59 . 2001-08-17 04:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
    2011-04-17 09:59 . 2001-08-17 02:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys
    2011-04-17 09:58 . 2001-07-21 04:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys
    2011-04-17 09:58 . 2001-07-21 04:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys
    2011-04-17 09:58 . 2001-08-17 02:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys
    2011-04-17 09:58 . 2001-08-17 12:36 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll
    2011-04-17 09:58 . 2001-08-17 02:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys
    2011-04-17 09:58 . 2001-08-17 03:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
    2011-04-17 09:58 . 2001-08-17 03:48 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
    2011-04-17 09:58 . 2001-08-17 03:53 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys
    2011-04-17 09:58 . 2008-04-13 18:45 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys
    2011-04-17 09:58 . 2001-08-17 03:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys
    2011-04-17 09:58 . 2001-08-17 03:51 17280 ----a-w- c:\windows\system32\dllcache\scr111.sys
    2011-04-17 09:58 . 2001-08-17 03:51 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys
    2011-04-17 09:56 . 2008-04-14 00:12 27648 ----a-w- c:\windows\system32\dllcache\rw430ext.dll
    2011-04-17 09:55 . 2001-08-17 03:52 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
    2011-04-17 09:54 . 2001-08-17 03:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
    2011-04-17 09:53 . 2001-08-17 02:11 29769 ----a-w- c:\windows\system32\dllcache\pcntn5m.sys
    2011-04-17 09:52 . 2001-08-17 04:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
    2011-04-17 09:52 . 2001-08-17 03:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
    2011-04-17 09:52 . 2001-08-17 02:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
    2011-04-17 09:52 . 2001-08-17 02:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
    2011-04-17 09:52 . 2001-08-17 02:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
    2011-04-17 09:52 . 2001-08-17 02:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
    2011-04-17 09:52 . 2001-08-17 12:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
    2011-04-17 09:52 . 2001-08-17 02:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
    2011-04-17 09:52 . 2001-08-17 03:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
    2011-04-17 09:50 . 2001-08-17 12:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
    2011-04-17 09:50 . 2001-08-17 02:50 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
    2011-04-17 09:50 . 2001-08-17 04:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
    2011-04-17 09:50 . 2001-08-17 02:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
    2011-04-17 09:50 . 2001-08-17 02:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
    2011-04-17 09:50 . 2001-08-17 03:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
    2011-04-17 09:50 . 2001-08-17 12:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
    2011-04-17 09:50 . 2001-08-17 03:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
    2011-04-17 09:50 . 2001-08-17 12:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
    2011-04-17 09:50 . 2001-08-17 03:50 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
    2011-04-17 09:50 . 2001-08-17 02:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
    2011-04-17 09:50 . 2008-04-13 18:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
    2011-04-17 09:49 . 2001-08-17 03:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
    2011-04-17 09:49 . 2001-08-17 04:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
    2011-04-17 09:49 . 2008-04-13 18:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
    2011-04-17 09:49 . 2001-08-17 04:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
    2011-04-17 09:49 . 2001-08-17 03:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
    2011-04-17 09:47 . 2001-08-17 12:36 58368 ----a-w- c:\windows\system32\dllcache\m3091dc.dll
    2011-04-17 09:46 . 2008-04-13 18:39 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
    2011-04-17 09:46 . 2001-08-17 03:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
    2011-04-17 09:46 . 2001-08-17 03:51 18688 ----a-w- c:\windows\system32\dllcache\irsir.sys
    2011-04-17 09:46 . 2008-04-14 00:11 28160 ----a-w- c:\windows\system32\dllcache\irmon.dll
    2011-04-17 09:46 . 2001-08-17 03:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys
    2011-04-17 09:46 . 2008-04-14 00:12 151552 ----a-w- c:\windows\system32\dllcache\irftp.exe
    2011-04-17 09:46 . 2008-04-13 18:54 88192 ----a-w- c:\windows\system32\dllcache\irda.sys
    2011-04-17 09:46 . 2001-08-17 02:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
    2011-04-17 09:46 . 2001-08-17 12:36 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll
    2011-04-17 09:46 . 2001-08-17 03:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys
    2011-04-17 09:46 . 2008-04-13 18:40 5504 ----a-w- c:\windows\system32\dllcache\intelide.sys
    2011-04-17 09:46 . 2001-08-17 03:47 13056 ----a-w- c:\windows\system32\dllcache\inport.sys
    2011-04-17 09:46 . 2001-08-17 03:52 16000 ----a-w- c:\windows\system32\dllcache\ini910u.sys
    2011-04-17 09:45 . 2001-08-17 12:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
    2011-04-17 09:45 . 2001-08-17 04:06 100992 ----a-w- c:\windows\system32\dllcache\icam5usb.sys
    2011-04-17 09:45 . 2001-08-17 12:36 20480 ----a-w- c:\windows\system32\dllcache\icam5ext.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-04-06 06:20 . 2011-04-06 06:20 91424 ----a-w- c:\windows\system32\dnssd.dll
    2011-04-06 06:20 . 2011-04-06 06:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2011-03-07 05:33 . 2005-12-12 07:11 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-04 06:37 . 2004-08-04 02:00 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-03-03 13:21 . 2004-08-04 02:00 1857920 ----a-w- c:\windows\system32\win32k.sys
    2011-02-22 23:06 . 2004-08-04 02:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-02-22 23:06 . 2004-08-04 02:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-02-22 23:06 . 2004-08-04 02:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-02-22 11:42 . 2004-08-04 02:00 385024 ----a-w- c:\windows\system32\html.iec
    2011-02-18 06:36 . 2010-12-07 11:34 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2011-02-18 06:36 . 2010-12-07 11:34 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2011-02-17 13:18 . 2004-08-04 02:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-02-17 13:18 . 2004-08-04 02:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-02-17 12:32 . 2009-04-16 07:26 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2011-02-15 12:56 . 2004-08-04 02:00 290432 ----a-w- c:\windows\system32\atmfd.dll
    2011-02-09 14:53 . 2004-08-04 02:00 270848 ----a-w- c:\windows\system32\sbe.dll
    2011-02-09 14:53 . 2004-08-04 02:00 186880 ----a-w- c:\windows\system32\encdec.dll
    2011-02-08 13:33 . 2004-08-04 02:00 978944 ----a-w- c:\windows\system32\mfc42.dll
    2011-02-08 13:33 . 2004-08-04 02:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2006-02-23 00:33 . 2006-02-23 00:32 3780096 ----a-w- c:\program files\ow32enen852.exe
    2006-01-05 05:12 . 2006-01-05 05:09 6910088 ----a-w- c:\program files\MicrosoftAntiSpywareInstall.exe
    2006-01-05 05:08 . 2006-01-05 05:08 466696 ----a-w- c:\program files\GenuineCheck.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2011-04-27 365336]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-10 8429568]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
    backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
    backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Kevin^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
    path=c:\documents and settings\Kevin\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
    backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\JAVAW.EXE"=
    "c:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"=
    "c:\\Program Files\\Opera\\OPERA.EXE"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\FireTrust\\MailWasher\\MailWasherPro.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    .
    R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [12/12/2005 6:07 PM 16640]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [31/03/2010 8:56 PM 28552]
    R0 uGuru;uGuru;c:\windows\system32\drivers\uGuru.SYS [12/12/2005 6:17 PM 10752]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [9/06/2010 5:43 PM 11352]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [18/02/2010 4:25 AM 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [11/05/2010 4:41 AM 67656]
    R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [29/08/2007 8:22 PM 33792]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [7/05/2010 12:06 PM 32856]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2/11/2009 8:27 PM 19472]
    R3 NTSPPPOE;Efficient Networks Enternet P.P.P.o.E LAN Miniport Driver;c:\windows\system32\drivers\ntspppoe.sys [28/12/2005 1:20 PM 161640]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384]
    S2 PPPoEService;PPPoE Service;c:\progra~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe [28/12/2005 1:20 PM 49152]
    S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [28/12/2005 1:10 PM 36960]
    S3 ENIMSR;ENIMSR;c:\progra~1\EFFICI~1\ENTERN~1\app\ENIMSR.SYS [28/12/2005 1:20 PM 12924]
    S3 NTSTAP1;NTSTAP1;c:\progra~1\EFFICI~1\ENTERN~1\app\NTSTAP1.SYS [28/12/2005 1:20 PM 120128]
    S3 NTSTAP2;NTSTAP2;c:\progra~1\EFFICI~1\ENTERN~1\app\NTSTAP2.SYS [31/12/2005 2:22 PM 120128]
    S3 PSEXESVC;PsExec; [x]
    S3 RAWESR;RAWESR;c:\progra~1\EFFICI~1\ENTERN~1\app\RAWESR.SYS [28/12/2005 1:20 PM 12924]
    S3 SIWIO;SIWIO;\??\c:\windows\TEMP\SiwIo.sys --> c:\windows\TEMP\SiwIo.sys [?]
    S3 TAPBIND;TAPBIND;c:\progra~1\EFFICI~1\ENTERN~1\app\TAPBIND1.SYS [28/12/2005 1:20 PM 44544]
    S3 uti2mte3;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\uti2mte3.sys --> c:\windows\system32\Drivers\uti2mte3.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504]
    S4 EYOWS;EYOWS; [x]
    S4 HYLEOYVA;HYLEOYVA; [x]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2007-08-23 07:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 01:50]
    .
    2011-05-08 c:\windows\Tasks\User_Feed_Synchronization-{3571BDA7-0595-4FEC-B0F8-5145FB9BC0C7}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 18:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://pegasus2.pearsoned.com/Pegasus/Modules/TeachingPlan/frmCoursePreview.aspx
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    uInternet Settings,ProxyOverride = *.local
    IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    FF - ProfilePath - c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
    FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
    FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    pref(dom.disable_open_during_load, true);
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-08 16:45
    Windows 5.1.2600 Service Pack 3 FAT NTAPI
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(988)
    c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    c:\windows\system32\WININET.dll
    .
    - - - - - - - > 'explorer.exe'(1624)
    c:\windows\system32\WININET.dll
    c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
    c:\windows\system32\ieframe.dll
    .
    Completion time: 2011-05-08 16:47:14
    ComboFix-quarantined-files.txt 2011-05-08 06:47
    ComboFix2.txt 2011-05-08 06:32
    ComboFix3.txt 2010-11-07 04:32
    ComboFix4.txt 2010-06-24 03:11
    ComboFix5.txt 2011-05-08 06:39
    .
    Pre-Run: 14,079,918,080 bytes free
    Post-Run: 14,066,352,128 bytes free
    .
    - - End Of File - - 00E4F98295AEA250DDC0EFC205193972
    Attached Files
    Last edited by Net_Surfer; 05-08-2011 at 03:36 AM.

  4. #14
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default

    just tried to do another antimalwarebytes scan 11.24 no error number or code.
    just do you want to send to microsoft.
    sorry no other information.
    kevin

  5. #15
    Member Net_Surfer's Avatar
    Join Date
    May 2008
    Location
    Paradise Ca.
    Posts
    1,179
    Points
    89
    Blog Entries
    4

    Default

    Hi

    Step 1.
    *If The infection created a Proxy with your internet connection. We will need to reset that.

    Recheck by doing the following:

    Do this....

    - In IE: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    - In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver.

    Reboot and check your internet connection.

    If that was not the problem do the following steps:

    Step 2.
    Let's try this:

    TCP/IP stack repair options for use with Windows XP with SP2 or SP3.

    Go to Start, Run, type in CMD, and press OK to open a command prompt.


    To reset WINSOCK entries to installation defaults type in the following and press Enter:

    netsh winsock reset catalog


    To reset TCP/IP stack to installation defaults type in the following and press Enter:

    netsh int ip reset reset.log


    Reboot the machine and let me know if that helped.

    Try running these three tools...Do not attach the report logs...just copy and paste so I can research the files:

    Step 3.

    SUPERANTISPYWARE

    Please download and scan with SUPERAntiSpyware Free
    • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
    • In the Main Menu, click the Preferences... button.
    • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
    • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen and exit the program.
    • Do not run a scan just yet.
    Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

    Scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Please copy and paste the Scan Log results in your next reply.
    • Click Close to exit the program.


    Step 4.

    Download aswMBR.exe ( 511KB ) to your desktop.

    Double click the aswMBR.exe to run it


    Click the "Scan" button to start scan



    On completion of the scan click save log, save it to your desktop and post in your next reply


    THEN

    Step 5.

    * ESET Online Scan

    Sometimes malware that is removed from your computer leaves other traces behind. These traces may not be active, but they are unwanted on your computer.
    Therefore, by using ESET online scanner it is possible for us to find leftover or missed malware files on your computer and we can now further clean up your computer
    .

    You can use either Internet Explorer or Mozilla FireFox for this scan.
    NOTE:This scan requires Internet Explorer to work. Vista/Windows 7 users need to run Internet Explorer as Administrator.
    To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu
    .
    • Please go here then click on:
      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats IS checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
    • Now click on:
    • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    • Copy and paste that log as a reply to this topic.

    NOTE: A log.txt file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.
    If you did not save the ESETScan log, click Start > Run..., then type or copy and paste everything inside the code box below into the Open dialogue box:

    Code:
    C:\Program Files\ESET\EsetOnlineScanner\log.txt
    • Click Ok and the scan results will open in Notepad.
    • Copy and paste the contents of log.txt in your next reply.


    In some instances if no malware is found there will be no log produced.

    Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.
    ~~~~~~~~~~~~~
    Note:
    *If you are running a 64bit system:
    The ESET Online Scanner is a 32-bit application, which means it must be run through in the 32-bit version of Internet Explorer, and as an Administrator. To do so, right-click on the Internet Explorer (32-bit) icon in the Start Menu and select "Run as administrator" from the context menu.

    Please DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean and free of malware!!!
    Our help here is always free but it does cost money to keep the site running. If you feel we've helped you kindly, Click here: >> Please Donate to the Forum <<


    "Obstacles are what you see when yo take your eyes off your Goals"

    Net_Surfer is a Graduate of BleepingComputer Malware Removal Training ProgramYou too could train to help others!.

  6. #16
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default log files for checking

    HI again Net Surfer,
    I have included some log files for you including and antimalwarebytes.
    still having massive issues with internet connectivity to main desktop that is connected to modem. wireless connection does not appear to be compromised at all. No drop outs of service where the main pc is continually off and on.
    nothing else of real change other then maybe a slow boot up or maybe i am just a little impatient at the moment but it is slower i think.
    Attached Files

  7. #17
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default

    netsh int ip reset reset.log was not found on computer

  8. #18
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default

    doing anti spyware scan be a awhile.
    kevin

  9. #19
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default superantispyware log

    Here is log for super anti spyware.
    moving onto next task.
    internet still cutting in and out.
    talk again soon.
    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 05/08/2011 at 11:03 PM

    Application Version : 4.52.1000

    Core Rules Database Version : 6999
    Trace Rules Database Version: 4824

    Scan type : Complete Scan
    Total Scan Time : 01:50:30

    Memory items scanned : 268
    Memory threats detected : 0
    Registry items scanned : 9435
    Registry threats detected : 0
    File items scanned : 178528
    File threats detected : 12

    Adware.Tracking Cookie
    .liveperson.net [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .liveperson.net [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .solvemedia.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .solvemedia.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    in.getclicky.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .serving-sys.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .serving-sys.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .serving-sys.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .serving-sys.com [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]
    .kaspersky.122.2o7.net [ C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\p0v4s0iu.default\cookies.sqlite ]

    Trojan.Agent/Gen-Nullo[Short]
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{1711600E-71F2-4E3B-86F0-245F39CE4318}\RP2409\A0517025.EXE

  10. #20
    Member
    Join Date
    May 2011
    Posts
    39
    Points
    0

    Default aswmbr files

    have to do online eset in the morning have to get some sleep.
    seem to be removing more things every scan so the layers are unraveling. having a win i would think.
    there was an mbr date file that would not upload is that right?
    thanks for staying with it.
    kevin
    ~~~~~~~~~~~~~~~~
    aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
    Run date: 2011-05-08 23:44:01
    -----------------------------
    23:44:01.296 OS Version: Windows 5.1.2600 Service Pack 3
    23:44:01.296 Number of processors: 1 586 0x2F02
    23:44:01.296 ComputerName: KAMMBOYD UserName: Kevin
    23:44:02.687 Initialize success
    23:44:25.531 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007d
    23:44:25.531 Disk 0 Vendor: ST3160021A 3.06 Size: 152627MB BusType: 3
    23:44:25.531 Disk 0 MBR read successfully
    23:44:25.531 Disk 0 MBR scan
    23:44:25.531 Disk 0 Windows XP default MBR code
    23:44:25.531 Disk 0 scanning sectors +312576705
    23:44:25.562 Disk 0 scanning C:\WINDOWS\system32\drivers
    23:44:37.453 Service scanning
    23:44:38.718 Disk 0 trace - called modules:
    23:44:38.734 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvatabus.sys
    23:44:38.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a84dab8]
    23:44:38.734 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000007f[0x8a7f0f18]
    23:44:38.734 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\0000007d[0x8a7a2030]
    23:44:38.734 Scan finished successfully
    23:45:15.203 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kevin\Desktop\MBR.dat"
    23:45:15.203 The log file has been saved successfully to "C:\Documents and Settings\Kevin\Desktop\aswMBR.txt"
    Attached Files
    Last edited by Net_Surfer; 05-08-2011 at 04:10 PM. Reason: Please Copy and Paste the report logs.

Page 2 of 5 FirstFirst 1234 ... LastLast