Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HJT log and ComboFix log


  • This topic is locked This topic is locked

#1
tostrye

tostrye

    Member

  • Member
  • PipPip
  • 17 posts
Logfile of HijackThis v1.99.1
Scan saved at 1:27:28 PM, on 2/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\DOCUME~1\OLIVER~1\LOCALS~1\Temp\clclean.0001
C:\WINDOWS\system32\svchosts.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\PRISMSVC.EXE
c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Napster\napster.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tunebite\tunebite.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Documents and Settings\Oliver Clothesoff\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {A63121E8-9405-9BF3-5D55-9B1BC8704291} - C:\WINDOWS\system32\vfdyd.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {A63121E8-9405-9BF3-5D55-9B1BC8704291} - C:\WINDOWS\system32\vfdyd.dll
O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38D9D~1\Bar888.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38D9D~1\Bar888.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ChrisTV Agent] "C:\Program Files\ChrisTV Lite\ChrisTV_Agent.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [tunebite.exe] C:\Program Files\Tunebite\tunebite.exe -hidden
O4 - HKCU\..\Run: [Sen] "C:\PROGRA~1\WNSXS~1\alg.exe" -vt yazb
O4 - HKCU\..\Run: [Brcpoot] "C:\Documents and Settings\Oliver Clothesoff\Application Data\?asks\u?erinit.exe" 99001122
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O20 - Winlogon Notify: PRISMAPI.DLL - C:\WINDOWS\SYSTEM32\PRISMAPI.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000046 (file missing)
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PRISMSVC - Conexant Systems, Inc. - C:\WINDOWS\system32\PRISMSVC.EXE
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe






Oliver Clothesoff - 07-02-08 13:21:41.98 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\Oliver Clothesoff\Desktop"

(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))




* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\wnsintsv.exe
C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\Inetget2
C:\Program Files\Common Files\{38D9DC5C-0C78-1033-0331-060506210001}
C:\WINDOWS\T2xpdmVyIENsb3RoZXNvZmY
C:\Program Files\Common Files\{78D9DC5C-0C78-1033-0331-060506210001}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Program Files\WNSXS~1
C:\QooBox\Purity\Program Files\Common Files\RACLE~1
C:\QooBox\Purity\Program Files\WNSXS~1\alg.exe
C:\QooBox\Purity\Program Files\WNSXS~1\W?nSxS
C:\QooBox\Purity\WINDOWS\ASKS~1


((((((((((((((((((((((((((((((( Files Created from 2007-01-08 to 2007-02-08 ))))))))))))))))))))))))))))))))))


2007-02-07 23:19 60,416 --a------ C:\WINDOWS\system32\vfdyd.dll
2007-02-04 22:56 36,864 --a------ C:\WINDOWS\system32\svchosts.exe
2007-02-04 22:56 2,560 --a------ C:\WINDOWS\system32\unsvchosts.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-02-08 13:24 -------- d-------- C:\Program Files\Common Files
2007-02-08 13:23 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\uTorrent
2007-02-08 13:20 -------- d-------- C:\Program Files\Mozilla Thunderbird
2007-02-08 13:20 -------- d-------- C:\Program Files\Mozilla Firefox
2007-02-08 13:18 -------- d-------- C:\Program Files\DC++
2007-02-08 00:24 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\dvdcss
2007-02-07 00:08 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\çasks
2007-02-06 20:03 -------- d-------- C:\Program Files\Ipwindows
2007-02-05 17:37 -------- d-------- C:\Program Files\Common Files\ouqq
2007-02-05 16:37 -------- d-------- C:\Program Files\City of Heroes
2007-02-05 02:24 -------- d-------- C:\Program Files\Outerinfo
2007-02-04 22:40 -------- d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files
2007-02-04 22:40 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2007-02-04 22:40 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\SmartFTP
2007-02-04 11:31 -------- d-------- C:\Program Files\Project64 1.6
2007-02-02 15:44 -------- d-------- C:\Program Files\tunebite
2007-02-02 15:44 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\RTPlayer
2007-02-02 15:40 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\tunebite
2007-01-29 23:43 -------- d-------- C:\Program Files\Winamp
2007-01-29 22:26 -------- d-------- C:\Program Files\Windows Media Player
2007-01-29 21:51 -------- d-------- C:\Program Files\Windows Media Connect 2
2007-01-26 21:11 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\Adobe
2007-01-24 19:42 -------- d-------- C:\Documents and Settings\Oliver Clothesoff\Application Data\U3
2007-01-14 09:07 -------- d-------- C:\Program Files\Cisco Systems
2007-01-09 16:18 -------- d--h----- C:\Program Files\InstallShield Installation Information
2007-01-09 16:17 -------- d-------- C:\Program Files\AltoMP3 Gold
2007-01-09 16:14 -------- d-------- C:\Program Files\XVideoConverter
2007-01-04 13:17 -------- d-------- C:\Program Files\Java
2006-12-25 13:46 12400 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-12-25 13:38 -------- d-------- C:\Program Files\Maxis
2006-12-23 15:59 -------- d-------- C:\Program Files\Bonjour
2006-12-23 15:58 -------- d-------- C:\Program Files\Kodak
2006-12-23 15:57 -------- d-------- C:\Program Files\Common Files\Kodak
2006-12-20 16:01 -------- d-------- C:\Program Files\allTunes
2006-12-14 00:24 -------- d-------- C:\Program Files\Outlook Express
2006-12-14 00:24 -------- d-------- C:\Program Files\Common Files\System
2006-11-16 10:33 3814 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SetDefaultMIDI"="MIDIDef.exe"
"Creative Detector"="\"C:\\Program Files\\Creative\\MediaSource\\Detector\\CTDetect.exe\" /R"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"tunebite.exe"="C:\\Program Files\\Tunebite\\tunebite.exe -hidden"
"Sen"="\"C:\\PROGRA~1\\WNSXS~1\\alg.exe\" -vt yazb"
"Brcpoot"="\"C:\\Documents and Settings\\Oliver Clothesoff\\Application Data\\?asks\\u?erinit.exe\" 99001122"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"MBMon"="Rundll32 CTMBHA.DLL,MBMon"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"MSKDetectorExe"="C:\\Program Files\\McAfee\\SpamKiller\\MSKDetct.exe /uninstall"
"ChrisTV Agent"="\"C:\\Program Files\\ChrisTV Lite\\ChrisTV_Agent.exe\""
"NWEReboot"=""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb07.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"NapsterShell"="C:\\Program Files\\Napster\\napster.exe /systray"
"SigmatelSysTrayApp"="stsystra.exe"
"CTSysVol"="C:\\Program Files\\Creative\\SBAudigy\\Surround Mixer\\CTSysVol.exe /r"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
@=""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"_NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma Loader"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Bluetooth Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\Bluetooth Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Toshiba\\BLUETO~1\\TosBtMng.exe "
"item"="Bluetooth Manager"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wireless USB 2.0 WLAN Card Utility.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Wireless USB 2.0 WLAN Card Utility.lnk"
"backup"="C:\\WINDOWS\\pss\\Wireless USB 2.0 WLAN Card Utility.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\DELLWI~1\\PRISMCFG.exe /START"
"item"="Wireless USB 2.0 WLAN Card Utility"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Oliver Clothesoff^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\Oliver Clothesoff\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MediaDetect"
"hkey"="HKLM"
"command"="C:\\Program Files\\Corel\\Corel Photo Album 6\\MediaDetect.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DMXLauncher"
"hkey"="HKLM"
"command"="C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="isuspm"
"hkey"="HKLM"
"command"="\"c:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QBReminderFlash]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QBReminder"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Intuit\\QuickBooks 2005\\Atom\\QBReminder.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealPlay"
"hkey"="HKLM"
"command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Winamp\\winampa.exe"
"inimapping"="0"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PRISMAPI.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\SAVService
Completion time: 07-02-08 13:24:13.84
C:\ComboFix.txt ... 07-02-08 13:24
C:\ComboFix2.txt ... 06-11-18 17:29
C:\ComboFix3.txt ... 06-11-18 17:28
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Program Files\WNSXS~1
C:\QooBox\Purity\Program Files\Common Files\RACLE~1
C:\QooBox\Purity\Program Files\WNSXS~1\alg.exe
C:\QooBox\Purity\Program Files\WNSXS~1\W?nSxS
C:\QooBox\Purity\WINDOWS\ASKS~1


((((((((((((((((((((((((((((((( Files Created from 2002-07-07 to 2002/08/2007 ))))))))))))))))))))))))))))))))))


No new files created in this timespan


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2012/25/2006 01:46 PM 12400 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2012/22/2004 06:58 AM 8704 --a------ C:\WINDOWS\system32\drivers\PFMODNT.SYS
2011/11/2005 09:34 PM 353728 --a------ C:\WINDOWS\system32\drivers\PRISMA02.sys
2011/03/2005 03:00 AM 2560 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
2011/03/2005 03:00 AM 2432 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
2011/02/2006 10:33 AM 816672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2011/02/2005 03:47 PM 10368 -ra------ C:\WINDOWS\system32\drivers\pfc.sys
2011/02/2004 02:12 PM 19456 --a------ C:\WINDOWS\system32\drivers\iqvw32.sys
2010/25/2005 06:39 PM 27264 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2010/25/2005 06:39 PM 143104 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2010/18/2006 08:00 PM 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2010/16/2006 11:11 AM 3968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2010/14/2004 08:30 PM 155648 --a------ C:\WINDOWS\system32\drivers\e100b325.sys
2010/11/2005 11:04 PM 20747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2009/29/2004 05:28 PM 134912 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2009/28/2006 07:00 PM 82944 --------- C:\WINDOWS\system32\drivers\WudfRd.sys
2009/28/2006 06:55 PM 77568 --------- C:\WINDOWS\system32\drivers\WudfPf.sys
2009/22/2004 05:41 PM 20608 --a------ C:\WINDOWS\system32\drivers\emAudio.sys
2009/21/2006 02:21 PM 112128 --a------ C:\WINDOWS\system32\drivers\tosrfbd.sys
2009/18/2006 11:54 AM 16640 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys
2009/14/2005 05:01 PM 824512 -ra------ C:\WINDOWS\system32\drivers\hcwPVRP2.sys
2009/11/2006 09:17 AM 53248 --a------ C:\WINDOWS\system32\drivers\tosrfsnd.sys
2009/10/2004 06:00 AM 84064 --a------ C:\WINDOWS\system32\drivers\sentinel.sys
2009/10/1999 06:06 AM 25244 --a------ C:\WINDOWS\system32\drivers\aspi32.sys
2009/09/2006 04:31 AM 30988 --a------ C:\WINDOWS\system32\drivers\scdemu.sys
2009/09/2005 02:47 PM 9344 --a------ C:\WINDOWS\system32\drivers\tosrfec.sys
2009/07/2006 10:37 AM 40192 --a------ C:\WINDOWS\system32\drivers\tosrfusb.sys
2008/27/2006 03:41 AM 28416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2008/26/2006 08:03 PM 4224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2008/24/2006 10:47 PM 36528 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2008/21/2006 04:14 AM 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2008/18/2006 02:08 PM 46336 --a------ C:\WINDOWS\system32\drivers\tosporte.sys
2008/17/2001 12:59 PM 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008/17/2001 12:58 PM 35840 --a------ C:\WINDOWS\system32\drivers\isapnp.sys
2008/17/2001 12:52 PM 7680 --a------ C:\WINDOWS\system32\drivers\cd20xrnt.sys
2008/17/2001 12:52 PM 49024 --a------ C:\WINDOWS\system32\drivers\ql1280.sys
2008/17/2001 12:52 PM 45312 --a------ C:\WINDOWS\system32\drivers\ql12160.sys
2008/17/2001 12:52 PM 40448 --a------ C:\WINDOWS\system32\drivers\ql1240.sys
2008/17/2001 12:52 PM 40320 --a------ C:\WINDOWS\system32\drivers\ql1080.sys
2008/17/2001 12:52 PM 36736 --a------ C:\WINDOWS\system32\drivers\ultra.sys
2008/17/2001 12:52 PM 33152 --a------ C:\WINDOWS\system32\drivers\ql10wnt.sys
2008/17/2001 12:52 PM 26496 --a------ C:\WINDOWS\system32\drivers\asc.sys
2008/17/2001 12:52 PM 23552 --a------ C:\WINDOWS\system32\drivers\ABP480N5.SYS
2008/17/2001 12:52 PM 22400 --a------ C:\WINDOWS\system32\drivers\asc3350p.sys
2008/17/2001 12:52 PM 179584 --a------ C:\WINDOWS\system32\drivers\dac2w2k.sys
2008/17/2001 12:52 PM 17280 --a------ C:\WINDOWS\system32\drivers\mraid35x.sys
2008/17/2001 12:52 PM 16000 --a------ C:\WINDOWS\system32\drivers\ini910u.sys
2008/17/2001 12:52 PM 14976 --a------ C:\WINDOWS\system32\drivers\cpqarray.sys
2008/17/2001 12:52 PM 14720 --a------ C:\WINDOWS\system32\drivers\dac960nt.sys
2008/17/2001 12:52 PM 13952 --a------ C:\WINDOWS\system32\drivers\cbidf2k.sys
2008/17/2001 12:52 PM 12800 --a------ C:\WINDOWS\system32\drivers\aha154x.sys
2008/17/2001 12:52 PM 125056 --a------ C:\WINDOWS\system32\drivers\ftdisk.sys
2008/17/2001 12:52 PM 12032 --a------ C:\WINDOWS\system32\drivers\amsint.sys
2008/17/2001 12:51 PM 6656 --a------ C:\WINDOWS\system32\drivers\cmdide.sys
2008/17/2001 12:51 PM 5248 --a------ C:\WINDOWS\system32\drivers\aliide.sys
2008/17/2001 12:51 PM 4992 --a------ C:\WINDOWS\system32\drivers\toside.sys
2008/17/2001 12:51 PM 3328 --a------ C:\WINDOWS\system32\drivers\pciide.sys
2008/17/2001 12:51 PM 14848 --a------ C:\WINDOWS\system32\drivers\asc3550.sys
2008/17/2001 12:48 PM 12160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008/17/2001 12:46 PM 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008/17/2001 01:07 PM 56960 --a------ C:\WINDOWS\system32\drivers\aic78xx.sys
2008/17/2001 01:07 PM 55168 --a------ C:\WINDOWS\system32\drivers\aic78u2.sys
2008/17/2001 01:07 PM 5504 --a------ C:\WINDOWS\system32\drivers\perc2hib.sys
2008/17/2001 01:07 PM 32640 --a------ C:\WINDOWS\system32\drivers\symc8xx.sys
2008/17/2001 01:07 PM 30688 --a------ C:\WINDOWS\system32\drivers\sym_u3.sys
2008/17/2001 01:07 PM 28384 --a------ C:\WINDOWS\system32\drivers\sym_hi.sys
2008/17/2001 01:07 PM 27296 --a------ C:\WINDOWS\system32\drivers\perc2.sys
2008/17/2001 01:07 PM 25952 --a------ C:\WINDOWS\system32\drivers\hpn.sys
2008/17/2001 01:07 PM 20192 --a------ C:\WINDOWS\system32\drivers\dpti2o.sys
2008/17/2001 01:07 PM 19072 --a------ C:\WINDOWS\system32\drivers\sparrow.sys
2008/17/2001 01:07 PM 16256 --a------ C:\WINDOWS\system32\drivers\symc810.sys
2008/17/2001 01:07 PM 101888 --a------ C:\WINDOWS\system32\drivers\adpu160m.sys
2008/17/2001 01:02 PM 9600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008/17/2001 01:00 PM 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2008/16/2006 04:37 AM 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2008/15/2005 11:08 AM 5888 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2008/15/2005 11:08 AM 127488 --a------ C:\WINDOWS\system32\drivers\imagesrv.sys
2008/14/2006 05:34 AM 332928 --a------ C:\WINDOWS\system32\drivers\srv.sys
2008/12/2004 04:45 PM 137728 --------- C:\WINDOWS\system32\drivers\Hdaudbus.sys
2008/12/2004 04:45 PM 113664 --------- C:\WINDOWS\system32\drivers\Hdaudio.sys
2008/04/2005 03:10 AM 1273344 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2008/04/2004 12:01 AM 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2008/04/2004 04:00 AM 96256 --a------ C:\WINDOWS\system32\drivers\scsiport.sys
2008/04/2004 04:00 AM 9600 --a------ C:\WINDOWS\system32\drivers\ndistapi.sys
2008/04/2004 04:00 AM 92032 --a------ C:\WINDOWS\system32\drivers\ksecdd.sys
2008/04/2004 04:00 AM 91776 --a------ C:\WINDOWS\system32\drivers\ndiswan.sys
2008/04/2004 04:00 AM 88448 --a------ C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008/04/2004 04:00 AM 8832 --a------ C:\WINDOWS\system32\drivers\rasacd.sys
2008/04/2004 04:00 AM 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2008/04/2004 04:00 AM 799744 --a------ C:\WINDOWS\system32\drivers\dmboot.sys
2008/04/2004 04:00 AM 79744 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2008/04/2004 04:00 AM 7936 --a------ C:\WINDOWS\system32\drivers\fs_rec.sys
2008/04/2004 04:00 AM 7680 --a------ C:\WINDOWS\system32\drivers\mcd.sys
2008/04/2004 04:00 AM 74752 --a------ C:\WINDOWS\system32\drivers\ipsec.sys
2008/04/2004 04:00 AM 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2008/04/2004 04:00 AM 71552 --a------ C:\WINDOWS\system32\drivers\bridge.sys
2008/04/2004 04:00 AM 71040 --a------ C:\WINDOWS\system32\drivers\dxg.sys
2008/04/2004 04:00 AM 69120 --a------ C:\WINDOWS\system32\drivers\psched.sys
2008/04/2004 04:00 AM 6784 --a------ C:\WINDOWS\system32\drivers\parvdm.sys
2008/04/2004 04:00 AM 67584 --a------ C:\WINDOWS\system32\drivers\sdbus.sys
2008/04/2004 04:00 AM 66176 --a------ C:\WINDOWS\system32\drivers\udfs.sys
2008/04/2004 04:00 AM 64896 --a------ C:\WINDOWS\system32\drivers\serial.sys
2008/04/2004 04:00 AM 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2008/04/2004 04:00 AM 63744 --a------ C:\WINDOWS\system32\drivers\cdfs.sys
2008/04/2004 04:00 AM 63232 --a------ C:\WINDOWS\system32\drivers\nwlnknb.sys
2008/04/2004 04:00 AM 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2008/04/2004 04:00 AM 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2008/04/2004 04:00 AM 59904 --a------ C:\WINDOWS\system32\drivers\atmarpc.sys
2008/04/2004 04:00 AM 5888 --a------ C:\WINDOWS\system32\drivers\rootmdm.sys
2008/04/2004 04:00 AM 5888 --a------ C:\WINDOWS\system32\drivers\dmload.sys
2008/04/2004 04:00 AM 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2008/04/2004 04:00 AM 574592 --a------ C:\WINDOWS\system32\drivers\ntfs.sys
2008/04/2004 04:00 AM 55936 --a------ C:\WINDOWS\system32\drivers\nwlnkspx.sys
2008/04/2004 04:00 AM 55936 --a------ C:\WINDOWS\system32\drivers\atmlane.sys
2008/04/2004 04:00 AM 52736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2008/04/2004 04:00 AM 52352 --a------ C:\WINDOWS\system32\drivers\volsnap.sys
2008/04/2004 04:00 AM 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2008/04/2004 04:00 AM 51328 --a------ C:\WINDOWS\system32\drivers\rasl2tp.sys
2008/04/2004 04:00 AM 49664 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2008/04/2004 04:00 AM 49536 --a------ C:\WINDOWS\system32\drivers\cdrom.sys
2008/04/2004 04:00 AM 48384 --a------ C:\WINDOWS\system32\drivers\raspptp.sys
2008/04/2004 04:00 AM 4736 --a------ C:\WINDOWS\system32\drivers\usbd.sys
2008/04/2004 04:00 AM 4352 --a------ C:\WINDOWS\system32\drivers\wmilib.sys
2008/04/2004 04:00 AM 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2008/04/2004 04:00 AM 42240 --a------ C:\WINDOWS\system32\drivers\mountmgr.sys
2008/04/2004 04:00 AM 4224 --a------ C:\WINDOWS\system32\drivers\rdpcdd.sys
2008/04/2004 04:00 AM 4224 --a------ C:\WINDOWS\system32\drivers\mnmdd.sys
2008/04/2004 04:00 AM 4224 --a------ C:\WINDOWS\system32\drivers\beep.sys
2008/04/2004 04:00 AM 41856 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2008/04/2004 04:00 AM 41472 --a------ C:\WINDOWS\system32\drivers\raspppoe.sys
2008/04/2004 04:00 AM 40320 --a------ C:\WINDOWS\system32\drivers\nmnt.sys
2008/04/2004 04:00 AM 38016 --a------ C:\WINDOWS\system32\drivers\ndproxy.sys
2008/04/2004 04:00 AM 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2008/04/2004 04:00 AM 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2008/04/2004 04:00 AM 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2008/04/2004 04:00 AM 36352 --a------ C:\WINDOWS\system32\drivers\disk.sys
2008/04/2004 04:00 AM 36224 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2008/04/2004 04:00 AM 36096 --a------ C:\WINDOWS\system32\drivers\intelppm.sys
2008/04/2004 04:00 AM 35328 --a------ C:\WINDOWS\system32\drivers\processr.sys
2008/04/2004 04:00 AM 352256 --a------ C:\WINDOWS\system32\drivers\atmuni.sys
2008/04/2004 04:00 AM 35072 --a------ C:\WINDOWS\system32\drivers\msgpc.sys
2008/04/2004 04:00 AM 34944 --a------ C:\WINDOWS\system32\drivers\fips.sys
2008/04/2004 04:00 AM 34560 --a------ C:\WINDOWS\system32\drivers\wanarp.sys
2008/04/2004 04:00 AM 34560 --a------ C:\WINDOWS\system32\drivers\netbios.sys
2008/04/2004 04:00 AM 3456 --a------ C:\WINDOWS\system32\drivers\oprghdlr.sys
2008/04/2004 04:00 AM 34432 --a------ C:\WINDOWS\system32\drivers\rawwan.sys
2008/04/2004 04:00 AM 3328 --a------ C:\WINDOWS\system32\drivers\dxgthk.sys
2008/04/2004 04:00 AM 32896 --a------ C:\WINDOWS\system32\drivers\ipfltdrv.sys
2008/04/2004 04:00 AM 32512 --a------ C:\WINDOWS\system32\drivers\nwlnkfwd.sys
2008/04/2004 04:00 AM 31360 --a------ C:\WINDOWS\system32\drivers\atmepvc.sys
2008/04/2004 04:00 AM 30848 --a------ C:\WINDOWS\system32\drivers\npfs.sys
2008/04/2004 04:00 AM 30080 --a------ C:\WINDOWS\system32\drivers\rndismp.sys
2008/04/2004 04:00 AM 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2008/04/2004 04:00 AM 2944 --a------ C:\WINDOWS\system32\drivers\null.sys
2008/04/2004 04:00 AM 29056 --a------ C:\WINDOWS\system32\drivers\ip6fw.sys
2008/04/2004 04:00 AM 27392 --a------ C:\WINDOWS\system32\drivers\fdc.sys
2008/04/2004 04:00 AM 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2008/04/2004 04:00 AM 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2008/04/2004 04:00 AM 24960 --a------ C:\WINDOWS\system32\drivers\hidparse.sys
2008/04/2004 04:00 AM 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2008/04/2004 04:00 AM 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2008/04/2004 04:00 AM 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2008/04/2004 04:00 AM 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2008/04/2004 04:00 AM 20992 --a------ C:\WINDOWS\system32\drivers\vga.sys
2008/04/2004 04:00 AM 20992 --a------ C:\WINDOWS\system32\drivers\ipinip.sys
2008/04/2004 04:00 AM 209408 --a------ C:\WINDOWS\system32\drivers\update.sys
2008/04/2004 04:00 AM 20480 --a------ C:\WINDOWS\system32\drivers\flpydisk.sys
2008/04/2004 04:00 AM 19072 --a------ C:\WINDOWS\system32\drivers\msfs.sys
2008/04/2004 04:00 AM 187776 --a------ C:\WINDOWS\system32\drivers\acpi.sys
2008/04/2004 04:00 AM 18688 --a------ C:\WINDOWS\system32\drivers\partmgr.sys
2008/04/2004 04:00 AM 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2008/04/2004 04:00 AM 18560 --a------ C:\WINDOWS\system32\drivers\tdi.sys
2008/04/2004 04:00 AM 182912 --a------ C:\WINDOWS\system32\drivers\ndis.sys
2008/04/2004 04:00 AM 181248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2008/04/2004 04:00 AM 17792 --a------ C:\WINDOWS\system32\drivers\ptilink.sys
2008/04/2004 04:00 AM 16512 --a------ C:\WINDOWS\system32\drivers\raspti.sys
2008/04/2004 04:00 AM 162816 --a------ C:\WINDOWS\system32\drivers\netbt.sys
2008/04/2004 04:00 AM 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2008/04/2004 04:00 AM 15488 --a------ C:\WINDOWS\system32\drivers\serenum.sys
2008/04/2004 04:00 AM 153344 --a------ C:\WINDOWS\system32\drivers\dmio.sys
2008/04/2004 04:00 AM 14976 --a------ C:\WINDOWS\system32\drivers\tape.sys
2008/04/2004 04:00 AM 14592 --a------ C:\WINDOWS\system32\drivers\smclib.sys
2008/04/2004 04:00 AM 143360 --a------ C:\WINDOWS\system32\drivers\fastfat.sys
2008/04/2004 04:00 AM 14336 --a------ C:\WINDOWS\system32\drivers\asyncmac.sys
2008/04/2004 04:00 AM 14208 --a------ C:\WINDOWS\system32\drivers\diskdump.sys
2008/04/2004 04:00 AM 138496 --a------ C:\WINDOWS\system32\drivers\afd.sys
2008/04/2004 04:00 AM 12928 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2008/04/2004 04:00 AM 12672 --a------ C:\WINDOWS\system32\drivers\usb8023.sys
2008/04/2004 04:00 AM 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2008/04/2004 04:00 AM 12416 --a------ C:\WINDOWS\system32\drivers\nwlnkflt.sys
2008/04/2004 04:00 AM 12160 --a------ C:\WINDOWS\system32\drivers\fsvga.sys
2008/04/2004 04:00 AM 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2008/04/2004 04:00 AM 12032 --a------ C:\WINDOWS\system32\drivers\ws2ifsl.sys
2008/04/2004 04:00 AM 12032 --a------ C:\WINDOWS\system32\drivers\riodrv.sys
2008/04/2004 04:00 AM 12032 --a------ C:\WINDOWS\system32\drivers\rio8drv.sys
2008/04/2004 04:00 AM 12032 --a------ C:\WINDOWS\system32\drivers\nikedrv.sys
2008/04/2004 04:00 AM 119936 --a------ C:\WINDOWS\system32\drivers\pcmcia.sys
2008/04/2004 04:00 AM 11776 --a------ C:\WINDOWS\system32\drivers\cpqdap01.sys
2008/04/2004 04:00 AM 11648 --a------ C:\WINDOWS\system32\drivers\acpiec.sys
2008/04/2004 04:00 AM 11392 --a------ C:\WINDOWS\system32\drivers\sfloppy.sys
2008/04/2004 04:00 AM 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2008/04/2004 04:00 AM 11136 --a------ C:\WINDOWS\system32\drivers\sffdisk.sys
2008/04/2004 04:00 AM 107904 --a------ C:\WINDOWS\system32\drivers\mup.sys
2008/04/2004 04:00 AM 10496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys
2008/04/2004 04:00 AM 10240 --a------ C:\WINDOWS\system32\drivers\sffp_sd.sys
2008/03/2004 11:15 PM 140928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2008/03/2004 11:10 PM 59648 --a------ C:\WINDOWS\system32\drivers\rfcomm.sys
2008/03/2004 11:10 PM 274304 --a------ C:\WINDOWS\system32\drivers\bthport.sys
2008/03/2004 11:10 PM 18944 --a------ C:\WINDOWS\system32\drivers\BTHUSB.SYS
2008/03/2004 11:10 PM 17024 --a------ C:\WINDOWS\system32\drivers\BthEnum.sys
2008/03/2004 11:08 PM 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008/03/2004 11:08 PM 48640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2008/03/2004 10:58 PM 100992 --a------ C:\WINDOWS\system32\drivers\bthpan.sys
2008/03/2004 10:15 PM 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2008/03/2004 10:10 PM 85376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2008/03/2004 10:10 PM 61056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2008/03/2004 10:10 PM 53248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2008/03/2004 10:10 PM 19328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2008/03/2004 10:10 PM 17024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2008/03/2004 10:10 PM 15360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2008/03/2004 10:10 PM 11136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2008/03/2004 10:10 PM 10880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2008/03/2004 10:08 PM 57600 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2008/03/2004 10:08 PM 31616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008/03/2004 10:08 PM 26496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2008/03/2004 10:08 PM 20480 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2008/03/2004 10:07 PM 68224 --a------ C:\WINDOWS\system32\drivers\pci.sys
2008/03/2004 10:07 PM 59264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008/03/2004 10:07 PM 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2008/03/2004 10:07 PM 44928 --a------ C:\WINDOWS\system32\drivers\AGPCPQ.SYS
2008/03/2004 10:07 PM 43008 --a------ C:\WINDOWS\system32\drivers\AMDAGP.SYS
2008/03/2004 10:07 PM 42752 --a------ C:\WINDOWS\system32\drivers\ALIM1541.SYS
2008/03/2004 10:07 PM 42368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2008/03/2004 10:07 PM 42240 --a------ C:\WINDOWS\system32\drivers\VIAAGP.SYS
2008/03/2004 10:07 PM 41088 --a------ C:\WINDOWS\system32\drivers\SISAGP.SYS
2008/03/2004 10:07 PM 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2008/03/2004 10:07 PM 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2008/03/2004 10:01 PM 25856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008/03/2004 10:01 PM 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2008/03/2004 10:00 PM 8192 --a------ C:\WINDOWS\system32\drivers\i2omgmt.sys
2008/03/2004 10:00 PM 18560 --a------ C:\WINDOWS\system32\drivers\i2omp.sys
2008/03/2004 09:59 PM 95360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2008/03/2004 09:59 PM 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008/03/2004 09:59 PM 5504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2008/03/2004 09:59 PM 5376 --a------ C:\WINDOWS\system32\drivers\viaide.sys
2008/03/2004 09:59 PM 25088 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2008/03/2004 09:58 PM 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2008/03/2004 09:58 PM 5504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2008/03/2004 09:58 PM 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2008/03/2004 09:58 PM 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2008/03/2004 09:58 PM 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2008/03/2004 09:58 PM 24576 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2008/03/2004 09:58 PM 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2008/03/2004 09:58 PM 15104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008/03/2004 09:58 PM 14848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008/03/2004 09:29 PM 1897408 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2008/01/2005 04:45 PM 64896 --a------ C:\WINDOWS\system32\drivers\tosrfcom.sys
2008/01/2002 09:53 PM 160672 --a------ C:\WINDOWS\system32\drivers\tosrfpcc.sys
2007/14/2006 02:03 PM 14448 --a------ C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2007/13/2006 03:48 AM 202240 --a------ C:\WINDOWS\system32\drivers\rmcast.sys
2007/11/2005 06:58 PM 3712 --a------ C:\WINDOWS\system32\drivers\toshidpt.sys
2007/01/2003 12:52 PM 16320 --a------ C:\WINDOWS\system32\drivers\tostrans.sys
2006/14/2006 04:00 AM 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006/14/2006 03:47 AM 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006/14/2006 03:47 AM 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006/09/2005 11:09 PM 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2006/06/2005 03:40 AM 180736 --a------ C:\WINDOWS\system32\drivers\sthda.sys
2005/29/2006 01:11 PM 60672 --a------ C:\WINDOWS\system32\drivers\tosrfhid.sys
2005/25/2005 04:34 AM 158464 --a------ C:\WINDOWS\system32\drivers\CTUSFSYN.SYS
2005/07/2003 02:54 PM 8960 --a------ C:\WINDOWS\system32\drivers\usbbc2.sys
2005/05/2006 04:47 AM 174592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2005/05/2006 04:41 AM 453120 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2004/25/2005 09:08 AM 168576 --a------ C:\WINDOWS\system32\drivers\emDevice.sys
2004/20/2006 06:51 AM 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2004/11/2005 09:50 AM 5248 --a------ C:\WINDOWS\system32\drivers\emFilter.sys
2004/11/2005 09:50 AM 5120 --a------ C:\WINDOWS\system32\drivers\emScan.sys
2004/07/2003 09:52 PM 21120 --a------ C:\WINDOWS\system32\drivers\tosbtsd2.sys
2003/24/2005 09:11 PM 1350272 --a------ C:\WINDOWS\system32\drivers\sigfilt.sys
2003/20/2006 03:52 PM 49664 --a------ C:\WINDOWS\system32\drivers\tosdbt.sys
2003/16/2006 10:45 AM 37632 --a------ C:\WINDOWS\system32\drivers\tosrfbnp.sys
2003/16/2006 07:33 PM 262784 --a------ C:\WINDOWS\system32\drivers\http.sys
2003/16/2004 10:58 AM 136960 --a------ C:\WINDOWS\system32\drivers\portcls.sys


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Rootkey: 'AA.TXT'


Unknown Root
  • 0

Advertisements


#2
Crustyoldbloke

Crustyoldbloke

    Old Malware Surgeon with a shaky scalpel

  • Retired Staff
  • 15,131 posts
Please abide by the rules of the forum and only post one topic, do not duplicate or bump your post. You already have help from Sari with your live topic in malware here:

http://www.geekstogo...s...st&p=899637

Please remember that ALL members of staff here at Geeks To Go are volunteers with their own families and lives making demands upon their time. They give as much time as they can spare, but it will never be enough to satisfy everyone.

Thanks for your co-operation..

This topic is now closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP