| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 85412 | 2007-12-09 17:50:00 | cant seem to delete this trojan.. | FogHornLegHorn (12562) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 619721 | 2008-02-11 21:36:00 | i still get the pop ups...i ran both programs like u said. Only Trogan Remover found something. | caaguila (13124) | ||
| 619722 | 2008-02-11 21:59:00 | What did u do when trojan remover found whatever?? Remove its reference if it was in the registry? Is there an entry for IEdefender in add/remove programs? Run my computer or whatever its called in Vista. Right mouse, on c: and select scan with trojan remover. Whatever it picks up as malware, remove / delete the file. Can you take a snapshot (press print screen on the keyboard), and paste it in a graphics program, if u have 1. So, we can see what the popup says. And upload it here (http://imagef1.net.nz/) And post the link this site gives u back here |
Speedy Gonzales (78) | ||
| 619723 | 2008-02-11 22:39:00 | There were four options and I picked the 2nd from the top which is the one you said i believe... I looked in the add/remove and didn't find the IEdefender in there... The scan is still running... The pop up says "System Error! Your computer was infected by unknown trojan. It's dangerous for your system (critical files can be lost)! Click OK to download the antispyware program to clean your system(recommended) |
caaguila (13124) | ||
| 619724 | 2008-02-11 23:20:00 | You really know your stuff don't you speedy? You should get paid for this. *impressed stupor* | Thebananamonkey (7741) | ||
| 619725 | 2008-02-11 23:33:00 | lol. Well, I'm getting there ! I think most of the users here, who get infected with something, dont "look" and "check" what programs do before they install them. These annoying rogue software programs, and things like these fake video codecs, are a PITA! Its probably coz I'm not doing anything else (most of the time), why I'm actually replying to any of these threads/posts ! I might as well do something useful, besides looking at a screen. |
Speedy Gonzales (78) | ||
| 619726 | 2008-02-11 23:39:00 | this is what that scan reported: ***** DRIVE/DIRECTORY SCAN ***** Trojan Remover Ver 6.6.5.2510. For information, email support@simplysup1.com [Unregistered version] Scan started at: 2/11/2008 3:22:52 PM Using Database v6935 Operating System: Windows Vista (Build 6000) Edition: Windows Vista (TM) Home Premium File System: NTFS User Account Control is Enabled. Data directory: C:\Users\Teenah\AppData\Roaming\Simply Super Software\Trojan Remover\ Logfile directory: C:\Users\Teenah\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files\Trojan Remover\ Running with Administrator privileges ************************************************** The following Anti-Malware program(s) are loaded: McAfee Anti-Virus Microsoft Windows Defender ************************************************** Carrying out scan on C:\ (including subdirectories) Archive files will be EXCLUDED. ------------------------------ C:\Boot\BCD appears to be in-use/locked C:\ProgramData\McAfee\VirusScan\Data\TFR249F.tmp appears to be in-use/locked C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d3 890b053f7d12b6c1fee95e5ea66fef_ba409ad0-abf7-4b42-b784-d13f9b477df6 appears to be in-use/locked C:\Users\All Users\McAfee\VirusScan\Data\TFR249F.tmp appears to be in-use/locked C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\d3890b053f7 d12b6c1fee95e5ea66fef_ba409ad0-abf7-4b42-b784-d13f9b477df6 appears to be in-use/locked C:\Users\Teenah\AppData\Local\Microsoft\Windows Defender\FileTracker\{329FA61F-BF3B-4E60-93C0-3483499D841C} appears to be in-use/locked C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat appears to be in-use/locked C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat appears to be in-use/locked C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb appears to be in-use/locked C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb appears to be in-use/locked C:\Windows\System32\config\COMPONENTS appears to be in-use/locked C:\Windows\System32\config\RegBack\COMPONENTS appears to be in-use/locked C:\Windows\System32\config\RegBack\DEFAULT appears to be in-use/locked C:\Windows\System32\config\RegBack\SAM appears to be in-use/locked C:\Windows\System32\config\RegBack\SECURITY appears to be in-use/locked C:\Windows\System32\config\RegBack\SOFTWARE appears to be in-use/locked C:\Windows\System32\config\RegBack\SYSTEM appears to be in-use/locked C:\Windows\Temp\mcafee_ZwbAFNELg5b54NU appears to be in-use/locked C:\Windows\Temp\mcmsc_QiPL4X06562lrGw appears to be in-use/locked C:\Windows\Temp\sqlite_hucv1H04dAKOdLY appears to be in-use/locked C:\Windows\Temp\sqlite_SdfiLHz1CzPH8ki appears to be in-use/locked C:\Windows\Temp\sqlite_VaaWALYiBdYD883 appears to be in-use/locked C:\Windows\Temp\sqlite_yBeBgp5DB34MihR appears to be in-use/locked ------------------------------ 97365 files scanned Directory scan complete - no Malware files detected Scan completed at: 2/11/2008 4:37:18 PM ************************************************** ********** ***** NORMAL SCAN FOR ACTIVE MALWARE ***** Trojan Remover Ver 6.6.5.2510. For information, email support@simplysup1.com [Unregistered version] Scan started at: 2/11/2008 3:14:44 PM Using Database v6935 Operating System: Windows Vista (Build 6000) Edition: Windows Vista (TM) Home Premium File System: NTFS User Account Control is Enabled. Data directory: C:\Users\Teenah\AppData\Roaming\Simply Super Software\Trojan Remover\ Logfile directory: C:\Users\Teenah\Documents\Simply Super Software\Trojan Remover Logfiles\ Program directory: C:\Program Files\Trojan Remover\ Running with Administrator privileges ************************************************** The following Anti-Malware program(s) are loaded: McAfee Anti-Virus Microsoft Windows Defender ************************************************** ************************************************** 3:14:44 PM: Scanning ----------WIN.INI----------- WIN.INI found in C:\Windows ************************************************** 3:14:44 PM: Scanning --------SYSTEM.INI--------- SYSTEM.INI found in C:\Windows ************************************************** 3:14:44 PM: ----- SCANNING FOR ROOTKIT SERVICES ----- No hidden Services were detected. ************************************************** 3:14:45 PM: Scanning -----WINDOWS REGISTRY----- -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon This key's "Shell" value calls the following program(s): File: explorer.exe C:\Windows\explorer.exe 2923520 bytes Created: 11/14/2007 Modified: 11/14/2007 Company: Microsoft Corporation ---------- This key's "Userinit" value calls the following program(s): File: C:\Windows\system32\userinit.exe C:\Windows\system32\userinit.exe 24576 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -------------------- Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Value Name: load -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value Name: IgfxTray Value Data: C:\Windows\system32\igfxtray.exe C:\Windows\system32\igfxtray.exe 142104 bytes Created: 5/25/2007 Modified: 5/25/2007 Company: Intel Corporation -------------------- Value Name: HotKeysCmds Value Data: C:\Windows\system32\hkcmd.exe C:\Windows\system32\hkcmd.exe 154392 bytes Created: 5/25/2007 Modified: 5/25/2007 Company: Intel Corporation -------------------- Value Name: Persistence Value Data: C:\Windows\system32\igfxpers.exe C:\Windows\system32\igfxpers.exe 138008 bytes Created: 5/25/2007 Modified: 5/25/2007 Company: Intel Corporation -------------------- Value Name: Camera Assistant Software Value Data: "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe 413696 bytes Created: 9/21/2007 Modified: 4/10/2007 Company: Chicony -------------------- Value Name: SynTPEnh Value Data: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 894512 bytes Created: 6/25/2007 Modified: 6/7/2007 Company: Synaptics, Inc. -------------------- Value Name: Windows Defender Value Data: %ProgramFiles%\Windows Defender\MSASCui.exe -hide C:\Program Files\Windows Defender\MSASCui.exe 1006264 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Value Name: SVPWUTIL Value Data: C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe 438272 bytes Created: 3/22/2006 Modified: 3/22/2006 Company: TOSHIBA -------------------- Value Name: KeNotify Value Data: C:\Program Files\TOSHIBA\Utilities\KeNotify.exe C:\Program Files\TOSHIBA\Utilities\KeNotify.exe 34352 bytes Created: 11/6/2006 Modified: 11/6/2006 Company: -------------------- Value Name: TPwrMain Value Data: %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE 411192 bytes Created: 3/29/2007 Modified: 3/29/2007 Company: TOSHIBA Corporation -------------------- Value Name: HSON Value Data: %ProgramFiles%\TOSHIBA\TBS\HSON.exe C:\Program Files\TOSHIBA\TBS\HSON.exe 55416 bytes Created: 12/7/2006 Modified: 12/7/2006 Company: TOSHIBA Corporation -------------------- Value Name: SmoothView Value Data: %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe 448632 bytes Created: 3/22/2007 Modified: 3/22/2007 Company: TOSHIBA Corporation -------------------- Value Name: 00TCrdMain Value Data: %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe 538744 bytes Created: 5/22/2007 Modified: 5/22/2007 Company: TOSHIBA Corporation -------------------- Value Name: MskAgentexe Value Data: C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\McAfee\MSK\MskAgent.exe 152144 bytes Created: 10/20/2007 Modified: 1/17/2007 Company: McAfee Inc. -------------------- Value Name: RtHDVCpl Value Data: RtHDVCpl.exe C:\Windows\RtHDVCpl.exe 4489216 bytes Created: 6/26/2007 Modified: 6/12/2007 Company: Realtek Semiconductor -------------------- Value Name: SiteAdvisor Value Data: C:\Program Files\SiteAdvisor\6172\SiteAdv.exe C:\Program Files\SiteAdvisor\6172\SiteAdv.exe 35928 bytes Created: 10/21/2007 Modified: 10/18/2006 Company: McAfee, Inc. -------------------- Value Name: QuickTime Task Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime C:\Program Files\QuickTime\QTTask.exe 286720 bytes Created: 10/19/2007 Modified: 10/19/2007 Company: Apple Inc. -------------------- Value Name: mcagent_exe Value Data: C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey C:\Program Files\McAfee.com\Agent\mcagent.exe 582992 bytes Created: 1/22/2008 Modified: 8/3/2007 Company: McAfee, Inc. -------------------- Value Name: TrojanScanner Value Data: C:\Program Files\Trojan Remover\Trjscan.exe C:\Program Files\Trojan Remover\Trjscan.exe 744528 bytes Created: 2/11/2008 Modified: 2/9/2008 Company: Simply Super Software -------------------- -------------------- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Once This Registry Key appears to be empty -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run Value Name: TOSCDSPD Value Data: C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe 417792 bytes Created: 5/30/2007 Modified: 1/22/2007 Company: TOSHIBA -------------------- Value Name: ehTray.exe Value Data: C:\Windows\ehome\ehTray.exe C:\Windows\ehome\ehTray.exe 125440 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Value Name: WMPNSCFG Value Data: C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe 201728 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Value Name: SUPERAntiSpyware Value Data: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 1318912 bytes Created: 6/21/2007 Modified: 6/21/2007 Company: SUPERAntiSpyware.com -------------------- -------------------- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run Once This Registry Key appears to be empty ************************************************** 3:14:47 PM: Scanning -----SHELLEXECUTEHOOKS----- ValueName: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} File: C:\Program Files\SUPERAntiSpyware\SASSEH.DLL C:\Program Files\SUPERAntiSpyware\SASSEH.DLL 77824 bytes Created: 12/20/2006 Modified: 12/20/2006 Company: SuperAdBlocker.com ---------- ************************************************** 3:14:47 PM: Scanning -----HIDDEN REGISTRY ENTRIES----- Taskdir check completed ---------- No Hidden File-loading Registry Entries found ---------- ************************************************** 3:14:47 PM: Scanning -----ACTIVE SCREENSAVER----- ScreenSaver: C:\Windows\system32\Aurora.scr C:\Windows\system32\Aurora.scr 1370624 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- ************************************************** 3:14:47 PM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----- Key: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} Path: C:\Windows\system32\unregmp2.exe C:\Windows\system32\unregmp2.exe 310784 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: >{26923b43-4d38-484f-9b9e-de460746276c} Path: C:\Windows\system32\ie4uinit.exe C:\Windows\system32\ie4uinit.exe 70656 bytes Created: 12/14/2007 Modified: 12/14/2007 Company: Microsoft Corporation ---------- Key: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} Path: %SystemRoot%\system32\regsvr32.exe C:\Windows\system32\regsvr32.exe 14336 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} Path: %ProgramFiles%\Windows Mail\WinMail.exe C:\Program Files\Windows Mail\WinMail.exe 397312 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation ---------- Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6} Path: %SystemRoot%\system32\unregmp2.exe C:\Windows\system32\unregmp2.exe 310784 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4340} Path: regsvr32.exe regsvr32.exe 14336 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: {89820200-ECBD-11cf-8B85-00AA005B4383} Path: C:\Windows\system32\ie4uinit.exe C:\Windows\system32\ie4uinit.exe 70656 bytes Created: 12/14/2007 Modified: 12/14/2007 Company: Microsoft Corporation ---------- ************************************************** 3:14:49 PM: Scanning ----- SERVICEDLL REGISTRY KEYS ----- Key: AeLookupSvc Path: %SystemRoot%\System32\aelupsvc.dll C:\Windows\System32\aelupsvc.dll 24576 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Appinfo Path: %SystemRoot%\System32\appinfo.dll C:\Windows\System32\appinfo.dll 33280 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: AudioEndpointBuilder Path: %SystemRoot%\System32\Audiosrv.dll C:\Windows\System32\Audiosrv.dll 310272 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Audiosrv Path: %SystemRoot%\System32\Audiosrv.dll C:\Windows\System32\Audiosrv.dll 310272 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: BFE Path: %SystemRoot%\System32\bfe.dll C:\Windows\System32\bfe.dll 317440 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: BITS Path: %SystemRoot%\System32\qmgr.dll C:\Windows\System32\qmgr.dll 750080 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: Browser Path: %SystemRoot%\System32\browser.dll C:\Windows\System32\browser.dll 81408 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: CertPropSvc Path: %SystemRoot%\System32\certprop.dll C:\Windows\System32\certprop.dll 39936 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: CryptSvc Path: %SystemRoot%\system32\cryptsvc.dll C:\Windows\system32\cryptsvc.dll 123392 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: DcomLaunch Path: %SystemRoot%\system32\rpcss.dll C:\Windows\system32\rpcss.dll 545792 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Dhcp Path: %SystemRoot%\System32\dhcpcsvc.dll C:\Windows\System32\dhcpcsvc.dll 204800 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: Dnscache Path: %SystemRoot%\System32\dnsrslvr.dll C:\Windows\System32\dnsrslvr.dll 83968 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: dot3svc Path: %SystemRoot%\System32\dot3svc.dll C:\Windows\System32\dot3svc.dll 146944 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: DPS Path: %SystemRoot%\system32\dps.dll C:\Windows\system32\dps.dll 134656 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: EapHost Path: %SystemRoot%\System32\eapsvc.dll C:\Windows\System32\eapsvc.dll 34816 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: ehstart Path: %SystemRoot%\ehome\ehstart.dll C:\Windows\ehome\ehstart.dll 13312 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: EMDMgmt Path: %systemroot%\system32\emdmgmt.dll C:\Windows\system32\emdmgmt.dll 560640 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: EventSystem Path: %systemroot%\system32\es.dll C:\Windows\system32\es.dll 259584 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: fdPHost Path: %SystemRoot%\system32\fdPHost.dll C:\Windows\system32\fdPHost.dll 12800 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: FDResPub Path: %SystemRoot%\system32\fdrespub.dll C:\Windows\system32\fdrespub.dll 27648 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: gpsvc Path: %SystemRoot%\System32\gpsvc.dll C:\Windows\System32\gpsvc.dll 569344 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: hidserv Path: %SystemRoot%\system32\hidserv.dll C:\Windows\system32\hidserv.dll 25600 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: hkmsvc Path: %SystemRoot%\system32\kmsvc.dll C:\Windows\system32\kmsvc.dll 69120 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: IKEEXT Path: %SystemRoot%\System32\ikeext.dll C:\Windows\System32\ikeext.dll 416768 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: IPBusEnum Path: %SystemRoot%\system32\ipbusenum.dll C:\Windows\system32\ipbusenum.dll 74240 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: iphlpsvc Path: %SystemRoot%\System32\iphlpsvc.dll C:\Windows\System32\iphlpsvc.dll 178688 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: KtmRm Path: %systemroot%\system32\msdtckrm.dll C:\Windows\system32\msdtckrm.dll 284672 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: LanmanServer Path: %SystemRoot%\system32\srvsvc.dll C:\Windows\system32\srvsvc.dll 121344 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: LanmanWorkstation Path: %SystemRoot%\System32\wkssvc.dll C:\Windows\System32\wkssvc.dll 156160 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: lltdsvc Path: %SystemRoot%\System32\lltdsvc.dll C:\Windows\System32\lltdsvc.dll 188416 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: lmhosts Path: %SystemRoot%\System32\lmhsvc.dll C:\Windows\System32\lmhsvc.dll 18944 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Mcx2Svc Path: %SystemRoot%\system32\Mcx2Svc.dll C:\Windows\system32\Mcx2Svc.dll 51712 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: MMCSS Path: %SystemRoot%\system32\mmcss.dll C:\Windows\system32\mmcss.dll 45056 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: MpsSvc Path: %SystemRoot%\system32\mpssvc.dll C:\Windows\system32\mpssvc.dll 396800 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: MSiSCSI Path: %systemroot%\system32\iscsiexe.dll C:\Windows\system32\iscsiexe.dll 111104 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: napagent Path: %SystemRoot%\system32\qagentRT.dll C:\Windows\system32\qagentRT.dll 277504 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Netman Path: %SystemRoot%\System32\netman.dll C:\Windows\System32\netman.dll 273920 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: netprofm Path: %SystemRoot%\System32\netprofm.dll C:\Windows\System32\netprofm.dll 235520 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: NlaSvc Path: %SystemRoot%\System32\nlasvc.dll C:\Windows\System32\nlasvc.dll 171520 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: nsi Path: %systemroot%\system32\nsisvc.dll C:\Windows\system32\nsisvc.dll 18432 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: p2pimsvc Path: %SystemRoot%\system32\p2psvc.dll C:\Windows\system32\p2psvc.dll 656384 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: p2psvc Path: %SystemRoot%\system32\p2psvc.dll C:\Windows\system32\p2psvc.dll 656384 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: PcaSvc Path: %SystemRoot%\System32\pcasvc.dll C:\Windows\System32\pcasvc.dll 37888 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: pla Path: %systemroot%\system32\pla.dll C:\Windows\system32\pla.dll 1499136 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: PlugPlay Path: %SystemRoot%\system32\umpnpmgr.dll C:\Windows\system32\umpnpmgr.dll 221184 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: PNRPAutoReg Path: %SystemRoot%\system32\p2psvc.dll C:\Windows\system32\p2psvc.dll 656384 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: PNRPsvc Path: %SystemRoot%\system32\p2psvc.dll C:\Windows\system32\p2psvc.dll 656384 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: PolicyAgent Path: %SystemRoot%\System32\ipsecsvc.dll C:\Windows\System32\ipsecsvc.dll 361984 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: ProfSvc Path: %systemroot%\system32\profsvc.dll C:\Windows\system32\profsvc.dll 152576 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: QWAVE Path: %windir%\system32\qwave.dll C:\Windows\system32\qwave.dll 242176 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: RasAuto Path: %SystemRoot%\System32\rasauto.dll C:\Windows\System32\rasauto.dll 90624 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: RasMan Path: %SystemRoot%\System32\rasmans.dll C:\Windows\System32\rasmans.dll 234496 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: RemoteAccess Path: %SystemRoot%\System32\mprdim.dll C:\Windows\System32\mprdim.dll 65536 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: RemoteRegistry Path: %SystemRoot%\system32\regsvc.dll C:\Windows\system32\regsvc.dll 105984 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: RpcSs Path: %SystemRoot%\system32\rpcss.dll C:\Windows\system32\rpcss.dll 545792 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SCardSvr Path: %SystemRoot%\System32\SCardSvr.dll C:\Windows\System32\SCardSvr.dll 95232 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Schedule Path: %systemroot%\system32\schedsvc.dll C:\Windows\system32\schedsvc.dll 595456 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SCPolicySvc Path: %SystemRoot%\System32\certprop.dll C:\Windows\System32\certprop.dll 39936 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SDRSVC Path: %Systemroot%\System32\SDRSVC.dll C:\Windows\System32\SDRSVC.dll 102912 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: seclogon Path: %windir%\system32\seclogon.dll C:\Windows\system32\seclogon.dll 19968 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SENS Path: %SystemRoot%\System32\sens.dll C:\Windows\System32\sens.dll 47104 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SessionEnv Path: %SystemRoot%\system32\sessenv.dll C:\Windows\system32\sessenv.dll 92160 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SharedAccess Path: %SystemRoot%\System32\ipnathlp.dll C:\Windows\System32\ipnathlp.dll 286208 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: ShellHWDetection Path: %SystemRoot%\System32\shsvcs.dll C:\Windows\System32\shsvcs.dll 245248 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SLUINotify Path: %SystemRoot%\system32\SLUINotify.dll C:\Windows\system32\SLUINotify.dll 57856 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: SSDPSRV Path: %SystemRoot%\System32\ssdpsrv.dll C:\Windows\System32\ssdpsrv.dll 155136 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: stisvc Path: %SystemRoot%\System32\wiaservc.dll C:\Windows\System32\wiaservc.dll 451584 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: swprv Path: %Systemroot%\System32\swprv.dll C:\Windows\System32\swprv.dll 292864 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: SysMain Path: %systemroot%\system32\sysmain.dll C:\Windows\system32\sysmain.dll 542720 bytes Created: 11/14/2007 Modified: 11/14/2007 Company: Microsoft Corporation -------------------- Key: TabletInputService Path: %SystemRoot%\System32\TabSvc.dll C:\Windows\System32\TabSvc.dll 68096 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: TapiSrv Path: %SystemRoot%\System32\tapisrv.dll C:\Windows\System32\tapisrv.dll 242688 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: TBS Path: %SystemRoot%\System32\tbssvc.dll C:\Windows\System32\tbssvc.dll 54784 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: TermService Path: %SystemRoot%\System32\termsrv.dll C:\Windows\System32\termsrv.dll 427520 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Themes Path: %SystemRoot%\system32\shsvcs.dll C:\Windows\system32\shsvcs.dll 245248 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: THREADORDER Path: %SystemRoot%\system32\mmcss.dll C:\Windows\system32\mmcss.dll 45056 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: TrkWks Path: %SystemRoot%\System32\trkwks.dll C:\Windows\System32\trkwks.dll 75264 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: upnphost Path: %SystemRoot%\System32\upnphost.dll C:\Windows\System32\upnphost.dll 259072 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: UxSms Path: %SystemRoot%\System32\uxsms.dll C:\Windows\System32\uxsms.dll 28672 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: W32Time Path: %systemroot%\system32\w32time.dll C:\Windows\system32\w32time.dll 270848 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: wcncsvc Path: %SystemRoot%\System32\wcncsvc.dll C:\Windows\System32\wcncsvc.dll 249344 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WcsPlugInService Path: %SystemRoot%\System32\WcsPlugInService.dll C:\Windows\System32\WcsPlugInService.dll 32256 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WdiServiceHost Path: %SystemRoot%\system32\wdi.dll C:\Windows\system32\wdi.dll 74240 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WdiSystemHost Path: %SystemRoot%\system32\wdi.dll C:\Windows\system32\wdi.dll 74240 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WebClient Path: %SystemRoot%\System32\webclnt.dll C:\Windows\System32\webclnt.dll 194048 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Wecsvc Path: %SystemRoot%\system32\wecsvc.dll C:\Windows\system32\wecsvc.dll 152576 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: wercplsupport Path: %SystemRoot%\System32\wercplsupport.dll C:\Windows\System32\wercplsupport.dll 63488 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WerSvc Path: %SystemRoot%\System32\WerSvc.dll C:\Windows\System32\WerSvc.dll 127488 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WinDefend Path: %ProgramFiles%\Windows Defender\mpsvc.dll C:\Program Files\Windows Defender\mpsvc.dll 265912 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: WinHttpAutoProxySvc Path: winhttp.dll winhttp.dll 376832 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Winmgmt Path: %SystemRoot%\system32\wbem\WMIsvc.dll C:\Windows\system32\wbem\WMIsvc.dll 161280 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WinRM Path: %SystemRoot%\system32\WsmSvc.dll C:\Windows\system32\WsmSvc.dll 450048 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: Wlansvc Path: %SystemRoot%\System32\wlansvc.dll C:\Windows\System32\wlansvc.dll 502784 bytes Created: 11/14/2007 Modified: 11/14/2007 Company: Microsoft Corporation -------------------- Key: WPCSvc Path: %SystemRoot%\System32\wpcsvc.dll C:\Windows\System32\wpcsvc.dll 141824 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: WPDBusEnum Path: %SystemRoot%\system32\wpdbusenum.dll C:\Windows\system32\wpdbusenum.dll 70144 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: wscsvc Path: %SystemRoot%\System32\wscsvc.dll C:\Windows\System32\wscsvc.dll 52224 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- Key: wuauserv Path: %systemroot%\system32\wuaueng.dll C:\Windows\system32\wuaueng.dll 1712984 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation -------------------- Key: wudfsvc Path: %SystemRoot%\System32\WUDFSvc.dll C:\Windows\System32\WUDFSvc.dll 55296 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation -------------------- ************************************************** 3:14:56 PM: Scanning ----- SERVICES REGISTRY KEYS ----- Key: a2AntiMalware ImagePath: "C:\Program Files\a-squared Anti-Malware\a2service.exe" C:\Program Files\a-squared Anti-Malware\a2service.exe 366712 bytes Created: 2/8/2008 Modified: 1/7/2008 Company: Emsi Software GmbH ---------- Key: ACPI ImagePath: system32\drivers\acpi.sys C:\Windows\system32\drivers\acpi.sys 258232 bytes Created: 11/14/2007 Modified: 11/14/2007 Company: Microsoft Corporation ---------- Key: adp94xx ImagePath: \SystemRoot\system32\drivers\adp94xx.sys C:\Windows\system32\drivers\adp94xx.sys 420968 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: adpahci ImagePath: \SystemRoot\system32\drivers\adpahci.sys C:\Windows\system32\drivers\adpahci.sys 297576 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: adpu160m ImagePath: \SystemRoot\system32\drivers\adpu160m.sys C:\Windows\system32\drivers\adpu160m.sys 98408 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: adpu320 ImagePath: \SystemRoot\system32\drivers\adpu320.sys C:\Windows\system32\drivers\adpu320.sys 147048 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: AFD ImagePath: \SystemRoot\system32\drivers\afd.sys C:\Windows\system32\drivers\afd.sys 270336 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: AgereModemAudio ImagePath: C:\Windows\system32\agrsmsvc.exe C:\Windows\system32\agrsmsvc.exe 9216 bytes Created: 10/5/2006 Modified: 10/5/2006 Company: Agere Systems ---------- Key: AgereSoftModem ImagePath: system32\DRIVERS\AGRSM.sys C:\Windows\system32\DRIVERS\AGRSM.sys 1161888 bytes Created: 11/28/2006 Modified: 11/28/2006 Company: Agere Systems ---------- Key: agp440 ImagePath: \SystemRoot\system32\drivers\agp440.sys C:\Windows\system32\drivers\agp440.sys 53864 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: aic78xx ImagePath: \SystemRoot\system32\drivers\djsvs.sys C:\Windows\system32\drivers\djsvs.sys 71272 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: ALG ImagePath: %SystemRoot%\System32\alg.exe C:\Windows\System32\alg.exe 58880 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: aliide ImagePath: \SystemRoot\system32\drivers\aliide.sys C:\Windows\system32\drivers\aliide.sys 14952 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Acer Laboratories Inc. ---------- Key: amdagp ImagePath: \SystemRoot\system32\drivers\amdagp.sys C:\Windows\system32\drivers\amdagp.sys 54888 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: amdide ImagePath: \SystemRoot\system32\drivers\amdide.sys C:\Windows\system32\drivers\amdide.sys 15464 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: AmdK7 ImagePath: \SystemRoot\system32\drivers\amdk7.sys C:\Windows\system32\drivers\amdk7.sys 38912 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: AmdK8 ImagePath: \SystemRoot\system32\drivers\amdk8.sys C:\Windows\system32\drivers\amdk8.sys 40960 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: arc ImagePath: \SystemRoot\system32\drivers\arc.sys C:\Windows\system32\drivers\arc.sys 67688 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: arcsas ImagePath: \SystemRoot\system32\drivers\arcsas.sys C:\Windows\system32\drivers\arcsas.sys 67688 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Adaptec, Inc. ---------- Key: AsyncMac ImagePath: system32\DRIVERS\asyncmac.sys C:\Windows\system32\DRIVERS\asyncmac.sys 17408 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: atapi ImagePath: system32\drivers\atapi.sys C:\Windows\system32\drivers\atapi.sys 21560 bytes Created: 1/14/2008 Modified: 1/14/2008 Company: Microsoft Corporation ---------- Key: blbdrive ImagePath: \SystemRoot\system32\drivers\blbdrive.sys - file is missing - alert is globally excluded ---------- Key: bowser ImagePath: system32\DRIVERS\bowser.sys C:\Windows\system32\DRIVERS\bowser.sys 69632 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: BRCMDECO ImagePath: system32\DRIVERS\BRCMHD32.sys C:\Windows\system32\DRIVERS\BRCMHD32.sys 68864 bytes Created: 9/21/2007 Modified: 5/15/2007 Company: Broadcom Corporation ---------- Key: BrFiltLo ImagePath: \SystemRoot\system32\drivers\brfiltlo.sys C:\Windows\system32\drivers\brfiltlo.sys 13568 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Brother Industries, Ltd. ---------- Key: BrFiltUp ImagePath: \SystemRoot\system32\drivers\brfiltup.sys C:\Windows\system32\drivers\brfiltup.sys 5248 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Brother Industries, Ltd. ---------- Key: Brserid ImagePath: \SystemRoot\system32\drivers\brserid.sys C:\Windows\system32\drivers\brserid.sys 71808 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Brother Industries Ltd. ---------- Key: BrSerWdm ImagePath: \SystemRoot\system32\drivers\brserwdm.sys C:\Windows\system32\drivers\brserwdm.sys 62336 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Brother Industries Ltd. ---------- Key: BrUsbMdm ImagePath: \SystemRoot\system32\drivers\brusbmdm.sys C:\Windows\system32\drivers\brusbmdm.sys 12160 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Brother Industries Ltd. ---------- Key: BrUsbSer ImagePath: \SystemRoot\system32\drivers\brusbser.sys C:\Windows\system32\drivers\brusbser.sys 11904 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Brother Industries Ltd. ---------- Key: BTHMODEM ImagePath: \SystemRoot\system32\drivers\bthmodem.sys C:\Windows\system32\drivers\bthmodem.sys 39936 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: cdfs ImagePath: system32\DRIVERS\cdfs.sys C:\Windows\system32\DRIVERS\cdfs.sys 70144 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: cdrom ImagePath: system32\DRIVERS\cdrom.sys C:\Windows\system32\DRIVERS\cdrom.sys 67072 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: CFSvcs ImagePath: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 40960 bytes Created: 5/30/2007 Modified: 11/14/2006 Company: TOSHIBA CORPORATION ---------- Key: circlass ImagePath: \SystemRoot\system32\drivers\circlass.sys C:\Windows\system32\drivers\circlass.sys 35328 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: CLFS ImagePath: System32\CLFS.sys C:\Windows\System32\CLFS.sys 221800 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: clr_optimization_v2.0.50727_32 ImagePath: %systemroot%\Microsoft.NET\Framework\v2.0.50727\ms corsvw.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe 59392 bytes Created: 11/1/2006 Modified: 11/1/2006 Company: Microsoft Corporation ---------- Key: CmBatt ImagePath: system32\DRIVERS\CmBatt.sys C:\Windows\system32\DRIVERS\CmBatt.sys 14208 bytes Created: 11/14/2007 Modified: 11/14/2007 Company: Microsoft Corporation ---------- Key: cmdide ImagePath: \SystemRoot\system32\drivers\cmdide.sys C:\Windows\system32\drivers\cmdide.sys 16488 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: CMD Technology, Inc. ---------- Key: Compbatt ImagePath: system32\DRIVERS\compbatt.sys C:\Windows\system32\DRIVERS\compbatt.sys 20920 bytes Created: 11/14/2007 Modified: 11/14/2007 Company: Microsoft Corporation ---------- Key: COMSysApp ImagePath: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} C:\Windows\system32\dllhost.exe 7168 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: crcdisk ImagePath: system32\drivers\crcdisk.sys C:\Windows\system32\drivers\crcdisk.sys 22632 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: Crusoe ImagePath: \SystemRoot\system32\drivers\crusoe.sys C:\Windows\system32\drivers\crusoe.sys 38912 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: DfsC ImagePath: System32\Drivers\dfsc.sys C:\Windows\System32\Drivers\dfsc.sys 74752 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: DFSR ImagePath: %SystemRoot%\system32\DFSR.exe C:\Windows\system32\DFSR.exe 2089984 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: disk ImagePath: system32\drivers\disk.sys C:\Windows\system32\drivers\disk.sys 52840 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: drmkaud ImagePath: system32\drivers\drmkaud.sys C:\Windows\system32\drivers\drmkaud.sys 5632 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: DXGKrnl ImagePath: \SystemRoot\System32\drivers\dxgkrnl.sys C:\Windows\System32\drivers\dxgkrnl.sys 619008 bytes Created: 10/20/2007 Modified: 10/20/2007 Company: Microsoft Corporation ---------- Key: E1G60 ImagePath: system32\DRIVERS\E1G60I32.sys C:\Windows\system32\DRIVERS\E1G60I32.sys 117760 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Intel Corporation ---------- Key: Ecache ImagePath: System32\drivers\ecache.sys C:\Windows\System32\drivers\ecache.sys 132200 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: ehRecvr ImagePath: %systemroot%\ehome\ehRecvr.exe C:\Windows\ehome\ehRecvr.exe 291840 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: ehSched ImagePath: %systemroot%\ehome\ehsched.exe C:\Windows\ehome\ehsched.exe 131072 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: elxstor ImagePath: \SystemRoot\system32\drivers\elxstor.sys C:\Windows\system32\drivers\elxstor.sys 316520 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Emulex ---------- Key: Emproxy ImagePath: C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe 341328 bytes Created: 10/20/2007 Modified: 10/5/2007 Company: McAfee, Inc. ---------- Key: EvtEng ImagePath: C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 643072 bytes Created: 3/6/2007 Modified: 3/6/2007 Company: Intel Corporation ---------- Key: fdc ImagePath: system32\DRIVERS\fdc.sys C:\Windows\system32\DRIVERS\fdc.sys 25088 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: FileInfo ImagePath: system32\drivers\fileinfo.sys C:\Windows\system32\drivers\fileinfo.sys 56424 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: Filetrace ImagePath: system32\drivers\filetrace.sys C:\Windows\system32\drivers\filetrace.sys 27648 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: flpydisk ImagePath: system32\DRIVERS\flpydisk.sys C:\Windows\system32\DRIVERS\flpydisk.sys 20480 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: FltMgr ImagePath: system32\drivers\fltmgr.sys C:\Windows\system32\drivers\fltmgr.sys 183912 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: FontCache3.0.0.0 ImagePath: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\Pres entationFontCache.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe 36864 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: gagp30kx ImagePath: \SystemRoot\system32\drivers\gagp30kx.sys C:\Windows\system32\drivers\gagp30kx.sys 58984 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: HdAudAddService ImagePath: system32\drivers\HdAudio.sys C:\Windows\system32\drivers\HdAudio.sys 235520 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: HDAudBus ImagePath: system32\DRIVERS\HDAudBus.sys C:\Windows\system32\DRIVERS\HDAudBus.sys 53760 bytes Created: 5/30/2007 Modified: 5/30/2007 Company: Microsoft Corporation ---------- Key: HidBth ImagePath: \SystemRoot\system32\drivers\hidbth.sys C:\Windows\system32\drivers\hidbth.sys 29184 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: HidIr ImagePath: \SystemRoot\system32\drivers\hidir.sys C:\Windows\system32\drivers\hidir.sys 21504 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: HidUsb ImagePath: \SystemRoot\system32\drivers\hidusb.sys C:\Windows\system32\drivers\hidusb.sys 12288 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: HpCISSs ImagePath: \SystemRoot\system32\drivers\hpcisss.sys C:\Windows\system32\drivers\hpcisss.sys 37480 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Hewlett-Packard Company ---------- Key: HTTP ImagePath: system32\drivers\HTTP.sys C:\Windows\system32\drivers\HTTP.sys 385536 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: i2omp ImagePath: \SystemRoot\system32\drivers\i2omp.sys C:\Windows\system32\drivers\i2omp.sys 27752 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: i8042prt ImagePath: system32\DRIVERS\i8042prt.sys C:\Windows\system32\DRIVERS\i8042prt.sys 54784 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: iaStorV ImagePath: \SystemRoot\system32\drivers\iastorv.sys C:\Windows\system32\drivers\iastorv.sys 232040 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Intel Corporation ---------- Key: IDriverT ImagePath: "C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe" C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 69632 bytes Created: 11/14/2005 Modified: 11/14/2005 Company: Macrovision Corporation ---------- Key: idsvc ImagePath: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 741376 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: igfx ImagePath: system32\DRIVERS\igdkmd32.sys C:\Windows\system32\DRIVERS\igdkmd32.sys 1771008 bytes Created: 5/22/2007 Modified: 5/22/2007 Company: Intel Corporation ---------- Key: iirsp ImagePath: \SystemRoot\system32\drivers\iirsp.sys C:\Windows\system32\drivers\iirsp.sys 41576 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Intel Corp./ICP vortex GmbH ---------- Key: IntcAzAudAddService ImagePath: system32\drivers\RTKVHDA.sys C:\Windows\system32\drivers\RTKVHDA.sys 1787816 bytes Created: 6/26/2007 Modified: 6/11/2007 Company: Realtek Semiconductor Corp. ---------- Key: intelide ImagePath: system32\drivers\intelide.sys C:\Windows\system32\drivers\intelide.sys 17464 bytes Created: 1/14/2008 Modified: 1/14/2008 Company: Microsoft Corporation ---------- Key: intelppm ImagePath: system32\DRIVERS\intelppm.sys C:\Windows\system32\DRIVERS\intelppm.sys 39424 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: IpFilterDriver ImagePath: system32\DRIVERS\ipfltdrv.sys C:\Windows\system32\DRIVERS\ipfltdrv.sys 47104 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: IpInIp ImagePath: system32\DRIVERS\ipinip.sys - file is missing - alert is globally excluded ---------- Key: IPMIDRV ImagePath: \SystemRoot\system32\drivers\ipmidrv.sys C:\Windows\system32\drivers\ipmidrv.sys 65536 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: IPNAT ImagePath: system32\DRIVERS\ipnat.sys C:\Windows\system32\DRIVERS\ipnat.sys 99840 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: IRENUM ImagePath: system32\drivers\irenum.sys C:\Windows\system32\drivers\irenum.sys 13312 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: isapnp ImagePath: \SystemRoot\system32\drivers\isapnp.sys C:\Windows\system32\drivers\isapnp.sys 47208 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: iScsiPrt ImagePath: system32\DRIVERS\msiscsi.sys C:\Windows\system32\DRIVERS\msiscsi.sys 168552 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: iteatapi ImagePath: \SystemRoot\system32\drivers\iteatapi.sys C:\Windows\system32\drivers\iteatapi.sys 35944 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Integrated Technology Express, Inc. ---------- Key: iteraid ImagePath: \SystemRoot\system32\drivers\iteraid.sys C:\Windows\system32\drivers\iteraid.sys 35944 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Integrated Technology Express, Inc. ---------- Key: kbdclass ImagePath: system32\DRIVERS\kbdclass.sys C:\Windows\system32\DRIVERS\kbdclass.sys 32872 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: kbdhid ImagePath: \SystemRoot\system32\drivers\kbdhid.sys C:\Windows\system32\drivers\kbdhid.sys 15872 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: KeyIso ImagePath: %SystemRoot%\system32\lsass.exe C:\Windows\system32\lsass.exe 7680 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: KR10I ImagePath: \SystemRoot\system32\drivers\kr10i.sys C:\Windows\system32\drivers\kr10i.sys 216320 bytes Created: 5/30/2007 Modified: 2/14/2006 Company: TOSHIBA CORPORATION ---------- Key: KR10N ImagePath: \SystemRoot\system32\drivers\kr10n.sys C:\Windows\system32\drivers\kr10n.sys 207104 bytes Created: 5/30/2007 Modified: 9/27/2005 Company: TOSHIBA CORPORATION ---------- Key: KR3NPXP ImagePath: \SystemRoot\system32\drivers\kr3npxp.sys C:\Windows\system32\drivers\kr3npxp.sys 479488 bytes Created: 5/30/2007 Modified: 9/27/2006 Company: TOSHIBA CORPORATION ---------- Key: KSecDD ImagePath: System32\Drivers\ksecdd.sys C:\Windows\System32\Drivers\ksecdd.sys 407144 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: lltdio ImagePath: system32\DRIVERS\lltdio.sys C:\Windows\system32\DRIVERS\lltdio.sys 47104 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: LPCFilter ImagePath: system32\DRIVERS\LPCFilter.sys C:\Windows\system32\DRIVERS\LPCFilter.sys 19456 bytes Created: 7/28/2006 Modified: 7/28/2006 Company: COMPAL ELECTRONIC INC. ---------- Key: LSI_FC ImagePath: \SystemRoot\system32\drivers\lsi_fc.sys C:\Windows\system32\drivers\lsi_fc.sys 65640 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: LSI Logic ---------- Key: LSI_SAS ImagePath: \SystemRoot\system32\drivers\lsi_sas.sys C:\Windows\system32\drivers\lsi_sas.sys 65640 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: LSI Logic ---------- Key: LSI_SCSI ImagePath: \SystemRoot\system32\drivers\lsi_scsi.sys C:\Windows\system32\drivers\lsi_scsi.sys 65640 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: LSI Logic ---------- Key: luafv ImagePath: \SystemRoot\system32\drivers\luafv.sys C:\Windows\system32\drivers\luafv.sys 83456 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: Microsoft Corporation ---------- Key: McAfee HackerWatch Service ImagePath: "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe" C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe 540776 bytes Created: 10/20/2007 Modified: 2/13/2007 Company: McAfee, Inc. ---------- Key: mcmscsvc ImagePath: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 749904 bytes Created: 1/22/2008 Modified: 8/4/2007 Company: McAfee, Inc. ---------- Key: McNASvc ImagePath: "c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe" c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe 2376992 bytes Created: 1/22/2008 Modified: 7/22/2007 Company: McAfee, Inc. ---------- Key: McODS ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe 362064 bytes Created: 10/20/2007 Modified: 1/16/2007 Company: McAfee, Inc. ---------- Key: McProxy ImagePath: c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe 353368 bytes Created: 10/20/2007 Modified: 4/12/2007 Company: McAfee, Inc. ---------- Key: McRedirector ImagePath: c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe 256096 bytes Created: 10/20/2007 Modified: 3/8/2007 Company: McAfee, Inc. ---------- Key: McShield ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe 144960 bytes Created: 10/20/2007 Modified: 6/25/2007 Company: McAfee, Inc. ---------- Key: McSysmon ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe 643664 bytes Created: 10/20/2007 Modified: 1/25/2007 Company: McAfee, Inc. ---------- Key: megasas ImagePath: \SystemRoot\system32\drivers\megasas.sys C:\Windows\system32\drivers\megasas.sys 28776 bytes Created: 11/2/2006 Modified: 11/2/2006 Company: LSI Logic Corporation ---------- Key: mfeavfk ImagePath: system32\drivers\mfeavfk.sys C:\Windows\system32\drivers\mfeavfk.sys 71496 bytes Created: 5/30/2007 Modified: 6/25/2007 Company: McAfee, Inc. ---------- Key: mfebopk ImagePath: system32\drivers\mfebopk.sys C:\Windows\system32\drivers\mfebopk.sys 34184 bytes Created: 5/30/2007 Modified: 6/25/2007 Company: McAfee, Inc. ---------- Key: mfehidk ImagePath: system32\drivers\mfehidk.sys C:\Windows\system32\drivers\mfehidk.sys 171240 bytes Created: 5/30/2007 Modified: 6/25/2007 Company: McAfee, Inc. ---------- Key: mferkdk ImagePath: system32\drivers\mferkdk.sys C:\Windows\system32\drivers\mferkdk.sys 32008 bytes Created: 5/30/2007 Modified: 6/25/2007 Company: McAfee, Inc. ---------- Key: mfesmfk ImagePath: system32\drivers\mfesmfk.sys C:\Windows\system32\drivers\mfesmfk.sys 37480 bytes Created: 5/30/2007 Modified: 6/25/2007 Company: McAfee, Inc. ---------- Key: Modem ImagePath: system32\drivers\modem.sys |
caaguila (13124) | ||
| 619727 | 2008-02-11 23:42:00 | The pop up says "System Error! Your computer was infected by unknown trojan. It's dangerous for your system (critical files can be lost)! Click OK to download the antispyware program to clean your system(recommended) This is a fake alert, probably the only malware you've got is the one that's producing this "alert", and trying to get you to download more of their crap :horrified:), do as speedy says :thumbs:. |
feersumendjinn (64) | ||
| 619728 | 2008-02-11 23:54:00 | If the trojan keeps returning it could be hiding in system Restore, and reinfecting every time the PC boots. If you have not done so already turn off System Restore before cleaning, I see by your log above you have Vista - heres how In Vista (www.howtogeek.com) Once clean turn restore back on. |
wainuitech (129) | ||
| 619729 | 2008-02-12 00:09:00 | Hmm if you want, I could access your system with Crossloop (www.crossloop.com) It'll let me login to you remotely, and check your system out. All you have to is install it, give me the code under share, so I can log in. Then give me access once I connect. I think you've got Zlob, but some of the entries for it, dont appear to be on your system. |
Speedy Gonzales (78) | ||
| 619730 | 2008-02-12 00:21:00 | Maybe I can help here . . . . Download Combofix from any of the links below, and save it to your desktop . For further information regarding this download you can see this on this Information Page ( . bleepingcomputer . com/combofix/how-to-use-combofix" target="_blank">www . bleepingcomputer . com) Link 1 ( . bleepingcomputer . com/sUBs/ComboFix . exe" target="_blank">download . bleepingcomputer . com) Link 2 ( . forospyware . com/sUBs/ComboFix . exe" target="_blank">www . forospyware . com) Link 3 ( . geekstogo . com/ComboFix . exe" target="_blank">subs . geekstogo . com) **Note: It is important that it is saved directly to your desktop** 1 . Close any open browsers . 2 . Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix . Double click on combofix . exe & follow the prompts . When finished, it will produce a report for you . Please post the "C:\ComboFix . txt" along with a new HijackThis log for further review . Note: Do not mouseclick combofix's window while it's running . That may cause it to stall Caution . . . Never run and remove files using ComboFix without being supervised by a security analyst . |
Pancake (6359) | ||
| 1 2 3 4 5 6 | |||||