Thread: Trying to access malware infected drive
View Single Post
Old 11-11-2008, 12:54 PM   #4 (permalink)
DarkMagician66
Registered User
 
Join Date: Nov 2008
Location: London, England, UK
Posts: 9
OS: XP Home

My System

Re: Trying to access malware infected drive
Update: I have managed to access the HDD normally and the system appears reasonably stable and has updated itself via Windows Update. Here is the DDS info...

DDS (Version 1.0) - NTFSx86
Run by Dave at 19:44:28.40 on 11/11/2008
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2046.1204 [GMT 0:00]

=============== Created Last 30 ================

2008-11-11 19:40 <DIR> --d----- c:\windows\LastGood
2008-11-11 19:25 <DIR> --d----- c:\windows\Prefetch
2008-11-11 00:37 7,208 -------- c:\windows\system32\secupd.sig
2008-11-11 00:37 4,569 -------- c:\windows\system32\secupd.dat
2008-11-11 00:37 23,024 a------- c:\windows\system32\ieuinit.inf
2008-11-11 00:15 1,082,368 a------- c:\windows\system32\esent.dll
2008-11-11 00:08 <DIR> --d----- C:\Kontiki
2008-11-10 22:39 351,232 a------- c:\windows\system32\winhttp.dll
2008-11-10 22:39 18,944 a------- c:\windows\system32\qmgrprxy.dll
2008-11-10 21:44 250 a------- c:\windows\gmer.ini
2008-11-09 23:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2008-11-09 23:35 <DIR> --d----- c:\program files\SUPERAntiSpyware
2008-11-09 23:35 <DIR> --d----- c:\docume~1\dave\applic~1\SUPERAntiSpyware.com
2008-11-09 17:21 <DIR> --d----- c:\program files\Trend Micro
2008-11-09 17:20 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2008-11-04 22:43 <DIR> --d-h--- C:\$AVG8.VAULT$
2008-10-13 21:56 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2008-10-13 21:55 <DIR> --d----- c:\docume~1\dave\applic~1\HouseCall 6.6
2008-10-13 21:44 215,752 a------- c:\windows\system32\wuaucpl.cpl

================== Find3M ==================

2008-11-11 19:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kontiki
2008-11-11 01:15 <DIR> --d----- c:\program files\Windows NT
2008-10-16 00:11 789,662 a--sh--- c:\windows\system32\HQBKlUtv.ini2
2008-10-13 21:44 <DIR> --d-h--- c:\program files\WindowsUpdate
2008-10-06 10:04 23,348 ac------ c:\windows\system32\emptyregdb.dat
2008-10-01 19:51 <DIR> --d----- c:\program files\RegCure
2008-09-30 06:24 <DIR> --d----- c:\docume~1\dave\applic~1\LimeWire
2008-09-30 06:20 <DIR> --d----- c:\program files\Incomplete
2008-09-30 06:20 <DIR> --d----- c:\program files\LimeWire
2008-09-28 22:57 16,608 a------- c:\windows\gdrv.sys
2008-09-24 20:37 <DIR> --d----- c:\program files\Gigabyte
2008-09-24 20:36 <DIR> --d----- c:\program files\DIFX
2008-09-24 20:35 <DIR> --d----- c:\program files\AMD
2008-09-24 20:29 <DIR> --d----- c:\program files\ATI Technologies
2008-06-11 18:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sony Ericsson
2008-06-03 22:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sky
2008-05-24 07:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2008-05-21 23:11 <DIR> --d----- c:\docume~1\dave\applic~1\SpywareStop
2008-04-25 01:39 <DIR> --ds---- c:\docume~1\alluse~1\applic~1\Memeo
2008-04-20 12:58 <DIR> --d----- c:\docume~1\dave\applic~1\EPSON
2008-04-17 22:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AOL
2008-03-02 23:44 <DIR> --d----- c:\docume~1\dave\applic~1\ZipGenius
2008-02-19 06:25 <DIR> --d----- c:\docume~1\dave\applic~1\TomTom
2008-01-19 00:04 <DIR> --ds---- c:\docume~1\alluse~1\applic~1\Seagate
2007-11-19 23:59 <DIR> --d----- c:\docume~1\dave\applic~1\ATI
2007-11-13 22:04 <DIR> --d----- c:\docume~1\dave\applic~1\Sony
2007-11-13 22:04 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sony
2007-11-13 21:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BVRP Software
2007-10-29 23:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Tanagra
2007-10-18 20:09 <DIR> --d----- c:\docume~1\dave\applic~1\Azureus
2007-08-25 11:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Azureus
2007-07-14 13:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero
2007-04-12 21:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Creative
2007-03-04 15:21 <DIR> --d----- c:\docume~1\dave\applic~1\Creative
2007-02-10 10:18 <DIR> --d----- c:\docume~1\dave\applic~1\TuneUp Software
2007-02-10 10:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TuneUp Software
2007-02-09 23:20 <DIR> --d----- c:\docume~1\dave\applic~1\Uniblue
2007-02-01 22:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TomTom
2006-12-11 23:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AOL Downloads
2006-12-07 11:14 <DIR> --d----- c:\docume~1\dave\applic~1\AOL
2006-10-28 01:02 <DIR> --d----- c:\docume~1\dave\applic~1\DivX
2006-08-28 23:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers Headquarters
2006-06-24 11:03 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kodak
2006-06-04 11:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2006-06-04 11:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2006-04-23 14:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Ahead
2006-03-31 20:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Windows Genuine Advantage
2006-03-26 17:17 <DIR> --d----- c:\docume~1\dave\applic~1\You've Got Pictures Screensaver
2006-03-26 15:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\UDL
2006-03-21 20:41 <DIR> --d----- c:\docume~1\dave\applic~1\Logitech
2006-03-20 06:55 <DIR> --d----- c:\docume~1\dave\applic~1\Symantec
2008-08-04 21:00 16,384 ac-sh--- c:\windows\temp\cookies\index.dat
2008-08-04 21:00 16,384 ac-sh--- c:\windows\temp\history\history.ie5\index.dat
2008-08-04 21:00 49,152 ac-sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat

============== Psuedo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\twext.exe,
BHO: {75f5e048-3311-4347-acff-8b26fbd47309} - c:\windows\system32\vtUlKBQH.dll
TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 4.0\aoltb.dll
TB: {F2CF5485-4E02-4F68-819C-B92DE9277049} - c:\windows\system32\ieframe.dll
uRun: [AWMON] c:\progra~1\lavasoft\ad-awa~1\Ad-Watch.exe
uRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
uRun: [M1000Mnt] M1000Rmv.exe /StartStillMnt
uRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
uRun: [EPSON Stylus Photo RX520 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB001" /M "Stylus Photo RX520"
uRun: [CreativeMouse] c:\program files\mouse driver\MouseDrv.exe
uRun: [kis] c:\program files\kaspersky lab\kaspersky internet security 6.0\avp.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [kis] "c:\program files\kaspersky lab\kaspersky internet security 6.0\avp.exe"
mRun: [CreativeMouse] c:\program files\mouse driver\MouseDrv.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HostManager] c:\program files\common files\aol\1143679318\ee\AOLSoftware.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [kdx] "c:\program files\kontiki\KHost.exe" -all
mRun: [M1000Mnt] M1000Rmv.exe /StartStillMnt
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [<NO NAME>]
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Jnskdfmf9eldfd] c:\windows\temp\csrssc.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\raid manager.lnk - c:\program files\ite\ite it8212 ata raid controller\RaidMgr.exe
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-system: DisableTaskMgr = 0 (0x0)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-explorer: NoResolveSearch = 1 (0x1)
mPolicies-system: DisableTaskMgr = 0 (0x0)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: NoDispBackgroundPage = 1 (0x1)
dPolicies-system: NoDispScrSavPage = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-us\local\search.html
IE: &eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html
IE: Add to Kaspersky Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 6.0\\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 6.0\scieplugin.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 4.0\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office11\MSOXMLMF.DLL
Handler: AutorunsDisabled\bw+0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw+0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw-0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw-0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw00 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw00s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw10 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw10s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw20 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw20s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw30 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw30s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw40 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw40s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw50 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw50s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw60 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw60s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw70 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw70s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw80 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw80s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw90 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bw90s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwa0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwa0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwb0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwb0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwc0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwc0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwd0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwd0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwe0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwe0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwf0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwf0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwg0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwg0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwh0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwh0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwi0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwi0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwj0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwj0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwk0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwk0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwl0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwl0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwm0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwm0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwn0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwn0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwo0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwo0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwp0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwp0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwq0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwq0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwr0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwr0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bws0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bws0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwt0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwt0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwu0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwu0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwv0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwv0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bww0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bww0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwx0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwx0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwy0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwy0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwz0 - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\bwz0s - {8bd88a42-2ac1-4a35-bfbf-4f5c7104b05a} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: AutorunsDisabled\offline-8876480 - {8BD88A42-2AC1-4A35-BFBF-4F5C7104B05A} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - c:\progra~1\common~1\micros~1\webcom~1\10\OWC10.DLL
Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - c:\progra~1\common~1\micros~1\webcom~1\11\OWC11.DLL
Notify: !SASWinLogon -c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent -Ati2evxx.dll
Notify: igfxcui -igfxdev.dll
Notify: klogon -c:\windows\system32\klogon.dll
Notify: wineak32 -wineak32.dll
Notify: wvUlmkJc -wvUlmkJc.dll
Notify: xnrtza -xnrtza.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll
SSODL: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: {e57ce738-33e8-4c51-8354-bb4de9d215d1} - c:\windows\system32\upnpui.dll
SEH: {A982037A-5FA0-44BD-8BB8-BCE93EBBDFE8} - c:\windows\system32\wvUlmkJc.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 relog_ap c:\windows\system32\vtUlKBQH

============= SERVICES / DRIVERS ==============

S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.sys
S0 ati0daxx;ati0daxx;c:\windows\system32\drivers\ati0daxx.sys
S0 ati1tbxx;ati1tbxx;c:\windows\system32\drivers\ati1tbxx.sys
S0 ati2ftxx;ati2ftxx;c:\windows\system32\drivers\ati2ftxx.sys
S0 ati8nyxx;ati8nyxx;c:\windows\system32\drivers\ati8nyxx.sys
S0 ati8vkxx;ati8vkxx;c:\windows\system32\drivers\ati8vkxx.sys
S3 ATICDSDr;ATICDSDr;c:\docume~1\dave\locals~1\temp\ATICDSDr.sys
S2 bfyfwdehzqv;bfyfwdehzqv;c:\windows\system32\drivers\szkuwvtgnl.sys
S3 Cap7134;Philips Cap7134 Capture;c:\windows\system32\drivers\Cap7134.sys
S2 eggqpvflmvb;eggqpvflmvb;c:\windows\system32\drivers\rymkspfguji.sys
S2 fanvqnehe;fanvqnehe;c:\windows\system32\drivers\zltrgpinup.sys
S3 FXDRV;FXDRV;c:\program files\superutility\Fxdrv.sys
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys
S1 glaide32;glaide32;c:\windows\system32\drivers\glaide32.sys
R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys
S3 lanusb;GlobeSpan USB ADSL LAN Modem;c:\windows\system32\drivers\glausb.sys
R3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\drivers\M1000KNT.sys
S3 PhTVTune;Philips WDM TVTuner;c:\windows\system32\drivers\PhTVTune.sys
R3 PPPoEWin;PPPoEWin Miniport;c:\windows\system32\drivers\PPPoEWin.SYS
S2 qhpmzxdhbv;qhpmzxdhbv;c:\windows\system32\drivers\vcpovkjrwb.sys
R3 RegKill;RegKill;c:\windows\system32\drivers\RegKill.sys
S3 restore;restore;c:\windows\system32\drivers\restore.sys
S0 spywarestop;spywarestop;c:\windows\system32\drivers\spywarestop.sys
S2 thcglpcsdbh;thcglpcsdbh;c:\windows\system32\drivers\fieprlzhtizwys.sys
S2 vbjzssre;vbjzssre;c:\windows\system32\drivers\ebwer.sys
S2 vyykucmbg;vyykucmbg;c:\windows\system32\drivers\ngbsztbdtm.sys
S2 fci;FCI;c:\windows\system32\svchost.exe:ext.exe
S2 ICF;ICF;c:\windows\system32\svchost.exe:ext.exe
S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe
S2 psyche;psyche;c:\windows\system32\psyche.exe

============= FINISH: 19:45:04.23 ===============
Attached Files
File Type: txt gmer.txt (2.3 KB, 2 views)
File Type: txt Attach.txt (44.5 KB, 3 views)
DarkMagician66 is offline