Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
22find
Message
<blockquote data-quote="cleojhilred" data-source="post: 118033" data-attributes="member: 7703"><p>All processes killed</p><p>========== OTL ==========</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\text-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\props folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\prop-base folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn folder moved successfully.</p><p>C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org folder moved successfully.</p><p>Folder C:\Users\ann\AppData\Roaming\Mozilla\Firefox\Profiles\6a32jyo3.default\extensions\kgcngo@xmmomglptujvwxntife.org\ not found.</p><p>Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}\ deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}\ deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67097627-fd8e-4f6b-af4b-ecb65e50112e}\ deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67097627-fd8e-4f6b-af4b-ecb65e50112e}\ not found.</p><p>Registry value HKEY_USERS\S-1-5-21-47251086-2544900640-1172179381-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{67097627-FD8E-4F6B-AF4B-ECB65E50112E} deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67097627-FD8E-4F6B-AF4B-ECB65E50112E}\ not found.</p><p>Registry value HKEY_USERS\S-1-5-21-47251086-2544900640-1172179381-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{739DF940-C5EE-4BAB-9D7E-270894AE687A} deleted successfully.</p><p>Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{739DF940-C5EE-4BAB-9D7E-270894AE687A}\ not found.</p><p>C:\ProgramData\29273d593f31_c moved successfully.</p><p>========== FILES ==========</p><p>File\Folder C:\Users\ann\AppData\Local\DownloadTerms not found.</p><p>C:\Program Files\Updater By SweetPacks\resources folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\libraries folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\defaults folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome\content folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox\chrome folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks\Firefox folder moved successfully.</p><p>C:\Program Files\Updater By SweetPacks folder moved successfully.</p><p><span style="color: #A23BEC">< ipconfig /flushdns /c ></span></p><p>Windows IP Configuration</p><p>Successfully flushed the DNS Resolver Cache.</p><p>C:\Users\ann\Desktop\cmd.bat deleted successfully.</p><p>C:\Users\ann\Desktop\cmd.txt deleted successfully.</p><p>========== COMMANDS ==========</p><p> </p><p>[EMPTYTEMP]</p><p> </p><p>User: All Users</p><p> </p><p>User: ann</p><p>->Temp folder emptied: 623707751 bytes</p><p>->Temporary Internet Files folder emptied: 490021112 bytes</p><p>->FireFox cache emptied: 6835562 bytes</p><p>->Google Chrome cache emptied: 20676644 bytes</p><p>->Flash cache emptied: 824 bytes</p><p> </p><p>User: Default</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 0 bytes</p><p> </p><p>User: Default User</p><p>->Temp folder emptied: 0 bytes</p><p>->Temporary Internet Files folder emptied: 0 bytes</p><p> </p><p>User: Public</p><p> </p><p>%systemdrive% .tmp files removed: 0 bytes</p><p>%systemroot% .tmp files removed: 1900821 bytes</p><p>%systemroot%\System32 .tmp files removed: 0 bytes</p><p>%systemroot%\System32 (64bit) .tmp files removed: 0 bytes</p><p>%systemroot%\System32\drivers .tmp files removed: 0 bytes</p><p>Windows Temp folder emptied: 348537624 bytes</p><p>%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50199 bytes</p><p>RecycleBin emptied: 10938096 bytes</p><p> </p><p>Total Files Cleaned = 1,433.00 mb</p><p> </p><p>C:\Windows\System32\drivers\etc\Hosts moved successfully.</p><p>HOSTS file reset successfully</p><p> </p><p>OTL by OldTimer - Version 3.2.69.0 log created on 04252013_112833</p><p></p><p>Files\Folders moved on Reboot...</p><p>C:\Users\ann\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S4OWCX03\openhand[1].cur moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S4OWCX03\Thread-22find--15401[3].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\0[2].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\bind[2].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\canvas[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\fastbutton[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\frame[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\tweet_button.1366232305[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8X443K70\fastbutton[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8X443K70\frame[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8X443K70\recentposts[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5ZQJESJR\0[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5ZQJESJR\d=1[2].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5ZQJESJR\hovercard[1].htm moved successfully.</p><p>C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.</p><p>File move failed. C:\Windows\temp\sndappv2.log scheduled to be moved on reboot.</p><p>C:\Windows\temp\~DF3F1C3D2B21CCAD18.TMP moved successfully.</p><p></p><p>PendingFileRenameOperations files...</p><p></p><p>Registry entries deleted on Reboot...</p><p></p><p></p><p>Malwarebytes Anti-Rootkit BETA 1.05.0.1001</p><p>www.malwarebytes.org</p><p></p><p>Database version: v2013.04.25.05</p><p></p><p>Windows 7 Service Pack 1 x64 NTFS</p><p>Internet Explorer 9.0.8112.16421</p><p>ann :: ANN-PC [administrator]</p><p></p><p>4/25/2013 11:47:14 AM</p><p>mbar-log-2013-04-25 (11-47-14).txt</p><p></p><p>Scan type: Quick scan</p><p>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P</p><p>Scan options disabled: </p><p>Objects scanned: 28622</p><p>Time elapsed: 8 minute(s), 29 second(s)</p><p></p><p>Memory Processes Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Memory Modules Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys Detected: 2</p><p>HKLM\SOFTWARE\CLASSES\INTERFACE\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> Delete on reboot.</p><p>HKLM\SOFTWARE\CLASSES\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> Delete on reboot.</p><p></p><p>Registry Values Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data Items Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Folders Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Files Detected: 0</p><p>(No malicious items detected)</p><p></p><p>(end)Malwarebytes Anti-Rootkit BETA 1.05.0.1001</p><p>www.malwarebytes.org</p><p></p><p>Database version: v2013.04.25.05</p><p></p><p>Windows 7 Service Pack 1 x64 NTFS</p><p>Internet Explorer 9.0.8112.16421</p><p>ann :: ANN-PC [administrator]</p><p></p><p>4/25/2013 12:01:14 PM</p><p>mbar-log-2013-04-25 (12-01-14).txt</p><p></p><p>Scan type: Quick scan</p><p>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P</p><p>Scan options disabled: </p><p>Objects scanned: 28563</p><p>Time elapsed: 8 minute(s), 44 second(s)</p><p></p><p>Memory Processes Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Memory Modules Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Values Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data Items Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Folders Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Files Detected: 0</p><p>(No malicious items detected)</p><p></p><p>(end)</p><p></p><p>Malwarebytes Anti-Rootkit BETA 1.05.0.1001</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.1.7601 Windows 7 Service Pack 1 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 9.0.8112.16421</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED</p><p>CPU speed: 2.294000 GHz</p><p>Memory total: 6170025984, free: 4332900352</p><p></p><p>------------ Kernel report ------------</p><p> 04/25/2013 11:38:03</p><p>------------ Loaded modules -----------</p><p>\SystemRoot\system32\ntoskrnl.exe</p><p>\SystemRoot\system32\hal.dll</p><p>\SystemRoot\system32\kdcom.dll</p><p>\SystemRoot\system32\mcupdate_AuthenticAMD.dll</p><p>\SystemRoot\system32\PSHED.dll</p><p>\SystemRoot\system32\CLFS.SYS</p><p>\SystemRoot\system32\CI.dll</p><p>\SystemRoot\system32\drivers\Wdf01000.sys</p><p>\SystemRoot\system32\drivers\WDFLDR.SYS</p><p>\SystemRoot\system32\drivers\ACPI.sys</p><p>\SystemRoot\system32\drivers\WMILIB.SYS</p><p>\SystemRoot\system32\drivers\msisadrv.sys</p><p>\SystemRoot\system32\drivers\pci.sys</p><p>\SystemRoot\system32\drivers\vdrvroot.sys</p><p>\SystemRoot\System32\drivers\partmgr.sys</p><p>\SystemRoot\system32\DRIVERS\compbatt.sys</p><p>\SystemRoot\system32\DRIVERS\BATTC.SYS</p><p>\SystemRoot\system32\drivers\volmgr.sys</p><p>\SystemRoot\System32\drivers\volmgrx.sys</p><p>\SystemRoot\System32\drivers\mountmgr.sys</p><p>\SystemRoot\system32\drivers\atapi.sys</p><p>\SystemRoot\system32\drivers\ataport.SYS</p><p>\SystemRoot\system32\drivers\msahci.sys</p><p>\SystemRoot\system32\drivers\PCIIDEX.SYS</p><p>\SystemRoot\system32\drivers\amdxata.sys</p><p>\SystemRoot\system32\drivers\fltmgr.sys</p><p>\SystemRoot\system32\drivers\fileinfo.sys</p><p>\SystemRoot\System32\Drivers\Ntfs.sys</p><p>\SystemRoot\System32\Drivers\msrpc.sys</p><p>\SystemRoot\System32\Drivers\ksecdd.sys</p><p>\SystemRoot\System32\Drivers\cng.sys</p><p>\SystemRoot\System32\drivers\pcw.sys</p><p>\SystemRoot\System32\Drivers\Fs_Rec.sys</p><p>\SystemRoot\system32\drivers\ndis.sys</p><p>\SystemRoot\system32\drivers\NETIO.SYS</p><p>\SystemRoot\System32\Drivers\ksecpkg.sys</p><p>\SystemRoot\System32\drivers\tcpip.sys</p><p>\SystemRoot\System32\drivers\fwpkclnt.sys</p><p>\SystemRoot\system32\drivers\volsnap.sys</p><p>\SystemRoot\System32\Drivers\spldr.sys</p><p>\SystemRoot\System32\drivers\rdyboost.sys</p><p>\SystemRoot\System32\Drivers\mup.sys</p><p>\SystemRoot\System32\drivers\hwpolicy.sys</p><p>\SystemRoot\system32\DRIVERS\hpdskflt.sys</p><p>\SystemRoot\System32\DRIVERS\fvevol.sys</p><p>\SystemRoot\system32\DRIVERS\disk.sys</p><p>\SystemRoot\system32\DRIVERS\CLASSPNP.SYS</p><p>\SystemRoot\system32\DRIVERS\avgrkx64.sys</p><p>\SystemRoot\system32\DRIVERS\avgloga.sys</p><p>\SystemRoot\system32\DRIVERS\avgmfx64.sys</p><p>\SystemRoot\system32\DRIVERS\avgidsha.sys</p><p>\SystemRoot\system32\DRIVERS\AtiPcie.sys</p><p>\SystemRoot\system32\drivers\cdrom.sys</p><p>\SystemRoot\System32\Drivers\Null.SYS</p><p>\SystemRoot\System32\Drivers\Beep.SYS</p><p>\??\C:\Windows\system32\drivers\avgtpx64.sys</p><p>\SystemRoot\System32\drivers\vga.sys</p><p>\SystemRoot\System32\drivers\VIDEOPRT.SYS</p><p>\SystemRoot\System32\drivers\watchdog.sys</p><p>\SystemRoot\System32\DRIVERS\RDPCDD.sys</p><p>\SystemRoot\system32\drivers\rdpencdd.sys</p><p>\SystemRoot\system32\drivers\rdprefmp.sys</p><p>\SystemRoot\System32\Drivers\Msfs.SYS</p><p>\SystemRoot\System32\Drivers\Npfs.SYS</p><p>\SystemRoot\system32\DRIVERS\tdx.sys</p><p>\SystemRoot\system32\DRIVERS\TDI.SYS</p><p>\SystemRoot\system32\DRIVERS\avgtdia.sys</p><p>\SystemRoot\System32\DRIVERS\netbt.sys</p><p>\SystemRoot\system32\drivers\afd.sys</p><p>\SystemRoot\system32\drivers\ws2ifsl.sys</p><p>\SystemRoot\system32\DRIVERS\wfplwf.sys</p><p>\SystemRoot\system32\DRIVERS\pacer.sys</p><p>\SystemRoot\system32\DRIVERS\vwififlt.sys</p><p>\SystemRoot\system32\DRIVERS\netbios.sys</p><p>\SystemRoot\system32\DRIVERS\wanarp.sys</p><p>\SystemRoot\system32\drivers\termdd.sys</p><p>\SystemRoot\system32\DRIVERS\rdbss.sys</p><p>\SystemRoot\system32\drivers\nsiproxy.sys</p><p>\SystemRoot\system32\drivers\mssmbios.sys</p><p>\SystemRoot\System32\drivers\discache.sys</p><p>\SystemRoot\System32\Drivers\dfsc.sys</p><p>\SystemRoot\system32\DRIVERS\blbdrive.sys</p><p>\SystemRoot\system32\DRIVERS\avgldx64.sys</p><p>\SystemRoot\system32\DRIVERS\avgidsdrivera.sys</p><p>\SystemRoot\system32\DRIVERS\tunnel.sys</p><p>\SystemRoot\system32\DRIVERS\amdppm.sys</p><p>\SystemRoot\system32\DRIVERS\atikmdag.sys</p><p>\SystemRoot\System32\drivers\dxgkrnl.sys</p><p>\SystemRoot\System32\drivers\dxgmms1.sys</p><p>\SystemRoot\system32\drivers\HDAudBus.sys</p><p>\SystemRoot\system32\DRIVERS\athrx.sys</p><p>\SystemRoot\system32\DRIVERS\vwifibus.sys</p><p>\SystemRoot\system32\DRIVERS\Rt64win7.sys</p><p>\SystemRoot\system32\DRIVERS\usbohci.sys</p><p>\SystemRoot\system32\DRIVERS\USBPORT.SYS</p><p>\SystemRoot\system32\DRIVERS\usbfilter.sys</p><p>\SystemRoot\system32\DRIVERS\USBD.SYS</p><p>\SystemRoot\system32\DRIVERS\usbehci.sys</p><p>\SystemRoot\system32\drivers\i8042prt.sys</p><p>\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys</p><p>\SystemRoot\system32\drivers\kbdclass.sys</p><p>\SystemRoot\system32\DRIVERS\SynTP.sys</p><p>\SystemRoot\system32\drivers\mouclass.sys</p><p>\SystemRoot\system32\DRIVERS\enecir.sys</p><p>\SystemRoot\system32\DRIVERS\CmBatt.sys</p><p>\SystemRoot\system32\drivers\wmiacpi.sys</p><p>\SystemRoot\system32\DRIVERS\Accelerometer.sys</p><p>\SystemRoot\system32\drivers\CompositeBus.sys</p><p>\SystemRoot\system32\DRIVERS\AgileVpn.sys</p><p>\SystemRoot\system32\DRIVERS\rasl2tp.sys</p><p>\SystemRoot\system32\DRIVERS\ndistapi.sys</p><p>\SystemRoot\system32\DRIVERS\ndiswan.sys</p><p>\SystemRoot\system32\DRIVERS\raspppoe.sys</p><p>\SystemRoot\system32\DRIVERS\raspptp.sys</p><p>\SystemRoot\system32\DRIVERS\rassstp.sys</p><p>\SystemRoot\system32\drivers\swenum.sys</p><p>\SystemRoot\system32\drivers\ks.sys</p><p>\SystemRoot\system32\DRIVERS\circlass.sys</p><p>\SystemRoot\system32\drivers\umbus.sys</p><p>\SystemRoot\system32\DRIVERS\usbhub.sys</p><p>\SystemRoot\System32\Drivers\NDProxy.SYS</p><p>\SystemRoot\system32\drivers\AtiHdmi.sys</p><p>\SystemRoot\system32\drivers\portcls.sys</p><p>\SystemRoot\system32\drivers\drmk.sys</p><p>\SystemRoot\system32\drivers\ksthunk.sys</p><p>\SystemRoot\system32\DRIVERS\stwrt64.sys</p><p>\SystemRoot\system32\DRIVERS\hidir.sys</p><p>\SystemRoot\system32\DRIVERS\HIDCLASS.SYS</p><p>\SystemRoot\system32\DRIVERS\HIDPARSE.SYS</p><p>\SystemRoot\system32\drivers\kbdhid.sys</p><p>\SystemRoot\system32\DRIVERS\mouhid.sys</p><p>\SystemRoot\System32\Drivers\fastfat.SYS</p><p>\SystemRoot\system32\DRIVERS\usbccgp.sys</p><p>\SystemRoot\System32\Drivers\usbvideo.sys</p><p>\SystemRoot\system32\drivers\hidusb.sys</p><p>\SystemRoot\System32\Drivers\crashdmp.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpata.sys</p><p>\SystemRoot\System32\Drivers\dump_msahci.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpfve.sys</p><p>\SystemRoot\System32\win32k.sys</p><p>\SystemRoot\System32\drivers\Dxapi.sys</p><p>\SystemRoot\system32\DRIVERS\monitor.sys</p><p>\SystemRoot\System32\TSDDD.dll</p><p>\SystemRoot\System32\cdd.dll</p><p>\SystemRoot\system32\drivers\luafv.sys</p><p>\SystemRoot\system32\DRIVERS\lltdio.sys</p><p>\SystemRoot\system32\DRIVERS\nwifi.sys</p><p>\SystemRoot\system32\DRIVERS\ndisuio.sys</p><p>\SystemRoot\system32\DRIVERS\rspndr.sys</p><p>\SystemRoot\system32\drivers\HTTP.sys</p><p>\SystemRoot\system32\DRIVERS\bowser.sys</p><p>\SystemRoot\System32\drivers\mpsdrv.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb10.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb20.sys</p><p>\SystemRoot\system32\drivers\peauth.sys</p><p>\SystemRoot\System32\Drivers\secdrv.SYS</p><p>\SystemRoot\System32\DRIVERS\srvnet.sys</p><p>\SystemRoot\System32\drivers\tcpipreg.sys</p><p>\??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl</p><p>\SystemRoot\System32\DRIVERS\srv2.sys</p><p>\SystemRoot\System32\DRIVERS\srv.sys</p><p>\SystemRoot\system32\drivers\spsys.sys</p><p>\??\C:\Windows\system32\drivers\mbamchameleon.sys</p><p>\??\C:\Windows\system32\drivers\mbamswissarmy.sys</p><p>\Windows\System32\ntdll.dll</p><p>\Windows\System32\smss.exe</p><p>\Windows\System32\apisetschema.dll</p><p>----------- End -----------</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk0\DR0</p><p>Upper Device Object: 0xfffffa8005b70790</p><p>Upper Device Driver Name: \Driver\Disk\</p><p>Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\</p><p>Lower Device Object: 0xfffffa8005ac7060</p><p>Lower Device Driver Name: \Driver\atapi\</p><p>Driver name found: atapi</p><p>Initialization returned 0x0</p><p>Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)</p><p>Load Function returned 0x0</p><p>Downloaded database version: v2013.04.25.05</p><p>Downloaded database version: v2013.04.22.01</p><p>Initializing...</p><p>Done!</p><p><<<2>>></p><p>Device number: 0, partition: 2</p><p>Physical Sector Size: 512</p><p>Drive: 0, DevicePointer: 0xfffffa8005b70790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xfffffa8005b701e0, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xfffffa8005b70790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\</p><p>DevicePointer: 0xfffffa8005b6f870, DeviceName: Unknown, DriverName: \Driver\hpdskflt\</p><p>DevicePointer: 0xfffffa8005ac7060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\</p><p>Upper DeviceData: 0xfffff8a0046d1880, 0xfffffa8005b70790, 0xfffffa800583b090</p><p>Lower DeviceData: 0xfffff8a008edbc20, 0xfffffa8005ac7060, 0xfffffa8005721a50</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Scanning directory: C:\Windows\system32\drivers...</p><p><<<2>>></p><p>Device number: 0, partition: 2</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Done!</p><p>Drive 0</p><p>Scanning MBR on drive 0...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: 29E95222</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Primary (0x7)</p><p> Partition is ACTIVE.</p><p> Partition starts at LBA: 2048 Numsec = 407552</p><p> Partition file system is NTFS</p><p> Partition is bootable</p><p></p><p> Partition 1 type is Primary (0x7)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 409600 Numsec = 938455040</p><p></p><p> Partition 2 type is Primary (0x7)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 938864640 Numsec = 37695488</p><p></p><p> Partition 3 type is Other (0xc)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 976560128 Numsec = 210992</p><p></p><p>Disk Size: 500107862016 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...</p><p>Done!</p><p>Performing system, memory and registry scan...</p><p>Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} --> [PUP.FaceThemes]</p><p>Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} --> [PUP.FaceThemes]</p><p>Done!</p><p>Scan finished</p><p>Creating System Restore point...</p><p>Scheduling clean up...</p><p><<<2>>></p><p>Device number: 0, partition: 2</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Removal successful. No system shutdown is required.</p><p>=======================================</p><p></p><p></p><p>---------------------------------------</p><p>Malwarebytes Anti-Rootkit BETA 1.05.0.1001</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.1.7601 Windows 7 Service Pack 1 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 9.0.8112.16421</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED</p><p>CPU speed: 2.294000 GHz</p><p>Memory total: 6170025984, free: 5045022720</p><p></p><p>Removal queue found; removal started</p><p>Removal finished</p><p>=======================================</p><p>---------------------------------------</p><p>Malwarebytes Anti-Rootkit BETA 1.05.0.1001</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.1.7601 Windows 7 Service Pack 1 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 9.0.8112.16421</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED</p><p>CPU speed: 2.294000 GHz</p><p>Memory total: 6170025984, free: 4791779328</p><p></p><p>------------ Kernel report ------------</p><p> 04/25/2013 11:52:07</p><p>------------ Loaded modules -----------</p><p>\SystemRoot\system32\ntoskrnl.exe</p><p>\SystemRoot\system32\hal.dll</p><p>\SystemRoot\system32\kdcom.dll</p><p>\SystemRoot\system32\mcupdate_AuthenticAMD.dll</p><p>\SystemRoot\system32\PSHED.dll</p><p>\SystemRoot\system32\CLFS.SYS</p><p>\SystemRoot\system32\CI.dll</p><p>\SystemRoot\system32\drivers\Wdf01000.sys</p><p>\SystemRoot\system32\drivers\WDFLDR.SYS</p><p>\SystemRoot\system32\drivers\ACPI.sys</p><p>\SystemRoot\system32\drivers\WMILIB.SYS</p><p>\SystemRoot\system32\drivers\msisadrv.sys</p><p>\SystemRoot\system32\drivers\pci.sys</p><p>\SystemRoot\system32\drivers\vdrvroot.sys</p><p>\SystemRoot\System32\drivers\partmgr.sys</p><p>\SystemRoot\system32\DRIVERS\compbatt.sys</p><p>\SystemRoot\system32\DRIVERS\BATTC.SYS</p><p>\SystemRoot\system32\drivers\volmgr.sys</p><p>\SystemRoot\System32\drivers\volmgrx.sys</p><p>\SystemRoot\System32\drivers\mountmgr.sys</p><p>\SystemRoot\system32\drivers\atapi.sys</p><p>\SystemRoot\system32\drivers\ataport.SYS</p><p>\SystemRoot\system32\drivers\msahci.sys</p><p>\SystemRoot\system32\drivers\PCIIDEX.SYS</p><p>\SystemRoot\system32\drivers\amdxata.sys</p><p>\SystemRoot\system32\drivers\fltmgr.sys</p><p>\SystemRoot\system32\drivers\fileinfo.sys</p><p>\SystemRoot\System32\Drivers\Ntfs.sys</p><p>\SystemRoot\System32\Drivers\msrpc.sys</p><p>\SystemRoot\System32\Drivers\ksecdd.sys</p><p>\SystemRoot\System32\Drivers\cng.sys</p><p>\SystemRoot\System32\drivers\pcw.sys</p><p>\SystemRoot\System32\Drivers\Fs_Rec.sys</p><p>\SystemRoot\system32\drivers\ndis.sys</p><p>\SystemRoot\system32\drivers\NETIO.SYS</p><p>\SystemRoot\System32\Drivers\ksecpkg.sys</p><p>\SystemRoot\System32\drivers\tcpip.sys</p><p>\SystemRoot\System32\drivers\fwpkclnt.sys</p><p>\SystemRoot\system32\drivers\volsnap.sys</p><p>\SystemRoot\System32\Drivers\spldr.sys</p><p>\SystemRoot\System32\drivers\rdyboost.sys</p><p>\SystemRoot\System32\Drivers\mup.sys</p><p>\SystemRoot\System32\drivers\hwpolicy.sys</p><p>\SystemRoot\system32\DRIVERS\hpdskflt.sys</p><p>\SystemRoot\System32\DRIVERS\fvevol.sys</p><p>\SystemRoot\system32\DRIVERS\disk.sys</p><p>\SystemRoot\system32\DRIVERS\CLASSPNP.SYS</p><p>\SystemRoot\system32\DRIVERS\avgrkx64.sys</p><p>\SystemRoot\system32\DRIVERS\avgloga.sys</p><p>\SystemRoot\system32\DRIVERS\avgmfx64.sys</p><p>\SystemRoot\system32\DRIVERS\avgidsha.sys</p><p>\SystemRoot\system32\DRIVERS\AtiPcie.sys</p><p>\SystemRoot\system32\drivers\cdrom.sys</p><p>\SystemRoot\System32\Drivers\Null.SYS</p><p>\SystemRoot\System32\Drivers\Beep.SYS</p><p>\??\C:\Windows\system32\drivers\avgtpx64.sys</p><p>\SystemRoot\System32\drivers\vga.sys</p><p>\SystemRoot\System32\drivers\VIDEOPRT.SYS</p><p>\SystemRoot\System32\drivers\watchdog.sys</p><p>\SystemRoot\System32\DRIVERS\RDPCDD.sys</p><p>\SystemRoot\system32\drivers\rdpencdd.sys</p><p>\SystemRoot\system32\drivers\rdprefmp.sys</p><p>\SystemRoot\System32\Drivers\Msfs.SYS</p><p>\SystemRoot\System32\Drivers\Npfs.SYS</p><p>\SystemRoot\system32\DRIVERS\tdx.sys</p><p>\SystemRoot\system32\DRIVERS\TDI.SYS</p><p>\SystemRoot\system32\DRIVERS\avgtdia.sys</p><p>\SystemRoot\System32\DRIVERS\netbt.sys</p><p>\SystemRoot\system32\drivers\afd.sys</p><p>\SystemRoot\system32\drivers\ws2ifsl.sys</p><p>\SystemRoot\system32\DRIVERS\wfplwf.sys</p><p>\SystemRoot\system32\DRIVERS\pacer.sys</p><p>\SystemRoot\system32\DRIVERS\vwififlt.sys</p><p>\SystemRoot\system32\DRIVERS\netbios.sys</p><p>\SystemRoot\system32\DRIVERS\wanarp.sys</p><p>\SystemRoot\system32\drivers\termdd.sys</p><p>\SystemRoot\system32\DRIVERS\rdbss.sys</p><p>\SystemRoot\system32\drivers\nsiproxy.sys</p><p>\SystemRoot\system32\drivers\mssmbios.sys</p><p>\SystemRoot\System32\drivers\discache.sys</p><p>\SystemRoot\System32\Drivers\dfsc.sys</p><p>\SystemRoot\system32\DRIVERS\blbdrive.sys</p><p>\SystemRoot\system32\DRIVERS\avgldx64.sys</p><p>\SystemRoot\system32\DRIVERS\avgidsdrivera.sys</p><p>\SystemRoot\system32\DRIVERS\tunnel.sys</p><p>\SystemRoot\system32\DRIVERS\amdppm.sys</p><p>\SystemRoot\system32\DRIVERS\atikmdag.sys</p><p>\SystemRoot\System32\drivers\dxgkrnl.sys</p><p>\SystemRoot\System32\drivers\dxgmms1.sys</p><p>\SystemRoot\system32\drivers\HDAudBus.sys</p><p>\SystemRoot\system32\DRIVERS\athrx.sys</p><p>\SystemRoot\system32\DRIVERS\vwifibus.sys</p><p>\SystemRoot\system32\DRIVERS\Rt64win7.sys</p><p>\SystemRoot\system32\DRIVERS\usbohci.sys</p><p>\SystemRoot\system32\DRIVERS\USBPORT.SYS</p><p>\SystemRoot\system32\DRIVERS\usbfilter.sys</p><p>\SystemRoot\system32\DRIVERS\USBD.SYS</p><p>\SystemRoot\system32\DRIVERS\usbehci.sys</p><p>\SystemRoot\system32\drivers\i8042prt.sys</p><p>\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys</p><p>\SystemRoot\system32\drivers\kbdclass.sys</p><p>\SystemRoot\system32\DRIVERS\SynTP.sys</p><p>\SystemRoot\system32\drivers\mouclass.sys</p><p>\SystemRoot\system32\DRIVERS\enecir.sys</p><p>\SystemRoot\system32\DRIVERS\CmBatt.sys</p><p>\SystemRoot\system32\drivers\wmiacpi.sys</p><p>\SystemRoot\system32\DRIVERS\Accelerometer.sys</p><p>\SystemRoot\system32\drivers\CompositeBus.sys</p><p>\SystemRoot\system32\DRIVERS\AgileVpn.sys</p><p>\SystemRoot\system32\DRIVERS\rasl2tp.sys</p><p>\SystemRoot\system32\DRIVERS\ndistapi.sys</p><p>\SystemRoot\system32\DRIVERS\ndiswan.sys</p><p>\SystemRoot\system32\DRIVERS\raspppoe.sys</p><p>\SystemRoot\system32\DRIVERS\raspptp.sys</p><p>\SystemRoot\system32\DRIVERS\rassstp.sys</p><p>\SystemRoot\system32\drivers\swenum.sys</p><p>\SystemRoot\system32\drivers\ks.sys</p><p>\SystemRoot\system32\DRIVERS\circlass.sys</p><p>\SystemRoot\system32\drivers\umbus.sys</p><p>\SystemRoot\system32\DRIVERS\usbhub.sys</p><p>\SystemRoot\System32\Drivers\NDProxy.SYS</p><p>\SystemRoot\system32\drivers\AtiHdmi.sys</p><p>\SystemRoot\system32\drivers\portcls.sys</p><p>\SystemRoot\system32\drivers\drmk.sys</p><p>\SystemRoot\system32\drivers\ksthunk.sys</p><p>\SystemRoot\system32\DRIVERS\stwrt64.sys</p><p>\SystemRoot\system32\DRIVERS\hidir.sys</p><p>\SystemRoot\system32\DRIVERS\HIDCLASS.SYS</p><p>\SystemRoot\system32\DRIVERS\HIDPARSE.SYS</p><p>\SystemRoot\system32\drivers\kbdhid.sys</p><p>\SystemRoot\system32\DRIVERS\mouhid.sys</p><p>\SystemRoot\System32\Drivers\fastfat.SYS</p><p>\SystemRoot\system32\DRIVERS\usbccgp.sys</p><p>\SystemRoot\System32\Drivers\usbvideo.sys</p><p>\SystemRoot\system32\drivers\hidusb.sys</p><p>\SystemRoot\System32\Drivers\crashdmp.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpata.sys</p><p>\SystemRoot\System32\Drivers\dump_msahci.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpfve.sys</p><p>\SystemRoot\System32\win32k.sys</p><p>\SystemRoot\System32\drivers\Dxapi.sys</p><p>\SystemRoot\system32\DRIVERS\monitor.sys</p><p>\SystemRoot\System32\TSDDD.dll</p><p>\SystemRoot\System32\cdd.dll</p><p>\SystemRoot\system32\drivers\luafv.sys</p><p>\SystemRoot\system32\DRIVERS\lltdio.sys</p><p>\SystemRoot\system32\DRIVERS\nwifi.sys</p><p>\SystemRoot\system32\DRIVERS\ndisuio.sys</p><p>\SystemRoot\system32\DRIVERS\rspndr.sys</p><p>\SystemRoot\system32\drivers\HTTP.sys</p><p>\SystemRoot\system32\DRIVERS\bowser.sys</p><p>\SystemRoot\System32\drivers\mpsdrv.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb10.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb20.sys</p><p>\SystemRoot\system32\drivers\peauth.sys</p><p>\SystemRoot\System32\Drivers\secdrv.SYS</p><p>\SystemRoot\System32\DRIVERS\srvnet.sys</p><p>\SystemRoot\System32\drivers\tcpipreg.sys</p><p>\??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl</p><p>\SystemRoot\System32\DRIVERS\srv2.sys</p><p>\SystemRoot\System32\DRIVERS\srv.sys</p><p>\??\C:\Windows\system32\drivers\mbamchameleon.sys</p><p>\??\C:\Windows\system32\drivers\mbamswissarmy.sys</p><p>\Windows\System32\ntdll.dll</p><p>\Windows\System32\smss.exe</p><p>\Windows\System32\apisetschema.dll</p><p>----------- End -----------</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk0\DR0</p><p>Upper Device Object: 0xfffffa8005b71060</p><p>Upper Device Driver Name: \Driver\Disk\</p><p>Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\</p><p>Lower Device Object: 0xfffffa80059e5060</p><p>Lower Device Driver Name: \Driver\atapi\</p><p>Driver name found: atapi</p><p>Initialization returned 0x0</p><p>Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)</p><p>Load Function returned 0x0</p><p>Initializing...</p><p>Done!</p><p><<<2>>></p><p>Device number: 0, partition: 2</p><p>Physical Sector Size: 512</p><p>Drive: 0, DevicePointer: 0xfffffa8005b71060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xfffffa8005b71b90, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xfffffa8005b71060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\</p><p>DevicePointer: 0xfffffa8005b70040, DeviceName: Unknown, DriverName: \Driver\hpdskflt\</p><p>DevicePointer: 0xfffffa80059e5060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\</p><p>Upper DeviceData: 0xfffff8a003c111b0, 0xfffffa8005b71060, 0xfffffa8005bb3300</p><p>Lower DeviceData: 0xfffff8a003db38f0, 0xfffffa80059e5060, 0xfffffa80050045e0</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Scanning directory: C:\Windows\system32\drivers...</p><p><<<2>>></p><p>Device number: 0, partition: 2</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Done!</p><p>Drive 0</p><p>Scanning MBR on drive 0...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: 29E95222</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Primary (0x7)</p><p> Partition is ACTIVE.</p><p> Partition starts at LBA: 2048 Numsec = 407552</p><p> Partition file system is NTFS</p><p> Partition is bootable</p><p></p><p> Partition 1 type is Primary (0x7)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 409600 Numsec = 938455040</p><p></p><p> Partition 2 type is Primary (0x7)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 938864640 Numsec = 37695488</p><p></p><p> Partition 3 type is Other (0xc)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 976560128 Numsec = 210992</p><p></p><p>Disk Size: 500107862016 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...</p><p>Done!</p><p>Performing system, memory and registry scan...</p><p>Done!</p><p>Scan finished</p></blockquote><p></p>
[QUOTE="cleojhilred, post: 118033, member: 7703"] All processes killed ========== OTL ========== C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\data folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\api-utils folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\lib folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\data folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\addon-kit folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\tests folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\lib folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\data folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\a folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\resources folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\locale folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\preferences folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\defaults folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\tmp folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\text-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\props folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn\prop-base folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org\.svn folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\kgcngo@xmmomglptujvwxntife.org folder moved successfully. Folder C:\Users\ann\AppData\Roaming\Mozilla\Firefox\Profiles\6a32jyo3.default\extensions\kgcngo@xmmomglptujvwxntife.org\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67097627-fd8e-4f6b-af4b-ecb65e50112e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67097627-fd8e-4f6b-af4b-ecb65e50112e}\ not found. Registry value HKEY_USERS\S-1-5-21-47251086-2544900640-1172179381-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{67097627-FD8E-4F6B-AF4B-ECB65E50112E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67097627-FD8E-4F6B-AF4B-ECB65E50112E}\ not found. Registry value HKEY_USERS\S-1-5-21-47251086-2544900640-1172179381-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{739DF940-C5EE-4BAB-9D7E-270894AE687A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{739DF940-C5EE-4BAB-9D7E-270894AE687A}\ not found. C:\ProgramData\29273d593f31_c moved successfully. ========== FILES ========== File\Folder C:\Users\ann\AppData\Local\DownloadTerms not found. C:\Program Files\Updater By SweetPacks\resources folder moved successfully. C:\Program Files\Updater By SweetPacks\libraries folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\defaults\preferences folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\defaults folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome\skin folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale\en-US folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome\locale folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\resources folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome\content\libraries folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome\content folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox\chrome folder moved successfully. C:\Program Files\Updater By SweetPacks\Firefox folder moved successfully. C:\Program Files\Updater By SweetPacks folder moved successfully. [color=#A23BEC]< ipconfig /flushdns /c >[/color] Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\ann\Desktop\cmd.bat deleted successfully. C:\Users\ann\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: ann ->Temp folder emptied: 623707751 bytes ->Temporary Internet Files folder emptied: 490021112 bytes ->FireFox cache emptied: 6835562 bytes ->Google Chrome cache emptied: 20676644 bytes ->Flash cache emptied: 824 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1900821 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 348537624 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50199 bytes RecycleBin emptied: 10938096 bytes Total Files Cleaned = 1,433.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.69.0 log created on 04252013_112833 Files\Folders moved on Reboot... C:\Users\ann\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S4OWCX03\openhand[1].cur moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S4OWCX03\Thread-22find--15401[3].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\0[2].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\bind[2].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\canvas[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\fastbutton[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\frame[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KA0Q6JXO\tweet_button.1366232305[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8X443K70\fastbutton[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8X443K70\frame[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8X443K70\recentposts[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5ZQJESJR\0[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5ZQJESJR\d=1[2].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5ZQJESJR\hovercard[1].htm moved successfully. C:\Users\ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. File move failed. C:\Windows\temp\sndappv2.log scheduled to be moved on reboot. C:\Windows\temp\~DF3F1C3D2B21CCAD18.TMP moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Malwarebytes Anti-Rootkit BETA 1.05.0.1001 www.malwarebytes.org Database version: v2013.04.25.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ann :: ANN-PC [administrator] 4/25/2013 11:47:14 AM mbar-log-2013-04-25 (11-47-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 28622 Time elapsed: 8 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKLM\SOFTWARE\CLASSES\INTERFACE\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> Delete on reboot. HKLM\SOFTWARE\CLASSES\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> Delete on reboot. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)Malwarebytes Anti-Rootkit BETA 1.05.0.1001 www.malwarebytes.org Database version: v2013.04.25.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ann :: ANN-PC [administrator] 4/25/2013 12:01:14 PM mbar-log-2013-04-25 (12-01-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 28563 Time elapsed: 8 minute(s), 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Malwarebytes Anti-Rootkit BETA 1.05.0.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.294000 GHz Memory total: 6170025984, free: 4332900352 ------------ Kernel report ------------ 04/25/2013 11:38:03 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\system32\DRIVERS\hpdskflt.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\avgrkx64.sys \SystemRoot\system32\DRIVERS\avgloga.sys \SystemRoot\system32\DRIVERS\avgmfx64.sys \SystemRoot\system32\DRIVERS\avgidsha.sys \SystemRoot\system32\DRIVERS\AtiPcie.sys \SystemRoot\system32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\Windows\system32\drivers\avgtpx64.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\avgtdia.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\avgldx64.sys \SystemRoot\system32\DRIVERS\avgidsdrivera.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\amdppm.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\athrx.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\usbohci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbfilter.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys \SystemRoot\system32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\enecir.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\Accelerometer.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\circlass.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtiHdmi.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\stwrt64.sys \SystemRoot\system32\DRIVERS\hidir.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\drivers\hidusb.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_msahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\spsys.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8005b70790 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xfffffa8005ac7060 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0) Load Function returned 0x0 Downloaded database version: v2013.04.25.05 Downloaded database version: v2013.04.22.01 Initializing... Done! <<<2>>> Device number: 0, partition: 2 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8005b70790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8005b701e0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8005b70790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8005b6f870, DeviceName: Unknown, DriverName: \Driver\hpdskflt\ DevicePointer: 0xfffffa8005ac7060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a0046d1880, 0xfffffa8005b70790, 0xfffffa800583b090 Lower DeviceData: 0xfffff8a008edbc20, 0xfffffa8005ac7060, 0xfffffa8005721a50 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 29E95222 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 407552 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 409600 Numsec = 938455040 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 938864640 Numsec = 37695488 Partition 3 type is Other (0xc) Partition is NOT ACTIVE. Partition starts at LBA: 976560128 Numsec = 210992 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)... Done! Performing system, memory and registry scan... Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} --> [PUP.FaceThemes] Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} --> [PUP.FaceThemes] Done! Scan finished Creating System Restore point... Scheduling clean up... <<<2>>> Device number: 0, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Removal successful. No system shutdown is required. ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.05.0.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.294000 GHz Memory total: 6170025984, free: 5045022720 Removal queue found; removal started Removal finished ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.05.0.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.294000 GHz Memory total: 6170025984, free: 4791779328 ------------ Kernel report ------------ 04/25/2013 11:52:07 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\system32\DRIVERS\hpdskflt.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\avgrkx64.sys \SystemRoot\system32\DRIVERS\avgloga.sys \SystemRoot\system32\DRIVERS\avgmfx64.sys \SystemRoot\system32\DRIVERS\avgidsha.sys \SystemRoot\system32\DRIVERS\AtiPcie.sys \SystemRoot\system32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\Windows\system32\drivers\avgtpx64.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\avgtdia.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\avgldx64.sys \SystemRoot\system32\DRIVERS\avgidsdrivera.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\amdppm.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\athrx.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\usbohci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbfilter.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys \SystemRoot\system32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\enecir.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\Accelerometer.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\circlass.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtiHdmi.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\stwrt64.sys \SystemRoot\system32\DRIVERS\hidir.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\drivers\hidusb.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_msahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8005b71060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xfffffa80059e5060 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0) Load Function returned 0x0 Initializing... Done! <<<2>>> Device number: 0, partition: 2 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8005b71060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8005b71b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8005b71060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8005b70040, DeviceName: Unknown, DriverName: \Driver\hpdskflt\ DevicePointer: 0xfffffa80059e5060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a003c111b0, 0xfffffa8005b71060, 0xfffffa8005bb3300 Lower DeviceData: 0xfffff8a003db38f0, 0xfffffa80059e5060, 0xfffffa80050045e0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 2 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 29E95222 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 407552 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 409600 Numsec = 938455040 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 938864640 Numsec = 37695488 Partition 3 type is Other (0xc) Partition is NOT ACTIVE. Partition starts at LBA: 976560128 Numsec = 210992 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)... Done! Performing system, memory and registry scan... Done! Scan finished [/QUOTE]
Insert quotes…
Verification
Post reply
Top
