0

Hello. Not too long ago, I started getting error messages every time I started my computer that said this:

"Error loading C:\Windows\ofanomohagiqin.dll"
"Error loading C:\Windows\rmopup.dll"

And this happens every time I get to the desktop. At first I didn't think much of it, but then I noticed that folders on my desktop were disappearing without a trace. The folders were in another folder on my desktop called 'Stuff', and they disappeared before I realized it. I tried to do a System Restore, and the folders came back but not the files themselves. I ran chkdsk and it was deleting indexes which leads me to believe that the files were misplaced by the computer, but when I looked this up on Google, I found only one person who had missing desktop folders AND error messages but their error messages were different (the person who helped them said it was a trojan/worm). I ran GMER, ddr, and ATFCleaner, however when I tried to run a full scan in Malwarebytes, it would always freeze and not respond after about 39-43 seconds at either of these two locations:

C:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSE.12.1033.hxn
C:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx.hxn

To get around this, I rebooted and safe mode and I was able to run a full scan, which found 4 viruses/malware. Here are the logs:

GMER One.log

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit quick scan 2011-04-10 09:43:23
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 ST380011A rev.3.16
Running: zon5364g.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pfxiipob.sys


---- System - GMER 1.0.15 ----

SSDT spjc.sys ZwEnumerateKey [0xF74F8E4C]
SSDT spjc.sys ZwEnumerateValueKey [0xF74F91DA]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB1903BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB19039D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB1903B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdePort0 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 897291F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----


GMER Two.log


GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-10 13:56:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 ST380011A rev.3.16
Running: zon5364g.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pfxiipob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xB18F6CF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xB18F6BAC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xB18F7160]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xB18F708A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xB18F6782]
SSDT spjc.sys ZwEnumerateKey [0xF74F8E4C]
SSDT spjc.sys ZwEnumerateValueKey [0xF74F91DA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xB18F6C86]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xB18F66C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xB18F6726]
SSDT spjc.sys ZwQueryKey [0xF74F92B2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xB18F6DA6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB18F722E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xB18F6D66]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xB18F6EE6]

INT 0x62 ? 8972AC88
INT 0x63 ? 895BEC88
INT 0x82 ? 8972AC88
INT 0xA4 ? 895BEC88
INT 0xB4 ? 895BEC88

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB1903BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB19039D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB1903B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 897291F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fastfat \FatCdrom 88EAF1F8

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBPDO-0 89559470
Device \Driver\usbuhci \Device\USBPDO-1 89559470
Device \Driver\usbuhci \Device\USBPDO-2 89559470
Device \Driver\usbehci \Device\USBPDO-3 89560470

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 897971F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 897971F8
Device \Driver\Cdrom \Device\CdRom0 895F51F8
Device \Driver\atapi \Device\Ide\IdePort0 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Ftdisk \Device\HarddiskVolume3 897971F8
Device \Driver\Cdrom \Device\CdRom1 895F51F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89527470
Device \Driver\NetBT \Device\NetbiosSmb 89527470

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBFDO-0 89559470
Device \Driver\usbuhci \Device\USBFDO-1 89559470
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8959C1F8
Device \Driver\usbuhci \Device\USBFDO-2 89559470
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8959C1F8
Device \Driver\usbehci \Device\USBFDO-3 89560470
Device \Driver\Ftdisk \Device\FtControl 897971F8
Device \FileSystem\Fastfat \Fat 88EAF1F8

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Cdfs \Cdfs 88ED5470

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x11 0xEB 0xCC 0xCF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x11 0xEB 0xCC 0xCF ...

---- Files - GMER 1.0.15 ----

File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_SLIDIN.WAV 288136 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_SLIPAWAY.WAV 25820 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_SLOWATTACK.WAV 146320 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_SMASHFACE.WAV 121658 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_STARTITUP.WAV 130104 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_STOPSIGN.WAV 146384 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_TEXUREDMESS.WAV 142378 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_TORNAPART.WAV 43946 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_TRIPPY.WAV 87126 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_VIBRASLIDE1.WAV 255132 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_VIBRASLIDE2.WAV 338382 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_WAHPEDAL.WAV 65116 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_WAVEOFWAH.WAV 191178 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_WHAMMYBAR.WAV 76268 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_WHATANDEDGE.WAV 165898 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\LECTRIC GUITAR\EG_WITHANEDGE.WAV 51840 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_1DAYNBRISTOL.WAV 64438 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_BRIGHTLIGHTS.WAV 280550 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_CRAZYTRAIN.WAV 117156 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_FOOLPROOF.WAV 279670 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_HAILSTORM.WAV 111584 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_HARMONY.WAV 62400 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_NEWJACKCITY.WAV 211416 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_NISHIMURA.WAV 46692 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_ONEONONE.WAV 120496 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_ONTHEONE.WAV 189360 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_SHRIEK.WAV 77520 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_SIMPLEPLAN.WAV 228122 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_THEORY.WAV 176416 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_TONIGHT.WAV 74880 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_UPTHEANTE.WAV 81414 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\MASSIVE STRINGS\OS_VICTORY.WAV 176526 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_AMPHUM.WAV 118754 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_AXETOGRIND.WAV 13814 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_BOMBSBAGHDAD.WAV 161620 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_CAMERAWIND2.WAV 150880 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_CELLRING10.WAV 180956 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_CHOPPY.WAV 68826 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_CUTSHORT.WAV 29290 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_KILLTHATBIRD.WAV 223404 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_LOWFICHOP.WAV 23904 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_MYPAGER.WAV 43592 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_OKAYTENFOUR.WAV 229914 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_PITCHEDUP.WAV 27356 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_SHAZAM.WAV 40054 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\FX_TOOTHCHECK.WAV 100458 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\VX_CLICK.WAV 5480 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\SFX\VX_SQUEAKYWHEEL.WAV 27674 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\TT_HEADACHE.WAV 37594 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\TT_SIZZLA.WAV 356412 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\TT_SONICSCREECH.WAV 59326 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_ACOUSTICFAME.WAV 107208 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_ATTHEOPERA.WAV 92744 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_BASECAMP.WAV 34114 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_BASSNKICK.WAV 27716 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_BITEDABULLET.WAV 107744 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_BOUNCING.WAV 115924 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CARTOON.WAV 54250 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CRANKTHEAMP.WAV 26160 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CREATIVE.WAV 62774 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CRITICAL.WAV 57236 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CRUDEVERSION.WAV 63680 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CUTTINGEDGE.WAV 20260 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 1\VF_CYBERHIPHOP.WAV 129362 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_DARKREVERSE.WAV 288334 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_DEADFLY.WAV 29998 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_DIRTYVILLE.WAV 78946 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_ECSTASY.WAV 107276 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_FLYNBULLETS.WAV 61442 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_FRANTIC.WAV 61262 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_FROMSCRATCH.WAV 38028 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_KICKITLIVE.WAV 36154 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_KNOCKKNOCK.WAV 70242 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_LACKADAZE.WAV 120458 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_LIBERTY.WAV 82956 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_LIPSERVICE.WAV 103066 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_R2D2.WAV 62148 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_RADARBLIP.WAV 86640 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_RADICAL.WAV 123576 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 2\VF_RAILROAD.WAV 138674 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_RATTLE.WAV 82220 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_REVOLUTION.WAV 111840 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_REWINDVOX.WAV 132578 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_REWINGTHIS.WAV 49170 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_RINGDAALARM.WAV 124260 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_RITEBACKATYA.WAV 94208 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_ROLL.WAV 65624 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_ROTATETHIS.WAV 43902 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_ROUGHCUT.WAV 59998 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_RUNDOWN.WAV 72488 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_RUSH2DAHEAD.WAV 24786 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_SABATOGE.WAV 58136 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_SCRATCHFACE.WAV 118956 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_SCREACH.WAV 119596 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_SENDAMESSAGE.WAV 217854 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 3\VF_SETTHAMOOD.WAV 179682 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SHAGGY.WAV 76498 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SHAKE.WAV 86228 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SHOTNDADARK.WAV 277314 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SICKNDIRTY.WAV 94646 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SIGNAL.WAV 32602 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SINGLESHOT.WAV 16612 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SLAMTASTIC.WAV 60022 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SLASHMEUP.WAV 54710 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SLICEDNDICED.WAV 79202 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SLICENDICE.WAV 79604 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SLITHERFISH.WAV 157400 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SNARENKICK.WAV 42118 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SONICSWEEP.WAV 106954 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SOULATTACK.WAV 144792 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SPEDUPNDOWN.WAV 167284 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 4\VF_SPINCYCLE.WAV 19964 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SPINTHECRIB.WAV 145992 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SPLASHOUT.WAV 46188 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_STABNTHEDARK.WAV 44468 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_STARTMEUP.WAV 84132 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_STEPKICK.WAV 26200 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_STRANGEWAYS.WAV 80414 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_STRINGSPLASH.WAV 46774 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SUBWAYTUNNEL.WAV 225164 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SUGARMOMMA.WAV 27206 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SUPERNATURAL.WAV 124778 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SWEEPER.WAV 145748 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SWEEPINGTONE.WAV 25792 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SWEETSOUNDS.WAV 97110 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_SWINGTIME.WAV 40678 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_TATTOOLOVER.WAV 46418 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 5\VF_WEBWEWEAVE.WAV 27408 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_RUFFNESS.WAV 72832 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_SPINOUT.WAV 218994 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_TIMEDELAY.WAV 402514 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_TIMEPORTAL.WAV 104342 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_TOGETHERNOW.WAV 70790 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_TRAFFIC.WAV 112716 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_TRANSMISSION.WAV 70762 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WAVEOFTERROR.WAV 76492 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WAXJOB.WAV 31862 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WAXONDOPE.WAV 191936 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WAXPAPER.WAV 55238 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WEIRDO.WAV 100730 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WHICHWAY.WAV 148148 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WHIPLASH.WAV 101532 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WICWAC.WAV 47696 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VINYL FX 6\VF_WILDBELL.WAV 149522 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_DROPABEAT.WAV 81096 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_EVILLAUGH2.WAV 278358 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_HEARITAGAIN.WAV 219094 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_IMYOURPUSHA.WAV 123404 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_LEFTJAB.WAV 21670 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_LETSDOIT.WAV 94254 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_MOUTHHIGHAT4.WAV 5122 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_ONCEAGAIN.WAV 169210 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_REVENGE.WAV 170724 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_REWINDSELECT.WAV 74454 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_SMOKEDAPIPE.WAV 160492 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_STEPINLINE.WAV 169166 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_UPCLOSE.WAV 53358 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_VOCALWAX.WAV 103356 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_YA.WAV 52864 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 1\VX_YOHIGH.WAV 37178 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_ACCESSDENIED.WAV 56416 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_AHHH.WAV 54806 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BADMAN.WAV 106708 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXGOD.WAV 64278 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXLOOP2.WAV 178256 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXLOOP3.WAV 135010 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXLOOP4.WAV 199464 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXLOOP5.WAV 148356 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXLOOP6.WAV 95370 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBOXLOOP7.WAV 73006 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_BEATBXRUFKIK.WAV 52736 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_CHOIR.WAV 202958 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_CRAZYFACE.WAV 200194 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_ENHANCEBTBOX.WAV 116254 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_EVILLAUGH1.WAV 139888 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\VOX TRAX 2\VX_FOXY.WAV 125718 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_FLUTERIFF10.WAV 151334 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_FLUTERIFF2.WAV 137288 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_FLUTERIFF4.WAV 292694 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_FLUTERIFF5.WAV 222372 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_FLUTERIFF7.WAV 263310 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_FLUTERIFF8.WAV 184508 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_THEPASSING.WAV 82322 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_TRANSIENT.WAV 59424 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\FT_WAVER.WAV 205688 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_DEEPHORN.WAV 57238 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_LOST.WAV 201022 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_MANIACHORN.WAV 126202 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_PHATTUBA.WAV 39746 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_RAREHORN.WAV 216398 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_ROBOTICHORN.WAV 53424 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 1\HN_SCAREDHORN.WAV 195272 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_SCREAMNHORN.WAV 29400 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_SHIPHORN.WAV 67308 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_SHOWHORN.WAV 198210 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_SIKHORN.WAV 25370 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_TRAINCOMING.WAV 273030 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_VINTAGEHORN.WAV 55002 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_WACHORN.WAV 42148 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_WARCRY.WAV 116320 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_WARMHORN.WAV 63508 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\HN_XRATEDHORN.WAV 201052 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\SX_DEEPBREATH.WAV 132674 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\SX_DIRTYSQUEEL.WAV 188392 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\SX_MANKILLER.WAV 261366 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\SX_SAXHUMP.WAV 15218 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\SX_SAXPISTOL.WAV 88320 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 2\SX_SEXAPHONE.WAV 27516 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\HN_TUGBOAT.WAV 93228 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_SICKINBED.WAV 81736 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_SKILEDLABOUR.WAV 131886 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_SLIPIN.WAV 58432 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_SNIPIT.WAV 63800 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_STARISBORN.WAV 250316 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_SWEETBABY.WAV 35848 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_SWEETEBONY.WAV 128908 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_TAKEAPILL.WAV 136498 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_TONEDEF.WAV 62464 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_TRIPLIGHTS.WAV 124786 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_WARHORSE.WAV 30524 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_WASHAWAY.WAV 161232 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_WAVEOFSOUND.WAV 190462 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_WKRP.WAV 46806 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\SECRET STASH - WAV\WICKED WIND 3\SX_XTREME.WAV 81588 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\H_ATTENTION2.WAV 9110 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\H_BROKEN.WAV 11114 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\H_HOTNHEAVY.WAV 3306 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\H_RUSTYCAN.WAV 11030 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\K_ALLROUND.WAV 27782 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\K_KOMBOKILLA.WAV 32448 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\K_LIGHTSUB.WAV 183550 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\K_SATURATION.WAV 22450 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\P_DROPINBEAT.WAV 35434 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\P_LOTTACLAP.WAV 21216 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\P_SICKSHAKER.WAV 72340 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\P_SOFTCONGA.WAV 92290 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\S_GOLDEN.WAV 29412 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\S_LASTWISH.WAV 16882 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\S_OVERTHERE.WAV 15320 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ RUFF KIT\S_ROKERY.WAV 16516 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\H_GREATHAT.WAV 11476 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\H_INCIRCLES.WAV 16984 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\H_KRAZED.WAV 21244 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\H_OLDNEWZ.WAV 10140 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\K_ANGRYKICK.WAV 28568 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\K_KOFFE.WAV 21444 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\K_RIDEON.WAV 14282 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\K_THABONES.WAV 29448 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\P_CLAPKID.WAV 34382 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\P_RIMSHOTA.WAV 23030 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\P_TAILEND.WAV 25086 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\P_THEROCKET.WAV 69730 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\S_BEEFEDUP.WAV 56280 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\S_JITTABUG.WAV 34354 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\S_MASTER.WAV 42186 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ARMY KIT\S_SLASHIN.WAV 28594 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\H_BOOSTN.WAV 7962 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\H_ILLDREAD.WAV 22600 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\H_REALDEAL.WAV 10240 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\H_SAMPLETHIS.WAV 16262 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\K_BADCOMPANY.WAV 27506 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\K_COBRAKILLA.WAV 30058 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\K_KREAL.WAV 19514 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\K_RATTLIN.WAV 13250 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\P_ALPHAGANZA.WAV 35786 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\P_BONGTIME.WAV 24870 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\P_NICERIDE.WAV 70016 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\P_ZCLAPBOSS.WAV 23060 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\S_FORCEFEED.WAV 25854 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\S_LAPD.WAV 23080 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\S_SLIPKNOT.WAV 10378 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ ATTACK KIT\S_SUBWAY.WAV 28764 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\H_MPCPACKED.WAV 14216 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\H_OVERHOURS.WAV 28402 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\H_ROLLS.WAV 12508 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\H_STEPUPMYMAN.WAV 11764 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\K_AWILDHIT.WAV 39016 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\K_CREATED.WAV 30276 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\K_KMART.WAV 12450 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\K_STREETDIGS.WAV 19650 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\P_CLICK.WAV 34626 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\P_DEADLY.WAV 3882 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\P_RATTAT.WAV 127818 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\P_SCRATCHIT.WAV 16820 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\S_FAT.WAV 25718 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\S_LONGNDIRTY.WAV 34704 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\S_PRAISE.WAV 12870 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BAD KIT\S_RIM2WIN.WAV 39364 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\H_BABYGIRL.WAV 13426 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\H_JOKEALLDAY.WAV 19826 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\H_PASTNEW.WAV 15808 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\H_STANDUP.WAV 14732 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\K_9GAUGE.WAV 15946 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\K_MC2003.WAV 22902 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\K_OFFCENTER.WAV 33600 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\K_SLAPCITY.WAV 17832 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\P_CLEANTAM.WAV 33890 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\P_FEWFINGERS.WAV 88472 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\P_GOTCHA.WAV 32282 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\P_SHASHA.WAV 32754 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\S_JIGGADIGGA.WAV 19216 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\S_JUSTASNIP.WAV 24926 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\S_ONTHATARGET.WAV 12546 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BIG KIT\S_PUSH.WAV 26396 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\H_HIPPYTRIPPY.WAV 14766 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\H_OPENHOLE.WAV 50744 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\H_RAPFREAK.WAV 28742 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\H_WARM.WAV 14758 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\K_2SWIGS.WAV 20812 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\K_COMPTONYARD.WAV 15586 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\K_GOTGAME.WAV 29858 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\K_XRATEDSUB.WAV 76344 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\P_4321.WAV 76396 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\P_CLAP2THABEAT.WAV 27516 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\P_FOUNDATION.WAV 62578 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\P_INDAYARD.WAV 41004 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\S_DIRTY.WAV 41964 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\S_GOGETEM.WAV 17986 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\S_SHOUTOUT.WAV 16120 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BLING BOX KIT\S_SP1200ENVY.WAV 13060 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\H_HEARTFELT.WAV 27564 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\H_LILBITE.WAV 52186 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\H_LISTEN2ME.WAV 28566 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\H_SIZZLIN.WAV 39070 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\K_DARKHIT.WAV 26838 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\K_JACKEDUP.WAV 14056 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\K_NORTHOF60.WAV 19712 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\K_STUBBY.WAV 76868 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\P_3FINGABROWN.WAV 96596 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\P_GRINDINBEATS.WAV 31460 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\P_KINDADOPE.WAV 18334 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\P_SOULREAPER.WAV 31552 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\S_2GOOD.WAV 26896 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\S_SLAPSTIK.WAV 24572 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\S_SOMEVERB.WAV 47760 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ BOOM KIT\S_WESTSIDE.WAV 28322 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\H_DISEASE.WAV 6904 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\H_INYAFACE.WAV 15584 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\H_REASON4YA.WAV 29450 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\H_SMILEYA.WAV 30988 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\K_CHOCLAIR.WAV 31912 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\K_GAMESOVER.WAV 36220 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\K_LASTING.WAV 12762 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\K_TONESHOT.WAV 185084 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\P_CHICKCLAP.WAV 25078 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\P_SHAKEYOURBODY.WAV 44822 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\P_TRIPPED.WAV 33808 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\P_VECTORBASED.WAV 3068 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\S_HAYMAKER.WAV 18984 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\S_MAJORWORK.WAV 42716 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\S_PUREJOKES4U.WAV 13138 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ CHILLIN KIT\S_SOFT.WAV 11494 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\H_GETAGUN.WAV 35312 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\H_HIPHOPX.WAV 16416 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\H_LITEITUP.WAV 14466 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\H_ROCKNHAT.WAV 16346 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\K_BUMPIN4.WAV 17302 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\K_IWILLFOLLOW.WAV 28506 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\K_MASTERX.WAV 21080 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\K_SUBTRAKTOR.WAV 107522 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\P_DOTHASHAKE.WAV 45796 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\P_SUPPASERVED.WAV 15192 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\P_TAMATTACK.WAV 45126 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\P_TOMMYHILL.WAV 20624 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\S_HEATED.WAV 29546 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\S_LILEQMYMAN.WAV 17744 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\S_PHILLYBLUNT.WAV 11070 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEAD KIT\S_SUCKA7.WAV 23370 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\H_4THAG.WAV 22210 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\H_DARKNITE.WAV 28462 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\H_GUNTALK.WAV 20738 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\H_SOLIDGOLD.WAV 3022 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\K_98POSSE2.WAV 27406 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\K_COOPER.WAV 37232 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\K_HASBALLS.WAV 29764 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\K_SKOOLIN.WAV 29716 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\P_BEASTIE.WAV 40136 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\P_CONGASHOW.WAV 130732 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\P_MEATYCLAP.WAV 24856 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\P_QTIP.WAV 67474 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\S_1RIM.WAV 18888 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\S_FASTATTACK.WAV 13928 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\S_HITMEHARD.WAV 18940 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DEEP 16 KIT\S_KOOL.WAV 9638 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\H_FATKID.WAV 32726 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\H_HIGHSKOOL.WAV 11084 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\H_MYSOULJA.WAV 10178 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\H_SOLONG.WAV 8694 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\K_BBQ.WAV 24234 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\K_DANCENOW.WAV 30496 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\K_GOLDENDIG.WAV 18666 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\K_THAVIPPER.WAV 18572 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\P_BURST.WAV 93150 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\P_DOWNTHAPIPE.WAV 36250 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\P_FLAVA.WAV 52688 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\P_VINTAGECLAP.WAV 32548 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\S_CRUSH.WAV 27050 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\S_HOUSEPARTY.WAV 21198 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\S_ILLHIT.WAV 9908 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DIRTY KIT\S_MODEEP.WAV 25698 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\H_HEAVYHIT.WAV 75850 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\H_INTHARED.WAV 4202 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\H_NICEBOOTY.WAV 10480 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\H_RUFFSTIK.WAV 12550 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\K_BELLACHE.WAV 17548 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\K_MRMC.WAV 25728 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\K_RUSTYCAGE.WAV 14896 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\K_SIZZLEKICK.WAV 250562 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\P_KRASH.WAV 44986 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\P_OLDTAMB.WAV 36570 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\P_SCARYHOWL.WAV 18082 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\P_SOULSAKER.WAV 16622 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\S_ONTHABOTTOM.WAV 17224 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\S_SISTALUVA.WAV 27622 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\S_STARFISH.WAV 36826 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ DOPE KIT\S_WRAPITUP.WAV 28850 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\H_2WAY.WAV 16500 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\H_HARDHAT.WAV 8746 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\H_JAILBAIT.WAV 11100 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\H_LOWBALL.WAV 10746 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\K_APASSION.WAV 35474 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\K_BULLETKICK.WAV 184518 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\K_KOPPER.WAV 18566 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\K_SWIRLKIK.WAV 27504 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\P_ALAVERB.WAV 58182 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\P_DOWN2IT.WAV 97074 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\P_HARDHIT.WAV 21792 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\P_SANTA.WAV 41120 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\S_DRAWNOUT.WAV 47426 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\S_INDIGOSUN.WAV 66530 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\S_MOVEONOVER.WAV 24736 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ HARD KIT\S_RINGOUT.WAV 30146 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ KOOL KIT 0 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ KOOL KIT\H_BEARTRAP.WAV 26940 bytes
File C:\Program Files\Image-Line\FL Studio 7\Data\Patches\Packs\URBAN WARFARE - WAV\ KOOL KIT\H_CREWKILLA.WAV

3
Contributors
66
Replies
67
Views
6 Years
Discussion Span
Last Post by jholland1964
0

You didn't tell MBA-M to fix the items found. You DO have serious infection on the computer.
Please read carefully and follow these steps.

* Download TDSSKiller and save it to your Desktop.
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
* Extract its contents to your desktop.
* Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

* If an infected file is detected, the default action will be Cure, click on Continue.

* If a suspicious file is detected, the default action will be Skip, click on Continue.

* It may ask you to reboot the computer to complete the process. Click on Reboot Now.

* If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Edited by jholland1964: n/a

0

When I was running Malwarebytes, I did actually tell it to remove the items, but for some reason it didn't say that on the log.

Anyway, I ran TDSSKiller and the default action was Skip. Here's the log:

2011/04/10 23:18:57.0595 3512 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/10 23:18:57.0705 3512 ================================================================================
2011/04/10 23:18:57.0705 3512 SystemInfo:
2011/04/10 23:18:57.0705 3512
2011/04/10 23:18:57.0705 3512 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/10 23:18:57.0705 3512 Product type: Workstation
2011/04/10 23:18:57.0705 3512 ComputerName: IRVING-RQIHM94R
2011/04/10 23:18:57.0705 3512 UserName: Owner
2011/04/10 23:18:57.0705 3512 Windows directory: C:\WINDOWS
2011/04/10 23:18:57.0705 3512 System windows directory: C:\WINDOWS
2011/04/10 23:18:57.0705 3512 Processor architecture: Intel x86
2011/04/10 23:18:57.0705 3512 Number of processors: 1
2011/04/10 23:18:57.0705 3512 Page size: 0x1000
2011/04/10 23:18:57.0705 3512 Boot type: Normal boot
2011/04/10 23:18:57.0705 3512 ================================================================================
2011/04/10 23:18:58.0798 3512 Initialize success
2011/04/10 23:19:05.0705 1768 ================================================================================
2011/04/10 23:19:05.0705 1768 Scan started
2011/04/10 23:19:05.0705 1768 Mode: Manual;
2011/04/10 23:19:05.0705 1768 ================================================================================
2011/04/10 23:19:06.0564 1768 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/04/10 23:19:06.0751 1768 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/10 23:19:06.0861 1768 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/10 23:19:07.0048 1768 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/10 23:19:07.0173 1768 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/04/10 23:19:07.0736 1768 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/04/10 23:19:07.0830 1768 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/04/10 23:19:07.0955 1768 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/04/10 23:19:08.0064 1768 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2011/04/10 23:19:08.0173 1768 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/04/10 23:19:08.0267 1768 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/10 23:19:08.0361 1768 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/10 23:19:08.0501 1768 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/10 23:19:08.0611 1768 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/10 23:19:08.0736 1768 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/10 23:19:08.0861 1768 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/10 23:19:09.0017 1768 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/10 23:19:09.0142 1768 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/10 23:19:09.0236 1768 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/10 23:19:09.0783 1768 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/10 23:19:09.0923 1768 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/10 23:19:10.0064 1768 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/10 23:19:10.0158 1768 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/10 23:19:10.0283 1768 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/10 23:19:10.0455 1768 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/10 23:19:10.0564 1768 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/10 23:19:10.0689 1768 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/10 23:19:10.0783 1768 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/10 23:19:10.0908 1768 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/04/10 23:19:11.0017 1768 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/10 23:19:11.0095 1768 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/10 23:19:11.0158 1768 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/10 23:19:11.0251 1768 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/04/10 23:19:11.0376 1768 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/10 23:19:11.0486 1768 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/10 23:19:11.0642 1768 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/04/10 23:19:11.0751 1768 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/04/10 23:19:11.0876 1768 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/04/10 23:19:11.0986 1768 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/10 23:19:12.0220 1768 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
2011/04/10 23:19:12.0345 1768 ialm (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/04/10 23:19:12.0517 1768 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/10 23:19:12.0673 1768 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/10 23:19:12.0767 1768 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/10 23:19:12.0892 1768 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/10 23:19:12.0986 1768 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/10 23:19:13.0330 1768 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/10 23:19:13.0439 1768 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/10 23:19:13.0564 1768 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/10 23:19:13.0642 1768 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/10 23:19:13.0751 1768 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/10 23:19:13.0861 1768 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/10 23:19:13.0986 1768 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/04/10 23:19:14.0080 1768 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/10 23:19:14.0205 1768 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/10 23:19:14.0376 1768 libusb0 (e2f1dcf4a68cc6cf694fbfba1842f4cd) C:\WINDOWS\system32\drivers\libusb0.sys
2011/04/10 23:19:14.0533 1768 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/10 23:19:14.0626 1768 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/10 23:19:14.0720 1768 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/10 23:19:14.0830 1768 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/10 23:19:14.0939 1768 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/10 23:19:15.0126 1768 MRVW245 (2d08cc87218aef0d21865ad07df2b5a7) C:\WINDOWS\system32\DRIVERS\MRVW245.sys
2011/04/10 23:19:15.0314 1768 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/10 23:19:15.0439 1768 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/10 23:19:15.0611 1768 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/10 23:19:15.0689 1768 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/10 23:19:15.0767 1768 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/10 23:19:15.0876 1768 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/10 23:19:16.0001 1768 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/10 23:19:16.0095 1768 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/10 23:19:16.0205 1768 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/10 23:19:16.0298 1768 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/10 23:19:16.0392 1768 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/10 23:19:16.0486 1768 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/10 23:19:16.0580 1768 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/10 23:19:16.0689 1768 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/10 23:19:16.0783 1768 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/10 23:19:16.0955 1768 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/10 23:19:17.0064 1768 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/10 23:19:17.0220 1768 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/10 23:19:17.0314 1768 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/10 23:19:17.0423 1768 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/10 23:19:17.0595 1768 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/10 23:19:17.0689 1768 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/10 23:19:17.0783 1768 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/10 23:19:17.0892 1768 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/10 23:19:18.0033 1768 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2011/04/10 23:19:18.0126 1768 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/10 23:19:18.0548 1768 PfModNT (c8a2d6ff660ac601b7bb9a9b16a5c25e) C:\WINDOWS\system32\drivers\PfModNT.sys
2011/04/10 23:19:18.0673 1768 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/10 23:19:18.0767 1768 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/04/10 23:19:18.0892 1768 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/10 23:19:19.0080 1768 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/10 23:19:19.0423 1768 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/10 23:19:19.0533 1768 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/10 23:19:19.0658 1768 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/10 23:19:19.0751 1768 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/10 23:19:19.0861 1768 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/10 23:19:19.0923 1768 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/10 23:19:20.0033 1768 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/10 23:19:20.0142 1768 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/10 23:19:20.0345 1768 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/10 23:19:20.0486 1768 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2011/04/10 23:19:20.0658 1768 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/10 23:19:20.0751 1768 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/10 23:19:20.0908 1768 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/10 23:19:21.0080 1768 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
2011/04/10 23:19:21.0236 1768 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/10 23:19:21.0376 1768 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2011/04/10 23:19:21.0376 1768 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/04/10 23:19:21.0392 1768 sptd - detected Locked file (1)
2011/04/10 23:19:21.0517 1768 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/10 23:19:21.0642 1768 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/10 23:19:21.0876 1768 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/10 23:19:22.0017 1768 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/10 23:19:22.0298 1768 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/10 23:19:22.0439 1768 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/10 23:19:22.0580 1768 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/10 23:19:22.0689 1768 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/10 23:19:22.0814 1768 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/10 23:19:22.0970 1768 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/10 23:19:23.0236 1768 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/10 23:19:23.0564 1768 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/04/10 23:19:23.0705 1768 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/04/10 23:19:23.0830 1768 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/10 23:19:23.0955 1768 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/10 23:19:24.0064 1768 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/10 23:19:24.0173 1768 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/10 23:19:24.0283 1768 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/10 23:19:24.0392 1768 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/10 23:19:24.0501 1768 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/10 23:19:24.0626 1768 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/10 23:19:24.0767 1768 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/10 23:19:24.0908 1768 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/10 23:19:25.0064 1768 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/10 23:19:25.0236 1768 WmBEnum (1abfd1399436e81c9d857f5fc76eaf98) C:\WINDOWS\system32\drivers\WmBEnum.sys
2011/04/10 23:19:25.0330 1768 WmFilter (b3cfcbcc91ff61ef82fc693b8b57e7f0) C:\WINDOWS\system32\drivers\WmFilter.sys
2011/04/10 23:19:25.0470 1768 WmVirHid (a40d2dd0f019423ef6c363f1295eb38d) C:\WINDOWS\system32\drivers\WmVirHid.sys
2011/04/10 23:19:25.0580 1768 WmXlCore (2bf505424f469155cd90d7b3301d7adc) C:\WINDOWS\system32\drivers\WmXlCore.sys
2011/04/10 23:19:25.0673 1768 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/04/10 23:19:25.0830 1768 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/04/10 23:19:25.0923 1768 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/04/10 23:19:26.0220 1768 ================================================================================
2011/04/10 23:19:26.0220 1768 Scan finished
2011/04/10 23:19:26.0220 1768 ================================================================================
2011/04/10 23:19:26.0236 2888 Detected object count: 1
2011/04/10 23:19:48.0486 2888 Locked file(sptd) - User select action: Skip

0

Did you reboot MBA-M after hitting Remove Selected? You must reboot in order to have items fixed.
Ok, try this:
Please download ComboFix by sUBs from

http://www.bleepingcomputer.com/download/anti-virus/combofix

Please note that the BleepingComputer.com download link will expire in 10 minutes after you click it so if you don’t click within ten minutes after reaching the page you will need to refresh the page.

• You must download it to and run it from your Desktop
• Physically disconnect from the internet.
• Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
• Double click combofix.exe & follow the prompts.
• When ComboFix has finished running, you will see a screen stating that it is preparing the log report
• This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
• Re-enable all the programs that were disabled during the running of ComboFix..
• Then post back here with that log and a new scan log from HiJackThis.

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

0

Here's the Combofix log:

ComboFix 11-04-10.02 - Administrator 04/11/2011 0:15.2.1 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.1017 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\Application Data\Dealio
c:\documents and settings\Owner\Local Settings\Application Data\{F58A8257-CB31-4F22-823C-BDE82595D4BE}
c:\documents and settings\Owner\Local Settings\Application Data\{F58A8257-CB31-4F22-823C-BDE82595D4BE}\chrome.manifest
c:\documents and settings\Owner\Local Settings\Application Data\{F58A8257-CB31-4F22-823C-BDE82595D4BE}\chrome\content\_cfg.js
c:\documents and settings\Owner\Local Settings\Application Data\{F58A8257-CB31-4F22-823C-BDE82595D4BE}\chrome\content\overlay.xul
c:\documents and settings\Owner\Local Settings\Application Data\{F58A8257-CB31-4F22-823C-BDE82595D4BE}\install.rdf
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\c14UKK.jpg
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\m6Ku4.jpg
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcUnR5C.jpg
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\SOkk1.jpg
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\Dealio Toolbar\IE\4.3\config.ini
c:\program files\Dealio Toolbar\IE\4.3\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\Internet Explorer\SET2DA.tmp
c:\program files\Internet Explorer\SET2DF.tmp
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000019_.tmp.dll
c:\windows\system32\_000020_.tmp.dll
c:\windows\system32\_000021_.tmp.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-03-11 to 2011-04-11 )))))))))))))))))))))))))))))))
.
.
2011-04-10 19:48 . 2011-04-10 19:48 -------- d-----w- c:\documents and settings\Administrator
2011-04-10 06:17 . 2011-04-10 06:17 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-10 06:14 . 2011-04-10 06:14 -------- d-----w- c:\program files\Application Updater
2011-04-10 06:14 . 2011-04-10 06:14 -------- d-----w- c:\program files\Common Files\Spigot
2011-04-10 06:14 . 2011-04-10 06:14 -------- d-----w- c:\documents and settings\Owner\Application Data\Search Settings
2011-04-10 04:02 . 2011-04-10 04:02 -------- d-----w- c:\program files\EASEUS
2011-03-21 07:12 . 2004-06-22 15:05 90112 ----a-w- c:\windows\system32\hpovst08.dll
2011-03-21 07:12 . 2004-06-22 15:05 581632 ----a-w- c:\windows\system32\hpotscl.dll
2011-03-21 07:12 . 2004-06-22 15:05 180315 ----a-w- c:\windows\system32\hpzsnt10.dll
2011-03-19 23:23 . 2011-03-19 23:23 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Identities
2011-03-19 23:23 . 2011-03-21 21:00 -------- d-----w- c:\documents and settings\Owner\Application Data\Gyiz
2011-03-19 23:23 . 2011-03-21 19:05 -------- d-----w- c:\documents and settings\Owner\Application Data\Hivuhe
2011-03-14 19:53 . 2011-03-14 19:53 -------- d-----w- c:\program files\iPod
2011-03-14 19:53 . 2011-03-14 19:54 -------- d-----w- c:\program files\iTunes
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 20:36 . 2010-12-23 04:29 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 20:36 . 2010-12-23 04:29 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 13:53 . 2003-07-16 20:43 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-07-16 20:27 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2010-03-28 23:54 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-03-28 23:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-07-16 20:44 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 14:21 . 2011-01-13 14:21 94208 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{31800004-6386-4999-A519-518F2D78D8F0}\python_icon.exe
2011-01-13 03:53 . 2011-01-13 03:53 188128 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-01-13 03:21 . 2011-01-13 03:19 205984 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-22 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-22 126976]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-07-22 425984]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]
"LXBSCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBStime.dll" [2004-03-17 65536]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Connection Manager.lnk - c:\program files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe [2010-3-28 20525056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/9/2010 3:19 PM 697328]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [1/24/2011 5:09 PM 33792]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/28/2010 9:37 PM 165584]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [1/28/2011 6:10 PM 387072]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/28/2010 9:37 PM 17744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1004336348-682003330-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-27 15:38]
.
2011-04-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1004336348-682003330-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-27 15:38]
.
.
------- Supplementary Scan -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\elg9d4tm.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=135963&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Veoh Video Compass: searchrecs@veoh.com - %profile%\extensions\searchrecs@veoh.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: BlockSite: {dd3d7613-0246-469d-bc65-2a3cc1668adc} - %profile%\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
FF - Ext: Utopia FFSE White: {20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E} - %profile%\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}
FF - Ext: Strata XP on Linux: Strata_XP_on_Linux@jed.litech.org - %profile%\extensions\Strata_XP_on_Linux@jed.litech.org
FF - Ext: Vista-aero: {07b2a769-ed19-4483-87ce-c643914c81bb} - %profile%\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Bvereto - c:\windows\ofanomohagiqin.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-11 00:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LXBSCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-04-11 00:27:27
ComboFix-quarantined-files.txt 2011-04-11 04:27
.
Pre-Run: 59,232,776,192 bytes free
Post-Run: 59,235,770,368 bytes free
.
- - End Of File - - 0EDA915EDF21291DEA9CC909999B9F08


And the Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:11 AM, on 4/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [SubOlccr] C:\PROGRAM FILES\TABLET\SubOlccr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [Omirumokabade] rundll32.exe "C:\WINDOWS\rmopup.dll",Startup
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbscoms.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 7723 bytes

0

Whew! One thing that was on the system was an information stealing trojan so any and all of the personal info you may have on the computer has been at great risk, and may have been stolen. I would contact your bank and credit card companies and inform them of this very real possibility. Looks to me like it has been on there for quite awhile.
Now do the following:

· Make sure that combofix.exe that you downloaded is on your Desktop but Do not run it!
o If it is not on your Desktop, the below will not work.
· Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

KillAll::

c:\windows\system32\sbe.dll
c:\windows\system32\encdec.dll
c:\windows\system32\mstscax.dll
c:\windows\system32\mstsc.exe
C:\WINDOWS\rmopup.dll

· Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
· At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
· You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
· Now use your mouse to drag CFscript.txt on top of ComboFix.exe
· Follow the prompts.
· When it finishes, a log will be produced named c:\combofix.txt

Post back with that log.

0

Oh no...this feels like a nightmare. I don't even wanna look at my desktop for a while. Something strange happened though: When my system rebooted, there was an icon for Internet Explorer on my desktop and when I opened Firefox, I had to set it as the default browser again. Is that normal?

Here's the log from Combofix:

ComboFix 11-04-10.02 - Owner 04/11/2011 1:16.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.841 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFscript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-11 to 2011-04-11 )))))))))))))))))))))))))))))))
.
.
2011-04-10 19:48 . 2011-04-10 19:48 -------- d-----w- c:\documents and settings\Administrator
2011-04-10 06:17 . 2011-04-10 06:17 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-10 06:14 . 2011-04-10 06:14 -------- d-----w- c:\program files\Application Updater
2011-04-10 06:14 . 2011-04-10 06:14 -------- d-----w- c:\program files\Common Files\Spigot
2011-04-10 06:14 . 2011-04-10 06:14 -------- d-----w- c:\documents and settings\Owner\Application Data\Search Settings
2011-04-10 04:02 . 2011-04-10 04:02 -------- d-----w- c:\program files\EASEUS
2011-03-21 07:12 . 2004-06-22 15:05 90112 ----a-w- c:\windows\system32\hpovst08.dll
2011-03-21 07:12 . 2004-06-22 15:05 581632 ----a-w- c:\windows\system32\hpotscl.dll
2011-03-21 07:12 . 2004-06-22 15:05 180315 ----a-w- c:\windows\system32\hpzsnt10.dll
2011-03-19 23:23 . 2011-03-19 23:23 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Identities
2011-03-19 23:23 . 2011-03-21 21:00 -------- d-----w- c:\documents and settings\Owner\Application Data\Gyiz
2011-03-19 23:23 . 2011-03-21 19:05 -------- d-----w- c:\documents and settings\Owner\Application Data\Hivuhe
2011-03-14 19:53 . 2011-03-14 19:53 -------- d-----w- c:\program files\iPod
2011-03-14 19:53 . 2011-03-14 19:54 -------- d-----w- c:\program files\iTunes
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 20:36 . 2010-12-23 04:29 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 20:36 . 2010-12-23 04:29 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 13:53 . 2003-07-16 20:43 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-07-16 20:27 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2010-03-28 23:54 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-03-28 23:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2003-07-16 20:44 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 14:21 . 2011-01-13 14:21 94208 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{31800004-6386-4999-A519-518F2D78D8F0}\python_icon.exe
2011-01-13 03:53 . 2011-01-13 03:53 188128 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-01-13 03:21 . 2011-01-13 03:19 205984 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SubOlccr"="c:\program files\TABLET\SubOlccr.exe" [2002-07-09 176128]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]
"Google Update"="c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2011-01-27 136176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-22 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-22 126976]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-07-22 425984]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]
"LXBSCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBStime.dll" [2004-03-17 65536]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Connection Manager.lnk - c:\program files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe [2010-3-28 20525056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/9/2010 3:19 PM 697328]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/28/2010 9:37 PM 165584]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [1/28/2011 6:10 PM 387072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/28/2010 9:37 PM 17744]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [1/24/2011 5:09 PM 33792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1004336348-682003330-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-27 15:38]
.
2011-04-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1004336348-682003330-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-27 15:38]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\elg9d4tm.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=135963&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Veoh Video Compass: searchrecs@veoh.com - %profile%\extensions\searchrecs@veoh.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: BlockSite: {dd3d7613-0246-469d-bc65-2a3cc1668adc} - %profile%\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
FF - Ext: Utopia FFSE White: {20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E} - %profile%\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}
FF - Ext: Strata XP on Linux: Strata_XP_on_Linux@jed.litech.org - %profile%\extensions\Strata_XP_on_Linux@jed.litech.org
FF - Ext: Vista-aero: {07b2a769-ed19-4483-87ce-c643914c81bb} - %profile%\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-VeohPlugin - c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
HKCU-Run-Omirumokabade - c:\windows\rmopup.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-11 01:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
LXBSCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(628)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\libusbd-nt.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\dlcccoms.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-04-11 01:29:49 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-11 05:29
ComboFix2.txt 2011-04-11 04:27
.
Pre-Run: 59,245,084,672 bytes free
Post-Run: 59,242,344,448 bytes free
.
- - End Of File - - 2D6504ED1F58117664364C95D380C615

Edited by Irv0790: Forgot to ask a question

0

Having to reset default browser again would be perfectly normal. The infection had full control over the computer and therefore changed the default browser in order to possibly be able to have access to your personal information and also to bring in new infection.
You need now to update MBA-M and run a Full Scan in NORMAL mode. Have it remove everything found and then REBOOT the computer, this is vitally important because much of the removals will take place early in the boot process.
Once the computer is rebooted then open MBA-M again and go to the Logs Tab and open the last log, copy/paste that log back here.

You also should go to Add/Remove and Uninstall the following, if they still remain:
BitTorrent
Dealio Toolbar v4.3

Edited by jholland1964: n/a

0

I just realized something. The first time I ran Malwarebytes I made the log before I actually chose to remove the infected items. When I realized what I did, I removed the items, made the log and rebooted. However, when I saved the log I just overwrote the last one, but after the reboot the log that was there was the first one I saved, not the overwritten one. I just tried to run Malwarebytes again in Normal mode only to have it freeze, so I tried it in safe mode and it found one infection. I removed it and saved the log, rebooted, but when I looked for the log....it was nowhere to be found. I have absolutely no idea as to why this is happening.

On the positive side though, I stopped getting the error messages.

0

1st of all, you don't need to save the log prior to cleaning. It will save the log automatically and it will be found in the Logs Tab.
However, the program itself may be damaged because of the multiple infections. Download and run this utility. mbam-clean.exe
It will ask to restart your computer (please allow it to).
Then download a NEW copy of the program and install it from HERE
Save it on your desktop. You'll see it will have a random name but it will be MBA-M
Doubleclick on it, so it will extract the files and will start Malwarebytes automatically.
In case the installer (random named file) won't run either, rename it to EXPLORER.EXE and try again.

When Malwarebytes opens, click the "Update" tab FIRST and select to check for updates in order to get the latest updates.
Then in NORMAL MODE perform a Full scan and let it remove what it found. Reboot afterwards (important).
After reboot, post the malwarebytes log which can be found in the program under the Log Tab.

0

Yeah, I realized that I didn't have to save the log beforehand only after I did it.It turns out that I just had to wait a reeeeeally long time to let Malwarebytes get past scanning that folder. It also didn't find any infections. Here's the log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6333

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/11/2011 3:37:10 PM
mbam-log-2011-04-11 (15-37-10).txt

Scan type: Full scan (C:\|)
Objects scanned: 224944
Time elapsed: 2 hour(s), 10 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by Irv0790: n/a

0

C:\Documents and Settings\All Users\Application Data\Microsoft Help\
Sometimes instead of Microsoft Help it would be just Microsoft.

Edited by Irv0790: n/a

0

So two different Microsoft folders correct? It is a Microsoft Operating system so obviously there would be a lot of Microsoft files. 2 hours for a full scan is not unusual.Depends on how much you have on the drive too.
Run this online Scan:
Run the ESET Online Scanner

http://www.eset.com/us/online-scanner?i_agree=14
* You can use Internet Explorer or you may use Firefox to complete this scan and you will need to allow an Active X to be installed
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.
* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.

0

Where it shows the scan results, there's an option to delete the quarantined files and an option to uninstall the application on close. Or should I just click finish and be done with it?

0

Funny, I have never seen three options on there, this is in the ESET scanner? You only want to quarantine, to be sure there is no good file mistakenly removed.

Edited by jholland1964: n/a

0

Yup, it's ESET. It didn't give me a log when it was over either. Maybe it's because I was using Firefox? Apparently it cleaned 5 infected files.

0

It definitely creates a log it will be located at C:\Program Files\EsetOnlineScanner\log.txt.
I really need to see the log, especially since it found infected files.

0

Oh, wait. Sorry. Here it is:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=d87dbf4374b8c349ab71414373fa4849
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-11 11:14:19
# local_time=2011-04-11 07:14:19 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=770 16774141 100 100 0 237924596 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=84528
# found=5
# cleaned=5
# scan_time=2220
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\2\64d94f02-5b28e0b0 Java/Exploit.CVE-2010-3562.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\37\1765e425-358d05e5 probably a variant of Win32/Agent.CDGQEWH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\41\418b0369-29fd4f4c Java/Exploit.CVE-2009-2843.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\7\406df447-2be3dbf3 probably a variant of Win32/Agent.ZVRMM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Dealio Toolbar\IE\4.3\dealioToolbarIE.dll.vir a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=d87dbf4374b8c349ab71414373fa4849
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-12 12:18:06
# local_time=2011-04-11 08:18:06 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=770 16774141 100 100 0 237927990 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=73982
# found=0
# cleaned=0
# scan_time=2652
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=d87dbf4374b8c349ab71414373fa4849
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-12 01:04:51
# local_time=2011-04-11 09:04:51 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=770 16774141 100 100 0 237930992 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=84761
# found=0
# cleaned=0
# scan_time=2455
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=d87dbf4374b8c349ab71414373fa4849
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-04-12 02:38:01
# local_time=2011-04-11 10:38:01 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=770 16774141 100 100 0 237936248 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=84940
# found=0
# cleaned=0
# scan_time=2790

0

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 23:03:02.00 on Mon 04/11/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.561 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SubOlccr] c:\program files\tablet\SubOlccr.exe
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0379.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16
mRun: [LXBSCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXBStime.dll,_RunDLLEntry@16
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\d-link\d-link rangebooster n dwa-142\wirelesscm.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\elg9d4tm.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=135963&p=
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Veoh Video Compass: searchrecs@veoh.com - %profile%\extensions\searchrecs@veoh.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: BlockSite: {dd3d7613-0246-469d-bc65-2a3cc1668adc} - %profile%\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
FF - Ext: Utopia FFSE White: {20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E} - %profile%\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}
FF - Ext: Strata XP on Linux: Strata_XP_on_Linux@jed.litech.org - %profile%\extensions\Strata_XP_on_Linux@jed.litech.org
FF - Ext: Vista-aero: {07b2a769-ed19-4483-87ce-c643914c81bb} - %profile%\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-28 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-28 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-28 40384]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-2-28 821664]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2009-12-2 483688]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-1-24 33792]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [2009-12-2 554344]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [2009-12-2 211304]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2009-12-2 20584]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [2009-12-2 18280]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2009-12-2 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-28 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-28 40384]
S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-04-12 00:47:53 215920 ----a-w- c:\windows\system32\muweb.dll
2011-04-12 00:47:50 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-04-12 00:47:48 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-04-11 22:31:08 -------- d-----w- c:\program files\ESET
2011-04-11 18:49:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\VirtualizedApplications
2011-04-11 16:38:21 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\SoftGrid Client
2011-04-11 16:38:19 -------- d-----w- c:\docume~1\owner\applic~1\SoftGrid Client
2011-04-11 16:34:43 -------- d-----w- c:\program files\Microsoft Application Virtualization Client
2011-04-11 16:34:43 -------- d-----w- c:\documents and settings\all users\Microsoft
2011-04-11 16:33:36 -------- d-----w- c:\docume~1\owner\applic~1\TP
2011-04-11 03:59:38 -------- d-sha-r- C:\cmdcons
2011-04-11 03:36:42 98816 ----a-w- c:\windows\sed.exe
2011-04-11 03:36:42 89088 ----a-w- c:\windows\MBR.exe
2011-04-11 03:36:42 256512 ----a-w- c:\windows\PEV.exe
2011-04-11 03:36:42 161792 ----a-w- c:\windows\SWREG.exe
2011-04-10 06:17:50 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-04-10 06:17:50 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-10 04:02:06 -------- d-----w- c:\program files\EASEUS
2011-03-21 07:12:49 90112 ----a-w- c:\windows\system32\hpovst08.dll
2011-03-21 07:12:49 581632 ----a-w- c:\windows\system32\hpotscl.dll
2011-03-21 07:12:46 180315 ----a-w- c:\windows\system32\hpzsnt10.dll
2011-03-19 23:23:56 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Identities
2011-03-19 23:23:43 -------- d-----w- c:\docume~1\owner\applic~1\Hivuhe
2011-03-19 23:23:43 -------- d-----w- c:\docume~1\owner\applic~1\Gyiz
2011-03-14 19:53:26 -------- d-----w- c:\program files\iPod
2011-03-14 19:53:20 -------- d-----w- c:\program files\iTunes
.
==================== Find3M ====================
.
2011-02-18 20:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-23 10:21:49 0 ----a-w- c:\windows\Qqinogovi.bin
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
============= FINISH: 23:03:36.98 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/28/2010 8:02:17 PM
System Uptime: 4/11/2011 8:19:39 PM (3 hours ago)
.
Motherboard: Dell Computer Corp. | | 0G1548
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2790/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 54.043 GiB free.
D: is FIXED (NTFS) - 279 GiB total, 278.51 GiB free.
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_13F0&DEV_0200&SUBSYS_020113F0&REV_31\4&3B1CAF2B&0&30F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_13F0&DEV_0200&SUBSYS_020113F0&REV_31\4&3B1CAF2B&0&30F0
Service:
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3B1CAF2B&0&48F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3B1CAF2B&0&48F0
Service:
.
==== System Restore Points ===================
.
RP227: 4/11/2011 12:58:11 PM - Removed Microsoft Office Access MUI (English) 2007
RP228: 4/11/2011 12:58:24 PM - Removed Microsoft Office Shared Setup Metadata MUI (English) 2007
RP229: 4/11/2011 12:58:34 PM - Removed Microsoft Office Excel MUI (English) 2007
RP230: 4/11/2011 12:58:49 PM - Removed Microsoft Office Access Setup Metadata MUI (English) 2007
RP231: 4/11/2011 12:58:58 PM - Removed Microsoft Office PowerPoint MUI (English) 2007
RP232: 4/11/2011 12:59:11 PM - Removed Microsoft Office Publisher MUI (English) 2007
RP233: 4/11/2011 12:59:29 PM - Removed Microsoft Office Outlook MUI (English) 2007
RP234: 4/11/2011 12:59:44 PM - Removed Microsoft Office Word MUI (English) 2007
RP235: 4/11/2011 12:59:59 PM - Removed Microsoft Office Proofing (English) 2007
RP236: 4/11/2011 1:00:28 PM - Removed Microsoft Office Shared MUI (English) 2007
RP237: 4/11/2011 1:00:50 PM - Removed Microsoft Office Proof (English) 2007
RP238: 4/11/2011 1:01:01 PM - Quitado Microsoft Office Proof (Spanish) 2007
RP239: 4/11/2011 1:01:18 PM - Supprimé Microsoft Office Proof (French) 2007
RP240: 4/11/2011 1:02:05 PM - Removed Microsoft Office Professional 2007
RP241: 4/11/2011 1:04:37 PM - Removed Microsoft Application Error Reporting
.
==== Installed Programs ======================
.
Acoustica Effects Pack
Acoustica Mixcraft 4.5
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Reader 9.4.2
AIM 7
AiO_Scan
Amazon MP3 Downloader 1.0.10
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Bonjour
CDisplay 1.8
D-Link RangeBooster N DWA-142
Dell Photo AIO Printer 924
Download Updater (AOL LLC)
ESET Online Scanner v3
Google Chrome
Hello World 0.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
Intel(R) Extreme Graphics Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 18
Lexmark 810 Series
LibUSB-Win32-0.1.10.1
Logitech Gaming Software
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Help Viewer 1.0
Microsoft Office Click-to-Run 2010
Microsoft Office Home and Business 2010 - English
Microsoft Search Enhancement Pack
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server System CLR Types
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Mozilla Firefox (3.6.16)
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Picasa 3
PrintScreen
Python 2.5 Numeric-24.2
Python 2.5 pygame-1.7.1release
Python 2.5 PythonCard-0.8.2
Python 2.5.1
QFolder
QuickTime
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SoundMAX
SPE
SpywareBlaster 4.2
The Weather Channel Desktop 6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 1.0.3
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
wxPython 2.8.7.1 (unicode) for Python 2.5
.
==== Event Viewer Messages From Past Week ========
.
4/4/2011 4:06:22 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the libusbd service.
4/11/2011 12:21:01 PM, error: PSched [14107] - QoS [Adapter {2ADABF19-4651-4AE7-BB57-FAAE3666E489}]: The Packet Scheduler could not initialize the virtual miniport with NDIS.
4/11/2011 12:12:50 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
4/11/2011 12:07:12 AM, error: System Error [1003] - Error code 000000ca, parameter1 00000004, parameter2 893162e0, parameter3 00000000, parameter4 00000000.
4/11/2011 1:22:25 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\c_932.nls. This file was restored to the original version to maintain system stability. The file version of the system file is 0.0.0.1.
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The LibUsb-Win32 - Daemon, Version 0.1.10.1 service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The dlcc_device service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/11/2011 1:15:59 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/11/2011 1:13:13 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00179A50C8BB. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
4/10/2011 9:58:58 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
4/10/2011 5:20:07 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
4/10/2011 4:56:19 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
4/10/2011 4:54:57 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
4/10/2011 4:52:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
4/10/2011 3:49:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss sptd Tcpip
4/10/2011 3:49:35 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2011 3:49:35 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2011 3:49:35 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2011 3:49:35 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2011 3:49:35 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2011 3:49:35 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2011 3:48:54 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/10/2011 3:48:51 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
4/10/2011 3:48:22 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
4/10/2011 3:23:48 AM, error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified.
4/10/2011 3:21:54 AM, error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
4/10/2011 2:23:31 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2011 2:23:22 AM, error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.
.
==== End Of File ===========================

0

I would like somebody else to take a look at all of this if you don't mind. Don't like the idea of infection still being found.

0

I want it over too. That's why I want another opinion, cover all bases. Don't download any programs, videos, games, etc., ok? We don't want anything new on this computer until we can be absolutely certain everything else bad is gone.
What are these files, do you know? All installed on March 19 at 11:23 pm.
c:\docume~1\owner\locals~1\applic~1\Identities
c:\docume~1\owner\applic~1\Hivuhe
c:\docume~1\owner\applic~1\Gyiz

0

From what I see, they're actually empty folders.

Edited by Irv0790: n/a

0

They don't...they just say 'Folder is Empty'. I don't know where they came from.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.