BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Help with NSAnti.H -My PC is not working-
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Help with NSAnti.H -My PC is not working-  
Forum Quick Jump
 
New Topic Post reply to : Help with NSAnti.H -My PC is not working- Printable version of : Help with NSAnti.H -My PC is not working-
[ << Previous Thread | Next Thread >> ]

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/20/2008 5:32 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Hi,

First of all, hello all and thanks for any help in advance :) I'm new to the forum.

My problem is with the NSAnti.H and it has my computer like crazy. It hangs everytime with the blue screen BSOD with different messages.
I can't work on it more than 5 minutes and it dies with BSOD. Sometimes it gets a litter lnger or just after signup. Then I have to restart, pass the checkdiskkand so on.

I can't run the antivirus because it hangs (have bitdefender 2008)
I know there's this virus because my BD detected and supposed blocked access to files containing this virus according to BD.

But I don't think it's cleaning because PC continues to die time after time. It seems to consume a LOT of resources and make it die.

I've downloaded the combofix but it desn't clean it because BSOD keeps appearing. I also have the simptom of hidden files not showing and all that.
(It did finish the cleaning without PC crashing)

I have 3 partitions and BD messages mentiones virus on all of them. Does combofix cleans the virus on all partitions? and removable devices?

How can I fix this?? Please help me.

Thanks
Back to Top
 

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/20/2008 6:47 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Don't know what to do.
I ran combofix on safe mode and it went all good.

Then I start on normal mode but again the BSOD confused shakehead
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 9/20/2008 7:39 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Hello smile
 
 
Reboot to Safe mode with network, and post combofix log
 
It is probably located here: C: Combofix txt


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/20/2008 8:31 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
thanks for your reply.

Unfortunatelly, I run combofix several times and the log I have is not the one when I saw there was some deleting of files of that virus. Althought I think you could see if there's something wrong, as I still get the BSOD on normal mode.

Here's the log:

ComboFix 08-09-19.02 - fernando 2008-09-20 0:48:42.4 - FAT32x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.759 [GMT -4:00]
Running from: C:\Documents and Settings\fernando\Desktop\combofix\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-08-20 to 2008-09-20 )))))))))))))))))))))))))))))))
.

2008-09-19 23:54 . 2008-09-19 23:54 <DIR> d--hs---- C:\FOUND.053
2008-09-19 23:24 . 2007-08-24 19:45 101,120 -ra------ C:\WINDOWS\system32\drivers\ewusbmdm.sys
2008-09-19 23:24 . 2007-08-24 19:45 24,448 -ra------ C:\WINDOWS\system32\drivers\ewdcsc.sys
2008-09-19 23:09 . 2008-09-19 23:09 <DIR> d--hs---- C:\FOUND.052
2008-09-19 13:01 . 2008-09-19 13:01 <DIR> d--hs---- C:\FOUND.051
2008-09-19 00:50 . 2008-09-19 00:50 <DIR> d-------- C:\Program Files\XoftSpySE
2008-09-18 23:22 . 2008-09-18 23:22 <DIR> d--hs---- C:\FOUND.050
2008-09-18 23:11 . 2008-09-19 19:53 121 --a------ C:\WINDOWS\bdagent.INI
2008-09-18 22:23 . 2008-09-10 16:59 96,047 -r-hs---- C:\39lpji.com
2008-09-18 22:14 . 2008-09-18 22:14 <DIR> d--hs---- C:\FOUND.049
2008-09-18 18:33 . 2008-09-18 18:33 <DIR> d--hs---- C:\FOUND.048
2008-09-18 15:33 . 2008-09-18 15:33 <DIR> d--hs---- C:\FOUND.047
2008-09-18 12:16 . 2008-09-19 11:23 90,112 --a------ C:\WINDOWS\DUMP38d9.tmp
2008-09-18 09:21 . 2008-09-18 09:21 <DIR> d--hs---- C:\FOUND.046
2008-09-17 18:22 . 2008-09-17 18:22 <DIR> d--hs---- C:\FOUND.045
2008-09-17 17:41 . 2008-09-17 17:42 <DIR> d-------- C:\Program Files\CONEXANT
2008-09-17 17:38 . 2008-09-17 17:38 <DIR> d--hs---- C:\FOUND.044
2008-09-17 16:54 . 2008-09-17 16:54 <DIR> d--hs---- C:\FOUND.043
2008-09-17 16:00 . 2008-09-17 16:00 <DIR> d--hs---- C:\FOUND.042
2008-09-17 15:53 . 2008-09-17 15:53 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\Bitdefender
2008-09-17 15:53 . 2008-09-17 15:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-09-17 15:47 . 2008-09-17 15:47 <DIR> d-------- C:\Layouts
2008-09-17 14:26 . 2008-09-20 00:12 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-09-17 14:23 . 2008-09-17 14:23 <DIR> d--hs---- C:\FOUND.041
2008-09-17 11:25 . 2008-09-17 11:25 <DIR> d--hs---- C:\FOUND.040
2008-09-16 14:53 . 2008-09-16 14:53 <DIR> d--hs---- C:\FOUND.039
2008-09-16 10:02 . 2008-09-16 10:02 <DIR> d--hs---- C:\FOUND.038
2008-09-15 23:25 . 2008-09-15 23:25 <DIR> d--hs---- C:\FOUND.037
2008-09-14 00:58 . 2008-09-14 00:58 <DIR> d-------- C:\Poker
2008-09-10 21:34 . 2008-09-10 21:34 <DIR> d--hs---- C:\FOUND.036
2008-09-03 13:10 . 2008-09-03 13:10 <DIR> d-------- C:\Program Files\apo_4video
2008-09-03 13:09 . 1998-11-13 11:04 308,224 --a------ C:\WINDOWS\IsUn040a.exe
2008-09-01 09:14 . 2008-09-01 09:14 <DIR> d-------- C:\Program Files\Lexmark 3500-4500 Series
2008-09-01 09:08 . 2008-09-01 09:08 <DIR> d-------- C:\logs
2008-09-01 09:07 . 2007-02-22 18:32 344,064 -ra------ C:\WINDOWS\system32\lxdicoin.dll
2008-09-01 09:07 . 2007-02-08 22:04 77,906 -ra------ C:\WINDOWS\system32\lxdicfg.dll
2008-09-01 09:07 . 2007-03-06 10:41 1,900 -ra------ C:\WINDOWS\system32\lxdi.loc
2008-08-31 20:24 . 2008-08-31 20:24 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\PokerAcademyPro2
2008-08-31 20:24 . 2008-08-31 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PokerAcademyPro2
2008-08-31 20:17 . 2008-08-31 20:17 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\PA-Prospector
2008-08-28 12:37 . 2008-08-28 12:37 <DIR> d-------- C:\Program Files\iTunes
2008-08-28 12:37 . 2008-08-28 12:37 <DIR> d-------- C:\Program Files\iPod
2008-08-25 09:42 . 2008-08-25 09:42 <DIR> d--hs---- C:\FOUND.035

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-17 21:38 90,112 ----a-w C:\WINDOWS\DUMPdf18.tmp
2008-08-12 01:11 241,704 ----a-w C:\WINDOWS\system32\dllcache\wgaLogon.dll
2008-08-12 01:10 917,032 ----a-w C:\WINDOWS\system32\dllcache\WgaTray.exe
2008-07-31 23:15 --------- d-----w C:\Program Files\PKR
2008-07-23 21:34 --------- d-----w C:\Program Files\Apple Software Update
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-26 08:15 619,520 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2008-06-26 08:15 1,499,136 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-06-24 22:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:43 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-23 15:09 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-23 15:09 666,112 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2008-06-23 15:09 3,067,392 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-05-05 16:11 27,976 ----a-w C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
2008-05-05 16:11 125,848 ----a-w C:\Program Files\mozilla firefox\plugins\atgpcext.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 532480]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-11-23 118784]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-07-03 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-07-02 700416]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2004-07-14 151552]
"ePowerManagement"="C:\Acer\ePM\ePM.exe" [2004-09-01 2876416]
"LManager"="C:\Program Files\Launch Manager\QtZgAcer.EXE" [2004-07-29 319488]
"lxctmon.exe"="C:\Program Files\Lexmark 5400 Series\lxctmon.exe" [2006-06-20 286720]
"EzPrint"="C:\Program Files\Lexmark 5400 Series\ezprint.exe" [2006-06-06 98304]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 106496]
"GC75-Manager-Class"="C:\Program Files\Sony Ericsson\Wireless Manager\GC75Manager.exe" [2004-05-27 770141]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"emMON"="C:\WINDOWS\emmon.exe" [2006-12-15 61440]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-08-27 274432]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-08-27 49152]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]

C:\Documents and Settings\fernando\Start Menu\Programs\Startup\
Microsoft Office Groove.lnk - C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [2007-08-29 340856]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2008-02-08 738968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.NTN1"= NUVision.ax

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^desktop.ini]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ELWAVE UDS.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ELWAVE UDS.lnk
backup=C:\WINDOWS\pss\ELWAVE UDS.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check(2).lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check(2).lnk
backup=C:\WINDOWS\pss\EPSON Status Monitor 3 Environment Check(2).lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PrognosisUDS.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PrognosisUDS.lnk
backup=C:\WINDOWS\pss\PrognosisUDS.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^fernando^Start Menu^Programs^Startup^desktop.ini]
path=C:\Documents and Settings\fernando\Start Menu\Programs\Startup\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniStartup

[HKLM\~\startupfolder\C:^Documents and Settings^fernando^Start Menu^Programs^Startup^Dial Engine Pro.LNK]
path=C:\Documents and Settings\fernando\Start Menu\Programs\Startup\Dial Engine Pro.LNK
backup=C:\WINDOWS\pss\Dial Engine Pro.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^fernando^Start Menu^Programs^Startup^ELWAVE UDS.lnk]
path=C:\Documents and Settings\fernando\Start Menu\Programs\Startup\ELWAVE UDS.lnk
backup=C:\WINDOWS\pss\ELWAVE UDS.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PIMOne

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-04 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-04 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-21 11:52 40960 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\System32\\FXSCLNT.exe"=
"C:\\WINDOWS\\System32\\mmc.exe"=
"C:\\Program Files\\Common Files\\PrognosisUDS\\esignal.ude"=
"C:\\Program Files\\Common Files\\PrognosisUDS\\FXtrek.ude"=
"C:\\Program Files\\FX\\FX AccuCharts\\Professional.exe"=
"C:\\Program Files\\FXSGTS\\FXTRADER.EXE"=
"C:\\Program Files\\FXSGTS\\fxtraderum.exe"=
"C:\\Program Files\\Conference\\Conference.dll"=
"C:\\WINDOWS\\System32\\dpvsetup.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\WINDOWS\\System32\\lxctcoms.exe"=
"C:\\WINDOWS\\System32\\ftp.exe"=
"C:\\Program Files\\1stWORKS\\hotCommCL\\BIN\\hotComm.exe"=
"C:\\Program Files\\Trading Rooms Technologies, Inc\\TradingRooms\\Avx\\TradingRooms.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\System32\\lxdicoms.exe"=
"C:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdiPSWX.EXE"=
"C:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdijswx.exe"=

R0 Achernar;Achernar - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Achernar.sys [2003-10-09 16851]
R0 hotcore;hotcore;C:\WINDOWS\system32\drivers\hotcore.sys [2006-06-29 30820]
R1 NetBurn;Paragon NetBurning Driver;C:\WINDOWS\system32\DRIVERS\NetBurn.sys [2006-06-29 79104]
R1 SMBHC;Microsoft SM Bus Host Controller Driver;C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 6784]
R3 Aldebaran;Aldebaran - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Aldebaran.sys [2003-10-09 11731]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-07-30 87568]
S2 Apache2.2;Apache2.2;C:\ServidorZofry\xampp\apache\bin\apache.exe [2007-03-05 16896]
S2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 4096]
S2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2004-08-14 78208]
S2 lxdi_device;lxdi_device;C:\WINDOWS\system32\lxdicoms.exe [2007-03-06 517040]
S2 NetBurnerService;Net Burner iSCSI Service;C:\Program Files\Paragon Software\Drive Backup 8 Professional\Net Burner Service\NetBurnerService.exe [2006-06-29 217600]
S2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2004-06-01 10594]
S2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2004-06-01 4054]
S3 NUVision;NUVision Video Service;C:\WINDOWS\system32\DRIVERS\nuvvid2.sys [2001-09-20 153824]
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [ ]
S3 PD91Agent;PD91Agent;C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-04-16 689416]
S3 PD91Engine;PD91Engine;C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-04-16 894216]
S3 SEMWModem;Sony Ericsson SEMWModem;C:\WINDOWS\system32\DRIVERS\GCXX.sys [2006-06-29 119424]
S3 SEMWWNIC;Sony Ericsson SEMWWNIC;C:\WINDOWS\system32\DRIVERS\GCXXNet.sys [2006-02-03 58112]
S3 SEWModem;Sony Ericsson Wireless Modem;C:\WINDOWS\system32\DRIVERS\GC75.sys [2004-05-27 109056]
S3 SEWWNIC;Sony Ericsson Wireless WAN Adapter;C:\WINDOWS\system32\DRIVERS\GC75Net.sys [2004-05-27 58880]
S3 SMBBATT;Microsoft Smart Battery Driver;C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2008-04-13 16000]
S3 USB28xxBGA;USB 2861 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-01-12 380416]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-12-21 30208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39668040-7cf9-11dd-a976-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bca8dd0-ff10-11db-a7d2-000e358ac9bd}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fcf64e0-b545-11da-88e9-000e358ac9bd}]
\Shell\AutoRun\command - Iexplores.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fcf64e1-b545-11da-88e9-000e358ac9bd}]
\Shell\AutoRun\command - Iexplores.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{528fe2a0-f6ca-11dc-a8fe-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70ff1850-f621-11dc-a8fc-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93080f00-86c5-11dd-a9bc-000e358ac9bd}]
\Shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{970d04c1-1abc-11dc-a7fd-000e358ac9bd}]
\Shell\AutoRun\command - F:\l3v.exe
\Shell\explore\Command - F:\l3v.exe
\Shell\open\Command - F:\l3v.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c68c7a9-ce62-11db-a767-000e358ac9bd}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c68c7aa-ce62-11db-a767-000e358ac9bd}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cec92281-5f1d-11dd-a954-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec85b7d0-4cf1-11dc-a83a-000e358ac9bd}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe
.
Contents of the 'Scheduled Tasks' folder

2008-09-19 C:\WINDOWS\Tasks\XoftSpySE.job
- C:\Program Files\XoftSpySE\XoftSpy.exe [2006-03-10 16:24]

2008-09-19 C:\WINDOWS\Tasks\TradeStation Backup - Monthly.job
- C:\Program Files\TradeStation 8.3 (Build 1631)\Program\TSBackupRestore.exe [2008-04-18 12:07]

2008-09-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-09-19 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe []
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\fernando\Application Data\Mozilla\Firefox\Profiles\230ep3kk.nuevo\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com.ec/firefox?client=firefox-a&rls=org.mozilla:es-AR:official
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
.
.
------- File Associations -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 00:51:42
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCTCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
emMON = C:\WINDOWS\emmon.exe???????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
Completion time: 2008-09-20 0:52:17
ComboFix-quarantined-files.txt 2008-09-20 04:52:16
ComboFix3.txt 2008-09-20 01:00:06
ComboFix2.txt 2008-09-20 03:20:00

Pre-Run: 3,708,125,184 bytes free
Post-Run: 3,686,662,144 bytes free

317 --- E O F --- 2008-09-17 19:20:51
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 9/20/2008 9:10 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

 
Open notepad and copy/paste the text in the quotebox below into it:


Quote:
 
Killall::
 
Snapshot::
 
 
File::
C:\39lpji.com
C:\WINDOWS\DUMPdf18.tmp
C:\WINDOWS\Tasks\1-Click Maintenance.job
 
Folder::
C:\FOUND.053
C:\FOUND.052
C:\FOUND.051
C:\FOUND.050
C:\FOUND.049
C:\FOUND.048
C:\FOUND.047
C:\FOUND.046
C:\FOUND.045
C:\FOUND.044
C:\FOUND.043
C:\FOUND.042
C:\FOUND.041
C:\FOUND.040
C:\FOUND.039
C:\FOUND.038
C:\FOUND.037
C:\FOUND.036
C:\FOUND.035
 
 
Save this as:
CFScript
 
Refering to the picture above, drag CFScript into ComboFix.exe
 
 

 
Please download Malwarebytes' Anti-Malware:
 
Or here:
 
 to your desktop.
 
Double-click mbam-setup.exe and follow the prompts to install the program.
                     
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch


Malwarebytes' Anti-Malware, then click Finish.
                     
If an update is found, it will download and install the latest version.
                     
Once the program has loaded, select Perform full scan, then click Scan.
                     
When the scan is complete, click OK, then Show Results to view the results.
 
Be sure that everything is checked, and click Remove Selected.
 
When completed, a log will open in Notepad. Please save it to a convenient location.
 
Copy and Paste that log into your next reply, along with fresh combofix log.
 
 
NB: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
 
 


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/20/2008 10:31 PM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Hi Touch,

I've just finished doing what you told me.

Here are the logs. I don't know yet if everything is ok now. I had to do all on safe mode, now I'll try run in normal mode and see what happens.
Can it be that the virus damaged the windows install or disk or memory or SOMETHING and BSOD will still keep appearing eventhough the virus has been succesfully removed??

Combofix log:


ComboFix 08-09-19.02 - fernando 2008-09-20 13:49:14.6 - FAT32x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.758 [GMT -4:00]
Running from: C:\Documents and Settings\fernando\Desktop\combofix\ComboFix.exe
Command switches used :: C:\Documents and Settings\fernando\Desktop\combofix\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\39lpji.com
C:\FOUND.035
C:\FOUND.035\FILE0000.CHK
C:\FOUND.035\FILE0001.CHK
C:\FOUND.035\FILE0002.CHK
C:\FOUND.035\FILE0003.CHK
C:\FOUND.035\FILE0004.CHK
C:\FOUND.035\FILE0005.CHK
C:\FOUND.035\FILE0006.CHK
C:\FOUND.035\FILE0007.CHK
C:\FOUND.035\FILE0008.CHK
C:\FOUND.035\FILE0009.CHK
C:\FOUND.036
C:\FOUND.036\FILE0000.CHK
C:\FOUND.036\FILE0001.CHK
C:\FOUND.036\FILE0002.CHK
C:\FOUND.036\FILE0003.CHK
C:\FOUND.036\FILE0004.CHK
C:\FOUND.036\FILE0005.CHK
C:\FOUND.036\FILE0006.CHK
C:\FOUND.036\FILE0007.CHK
C:\FOUND.036\FILE0008.CHK
C:\FOUND.036\FILE0009.CHK
C:\FOUND.036\FILE0010.CHK
C:\FOUND.036\FILE0011.CHK
C:\FOUND.036\FILE0012.CHK
C:\FOUND.037
C:\FOUND.037\FILE0000.CHK
C:\FOUND.038
C:\FOUND.038\FILE0000.CHK
C:\FOUND.038\FILE0001.CHK
C:\FOUND.038\FILE0002.CHK
C:\FOUND.039
C:\FOUND.039\FILE0000.CHK
C:\FOUND.039\FILE0001.CHK
C:\FOUND.039\FILE0002.CHK
C:\FOUND.039\FILE0003.CHK
C:\FOUND.039\FILE0004.CHK
C:\FOUND.039\FILE0005.CHK
C:\FOUND.039\FILE0006.CHK
C:\FOUND.039\FILE0007.CHK
C:\FOUND.039\FILE0008.CHK
C:\FOUND.039\FILE0009.CHK
C:\FOUND.039\FILE0010.CHK
C:\FOUND.039\FILE0011.CHK
C:\FOUND.039\FILE0012.CHK
C:\FOUND.039\FILE0013.CHK
C:\FOUND.039\FILE0014.CHK
C:\FOUND.040
C:\FOUND.040\FILE0000.CHK
C:\FOUND.040\FILE0001.CHK
C:\FOUND.040\FILE0002.CHK
C:\FOUND.040\FILE0003.CHK
C:\FOUND.040\FILE0004.CHK
C:\FOUND.041
C:\FOUND.041\FILE0000.CHK
C:\FOUND.041\FILE0001.CHK
C:\FOUND.041\FILE0002.CHK
C:\FOUND.041\FILE0003.CHK
C:\FOUND.041\FILE0004.CHK
C:\FOUND.041\FILE0005.CHK
C:\FOUND.042
C:\FOUND.042\FILE0000.CHK
C:\FOUND.042\FILE0001.CHK
C:\FOUND.042\FILE0002.CHK
C:\FOUND.042\FILE0003.CHK
C:\FOUND.042\FILE0004.CHK
C:\FOUND.042\FILE0005.CHK
C:\FOUND.042\FILE0006.CHK
C:\FOUND.042\FILE0007.CHK
C:\FOUND.042\FILE0008.CHK
C:\FOUND.042\FILE0009.CHK
C:\FOUND.042\FILE0010.CHK
C:\FOUND.042\FILE0011.CHK
C:\FOUND.042\FILE0012.CHK
C:\FOUND.042\FILE0013.CHK
C:\FOUND.042\FILE0014.CHK
C:\FOUND.042\FILE0015.CHK
C:\FOUND.042\FILE0016.CHK
C:\FOUND.042\FILE0017.CHK
C:\FOUND.042\FILE0018.CHK
C:\FOUND.042\FILE0019.CHK
C:\FOUND.042\FILE0020.CHK
C:\FOUND.042\FILE0021.CHK
C:\FOUND.042\FILE0022.CHK
C:\FOUND.042\FILE0023.CHK
C:\FOUND.042\FILE0024.CHK
C:\FOUND.042\FILE0025.CHK
C:\FOUND.042\FILE0026.CHK
C:\FOUND.042\FILE0027.CHK
C:\FOUND.042\FILE0028.CHK
C:\FOUND.042\FILE0029.CHK
C:\FOUND.042\FILE0030.CHK
C:\FOUND.042\FILE0031.CHK
C:\FOUND.042\FILE0032.CHK
C:\FOUND.042\FILE0033.CHK
C:\FOUND.042\FILE0034.CHK
C:\FOUND.042\FILE0035.CHK
C:\FOUND.042\FILE0036.CHK
C:\FOUND.042\FILE0037.CHK
C:\FOUND.042\FILE0038.CHK
C:\FOUND.042\FILE0039.CHK
C:\FOUND.042\FILE0040.CHK
C:\FOUND.042\FILE0041.CHK
C:\FOUND.042\FILE0042.CHK
C:\FOUND.042\FILE0043.CHK
C:\FOUND.042\FILE0044.CHK
C:\FOUND.042\FILE0045.CHK
C:\FOUND.042\FILE0046.CHK
C:\FOUND.042\FILE0047.CHK
C:\FOUND.042\FILE0048.CHK
C:\FOUND.042\FILE0049.CHK
C:\FOUND.042\FILE0050.CHK
C:\FOUND.042\FILE0051.CHK
C:\FOUND.042\FILE0052.CHK
C:\FOUND.042\FILE0053.CHK
C:\FOUND.042\FILE0054.CHK
C:\FOUND.042\FILE0055.CHK
C:\FOUND.042\FILE0056.CHK
C:\FOUND.042\FILE0057.CHK
C:\FOUND.042\FILE0058.CHK
C:\FOUND.042\FILE0059.CHK
C:\FOUND.042\FILE0060.CHK
C:\FOUND.042\FILE0061.CHK
C:\FOUND.042\FILE0062.CHK
C:\FOUND.042\FILE0063.CHK
C:\FOUND.042\FILE0064.CHK
C:\FOUND.042\FILE0065.CHK
C:\FOUND.042\FILE0066.CHK
C:\FOUND.042\FILE0067.CHK
C:\FOUND.042\FILE0068.CHK
C:\FOUND.042\FILE0069.CHK
C:\FOUND.042\FILE0070.CHK
C:\FOUND.042\FILE0071.CHK
C:\FOUND.042\FILE0072.CHK
C:\FOUND.042\FILE0073.CHK
C:\FOUND.042\FILE0074.CHK
C:\FOUND.042\FILE0075.CHK
C:\FOUND.042\FILE0076.CHK
C:\FOUND.042\FILE0077.CHK
C:\FOUND.042\FILE0078.CHK
C:\FOUND.042\FILE0079.CHK
C:\FOUND.042\FILE0080.CHK
C:\FOUND.042\FILE0081.CHK
C:\FOUND.042\FILE0082.CHK
C:\FOUND.042\FILE0083.CHK
C:\FOUND.042\FILE0084.CHK
C:\FOUND.042\FILE0085.CHK
C:\FOUND.042\FILE0086.CHK
C:\FOUND.042\FILE0087.CHK
C:\FOUND.042\FILE0088.CHK
C:\FOUND.042\FILE0089.CHK
C:\FOUND.042\FILE0090.CHK
C:\FOUND.042\FILE0091.CHK
C:\FOUND.042\FILE0092.CHK
C:\FOUND.042\FILE0093.CHK
C:\FOUND.042\FILE0094.CHK
C:\FOUND.042\FILE0095.CHK
C:\FOUND.042\FILE0096.CHK
C:\FOUND.042\FILE0097.CHK
C:\FOUND.042\FILE0098.CHK
C:\FOUND.042\FILE0099.CHK
C:\FOUND.042\FILE0100.CHK
C:\FOUND.042\FILE0101.CHK
C:\FOUND.042\FILE0102.CHK
C:\FOUND.042\FILE0103.CHK
C:\FOUND.042\FILE0104.CHK
C:\FOUND.042\FILE0105.CHK
C:\FOUND.042\FILE0106.CHK
C:\FOUND.042\FILE0107.CHK
C:\FOUND.042\FILE0108.CHK
C:\FOUND.042\FILE0109.CHK
C:\FOUND.042\FILE0110.CHK
C:\FOUND.042\FILE0111.CHK
C:\FOUND.042\FILE0112.CHK
C:\FOUND.042\FILE0113.CHK
C:\FOUND.042\FILE0114.CHK
C:\FOUND.042\FILE0115.CHK
C:\FOUND.042\FILE0116.CHK
C:\FOUND.042\FILE0117.CHK
C:\FOUND.042\FILE0118.CHK
C:\FOUND.042\FILE0119.CHK
C:\FOUND.042\FILE0120.CHK
C:\FOUND.042\FILE0121.CHK
C:\FOUND.042\FILE0122.CHK
C:\FOUND.042\FILE0123.CHK
C:\FOUND.042\FILE0124.CHK
C:\FOUND.042\FILE0125.CHK
C:\FOUND.042\FILE0126.CHK
C:\FOUND.042\FILE0127.CHK
C:\FOUND.042\FILE0128.CHK
C:\FOUND.042\FILE0129.CHK
C:\FOUND.042\FILE0130.CHK
C:\FOUND.042\FILE0131.CHK
C:\FOUND.042\FILE0132.CHK
C:\FOUND.042\FILE0133.CHK
C:\FOUND.042\FILE0134.CHK
C:\FOUND.042\FILE0135.CHK
C:\FOUND.042\FILE0136.CHK
C:\FOUND.042\FILE0137.CHK
C:\FOUND.042\FILE0138.CHK
C:\FOUND.042\FILE0139.CHK
C:\FOUND.042\FILE0140.CHK
C:\FOUND.042\FILE0141.CHK
C:\FOUND.042\FILE0142.CHK
C:\FOUND.042\FILE0143.CHK
C:\FOUND.042\FILE0144.CHK
C:\FOUND.042\FILE0145.CHK
C:\FOUND.042\FILE0146.CHK
C:\FOUND.042\FILE0147.CHK
C:\FOUND.042\FILE0148.CHK
C:\FOUND.042\FILE0149.CHK
C:\FOUND.042\FILE0150.CHK
C:\FOUND.042\FILE0151.CHK
C:\FOUND.042\FILE0152.CHK
C:\FOUND.042\FILE0153.CHK
C:\FOUND.042\FILE0154.CHK
C:\FOUND.042\FILE0155.CHK
C:\FOUND.042\FILE0156.CHK
C:\FOUND.042\FILE0157.CHK
C:\FOUND.042\FILE0158.CHK
C:\FOUND.042\FILE0159.CHK
C:\FOUND.042\FILE0160.CHK
C:\FOUND.042\FILE0161.CHK
C:\FOUND.042\FILE0162.CHK
C:\FOUND.042\FILE0163.CHK
C:\FOUND.042\FILE0164.CHK
C:\FOUND.042\FILE0165.CHK
C:\FOUND.042\FILE0166.CHK
C:\FOUND.042\FILE0167.CHK
C:\FOUND.042\FILE0168.CHK
C:\FOUND.042\FILE0169.CHK
C:\FOUND.042\FILE0170.CHK
C:\FOUND.042\FILE0171.CHK
C:\FOUND.042\FILE0172.CHK
C:\FOUND.042\FILE0173.CHK
C:\FOUND.042\FILE0174.CHK
C:\FOUND.042\FILE0175.CHK
C:\FOUND.042\FILE0176.CHK
C:\FOUND.042\FILE0177.CHK
C:\FOUND.042\FILE0178.CHK
C:\FOUND.042\FILE0179.CHK
C:\FOUND.042\FILE0180.CHK
C:\FOUND.042\FILE0181.CHK
C:\FOUND.042\FILE0182.CHK
C:\FOUND.042\FILE0183.CHK
C:\FOUND.042\FILE0184.CHK
C:\FOUND.042\FILE0185.CHK
C:\FOUND.042\FILE0186.CHK
C:\FOUND.042\FILE0187.CHK
C:\FOUND.042\FILE0188.CHK
C:\FOUND.042\FILE0189.CHK
C:\FOUND.042\FILE0190.CHK
C:\FOUND.042\FILE0191.CHK
C:\FOUND.042\FILE0192.CHK
C:\FOUND.042\FILE0193.CHK
C:\FOUND.042\FILE0194.CHK
C:\FOUND.042\FILE0195.CHK
C:\FOUND.042\FILE0196.CHK
C:\FOUND.042\FILE0197.CHK
C:\FOUND.042\FILE0198.CHK
C:\FOUND.042\FILE0199.CHK
C:\FOUND.042\FILE0200.CHK
C:\FOUND.042\FILE0201.CHK
C:\FOUND.042\FILE0202.CHK
C:\FOUND.042\FILE0203.CHK
C:\FOUND.042\FILE0204.CHK
C:\FOUND.042\FILE0205.CHK
C:\FOUND.042\FILE0206.CHK
C:\FOUND.042\FILE0207.CHK
C:\FOUND.042\FILE0208.CHK
C:\FOUND.042\FILE0209.CHK
C:\FOUND.042\FILE0210.CHK
C:\FOUND.042\FILE0211.CHK
C:\FOUND.042\FILE0212.CHK
C:\FOUND.042\FILE0213.CHK
C:\FOUND.042\FILE0214.CHK
C:\FOUND.042\FILE0215.CHK
C:\FOUND.042\FILE0216.CHK
C:\FOUND.042\FILE0217.CHK
C:\FOUND.042\FILE0218.CHK
C:\FOUND.042\FILE0219.CHK
C:\FOUND.042\FILE0220.CHK
C:\FOUND.042\FILE0221.CHK
C:\FOUND.042\FILE0222.CHK
C:\FOUND.042\FILE0223.CHK
C:\FOUND.042\FILE0224.CHK
C:\FOUND.042\FILE0225.CHK
C:\FOUND.042\FILE0226.CHK
C:\FOUND.042\FILE0227.CHK
C:\FOUND.042\FILE0228.CHK
C:\FOUND.042\FILE0229.CHK
C:\FOUND.042\FILE0230.CHK
C:\FOUND.042\FILE0231.CHK
C:\FOUND.042\FILE0232.CHK
C:\FOUND.042\FILE0233.CHK
C:\FOUND.042\FILE0234.CHK
C:\FOUND.042\FILE0235.CHK
C:\FOUND.042\FILE0236.CHK
C:\FOUND.042\FILE0237.CHK
C:\FOUND.042\FILE0238.CHK
C:\FOUND.042\FILE0239.CHK
C:\FOUND.042\FILE0240.CHK
C:\FOUND.042\FILE0241.CHK
C:\FOUND.042\FILE0242.CHK
C:\FOUND.042\FILE0243.CHK
C:\FOUND.042\FILE0244.CHK
C:\FOUND.042\FILE0245.CHK
C:\FOUND.042\FILE0246.CHK
C:\FOUND.042\FILE0247.CHK
C:\FOUND.042\FILE0248.CHK
C:\FOUND.042\FILE0249.CHK
C:\FOUND.042\FILE0250.CHK
C:\FOUND.042\FILE0251.CHK
C:\FOUND.042\FILE0252.CHK
C:\FOUND.042\FILE0253.CHK
C:\FOUND.042\FILE0254.CHK
C:\FOUND.042\FILE0255.CHK
C:\FOUND.042\FILE0256.CHK
C:\FOUND.042\FILE0257.CHK
C:\FOUND.042\FILE0258.CHK
C:\FOUND.042\FILE0259.CHK
C:\FOUND.042\FILE0260.CHK
C:\FOUND.042\FILE0261.CHK
C:\FOUND.042\FILE0262.CHK
C:\FOUND.042\FILE0263.CHK
C:\FOUND.042\FILE0264.CHK
C:\FOUND.042\FILE0265.CHK
C:\FOUND.042\FILE0266.CHK
C:\FOUND.042\FILE0267.CHK
C:\FOUND.042\FILE0268.CHK
C:\FOUND.042\FILE0269.CHK
C:\FOUND.042\FILE0270.CHK
C:\FOUND.042\FILE0271.CHK
C:\FOUND.042\FILE0272.CHK
C:\FOUND.042\FILE0273.CHK
C:\FOUND.042\FILE0274.CHK
C:\FOUND.042\FILE0275.CHK
C:\FOUND.042\FILE0276.CHK
C:\FOUND.042\FILE0277.CHK
C:\FOUND.042\FILE0278.CHK
C:\FOUND.042\FILE0279.CHK
C:\FOUND.042\FILE0280.CHK
C:\FOUND.042\FILE0281.CHK
C:\FOUND.042\FILE0282.CHK
C:\FOUND.042\FILE0283.CHK
C:\FOUND.042\FILE0284.CHK
C:\FOUND.042\FILE0285.CHK
C:\FOUND.042\FILE0286.CHK
C:\FOUND.042\FILE0287.CHK
C:\FOUND.042\FILE0288.CHK
C:\FOUND.042\FILE0289.CHK
C:\FOUND.042\FILE0290.CHK
C:\FOUND.042\FILE0291.CHK
C:\FOUND.042\FILE0292.CHK
C:\FOUND.042\FILE0293.CHK
C:\FOUND.042\FILE0294.CHK
C:\FOUND.042\FILE0295.CHK
C:\FOUND.042\FILE0296.CHK
C:\FOUND.042\FILE0297.CHK
C:\FOUND.042\FILE0298.CHK
C:\FOUND.042\FILE0299.CHK
C:\FOUND.042\FILE0300.CHK
C:\FOUND.042\FILE0301.CHK
C:\FOUND.042\FILE0302.CHK
C:\FOUND.042\FILE0303.CHK
C:\FOUND.042\FILE0304.CHK
C:\FOUND.042\FILE0305.CHK
C:\FOUND.042\FILE0306.CHK
C:\FOUND.042\FILE0307.CHK
C:\FOUND.042\FILE0308.CHK
C:\FOUND.042\FILE0309.CHK
C:\FOUND.042\FILE0310.CHK
C:\FOUND.042\FILE0311.CHK
C:\FOUND.042\FILE0312.CHK
C:\FOUND.042\FILE0313.CHK
C:\FOUND.042\FILE0314.CHK
C:\FOUND.042\FILE0315.CHK
C:\FOUND.042\FILE0316.CHK
C:\FOUND.042\FILE0317.CHK
C:\FOUND.042\FILE0318.CHK
C:\FOUND.042\FILE0319.CHK
C:\FOUND.042\FILE0320.CHK
C:\FOUND.042\FILE0321.CHK
C:\FOUND.042\FILE0322.CHK
C:\FOUND.042\FILE0323.CHK
C:\FOUND.042\FILE0324.CHK
C:\FOUND.042\FILE0325.CHK
C:\FOUND.042\FILE0326.CHK
C:\FOUND.042\FILE0327.CHK
C:\FOUND.042\FILE0328.CHK
C:\FOUND.042\FILE0329.CHK
C:\FOUND.042\FILE0330.CHK
C:\FOUND.042\FILE0331.CHK
C:\FOUND.042\FILE0332.CHK
C:\FOUND.042\FILE0333.CHK
C:\FOUND.042\FILE0334.CHK
C:\FOUND.042\FILE0335.CHK
C:\FOUND.043
C:\FOUND.043\FILE0000.CHK
C:\FOUND.044
C:\FOUND.044\FILE0000.CHK
C:\FOUND.044\FILE0001.CHK
C:\FOUND.045
C:\FOUND.045\FILE0000.CHK
C:\FOUND.045\FILE0001.CHK
C:\FOUND.045\FILE0002.CHK
C:\FOUND.045\FILE0003.CHK
C:\FOUND.045\FILE0004.CHK
C:\FOUND.045\FILE0005.CHK
C:\FOUND.045\FILE0006.CHK
C:\FOUND.045\FILE0007.CHK
C:\FOUND.045\FILE0008.CHK
C:\FOUND.046
C:\FOUND.046\FILE0000.CHK
C:\FOUND.046\FILE0001.CHK
C:\FOUND.046\FILE0002.CHK
C:\FOUND.046\FILE0003.CHK
C:\FOUND.046\FILE0004.CHK
C:\FOUND.046\FILE0005.CHK
C:\FOUND.046\FILE0006.CHK
C:\FOUND.047
C:\FOUND.047\FILE0000.CHK
C:\FOUND.047\FILE0001.CHK
C:\FOUND.047\FILE0002.CHK
C:\FOUND.047\FILE0003.CHK
C:\FOUND.047\FILE0004.CHK
C:\FOUND.047\FILE0005.CHK
C:\FOUND.047\FILE0006.CHK
C:\FOUND.047\FILE0007.CHK
C:\FOUND.047\FILE0008.CHK
C:\FOUND.047\FILE0009.CHK
C:\FOUND.047\FILE0010.CHK
C:\FOUND.047\FILE0011.CHK
C:\FOUND.047\FILE0012.CHK
C:\FOUND.047\FILE0013.CHK
C:\FOUND.048
C:\FOUND.048\FILE0000.CHK
C:\FOUND.049
C:\FOUND.049\FILE0000.CHK
C:\FOUND.049\FILE0001.CHK
C:\FOUND.049\FILE0002.CHK
C:\FOUND.049\FILE0003.CHK
C:\FOUND.050
C:\FOUND.050\FILE0000.CHK
C:\FOUND.050\FILE0001.CHK
C:\FOUND.050\FILE0002.CHK
C:\FOUND.050\FILE0003.CHK
C:\FOUND.050\FILE0004.CHK
C:\FOUND.050\FILE0005.CHK
C:\FOUND.050\FILE0006.CHK
C:\FOUND.050\FILE0007.CHK
C:\FOUND.050\FILE0008.CHK
C:\FOUND.050\FILE0009.CHK
C:\FOUND.050\FILE0010.CHK
C:\FOUND.050\FILE0011.CHK
C:\FOUND.050\FILE0012.CHK
C:\FOUND.050\FILE0013.CHK
C:\FOUND.050\FILE0014.CHK
C:\FOUND.050\FILE0015.CHK
C:\FOUND.050\FILE0016.CHK
C:\FOUND.050\FILE0017.CHK
C:\FOUND.050\FILE0018.CHK
C:\FOUND.050\FILE0019.CHK
C:\FOUND.050\FILE0020.CHK
C:\FOUND.050\FILE0021.CHK
C:\FOUND.050\FILE0022.CHK
C:\FOUND.050\FILE0023.CHK
C:\FOUND.050\FILE0024.CHK
C:\FOUND.050\FILE0025.CHK
C:\FOUND.050\FILE0026.CHK
C:\FOUND.050\FILE0027.CHK
C:\FOUND.050\FILE0028.CHK
C:\FOUND.050\FILE0029.CHK
C:\FOUND.050\FILE0030.CHK
C:\FOUND.050\FILE0031.CHK
C:\FOUND.050\FILE0032.CHK
C:\FOUND.050\FILE0033.CHK
C:\FOUND.050\FILE0034.CHK
C:\FOUND.050\FILE0035.CHK
C:\FOUND.050\FILE0036.CHK
C:\FOUND.050\FILE0037.CHK
C:\FOUND.050\FILE0038.CHK
C:\FOUND.050\FILE0039.CHK
C:\FOUND.050\FILE0040.CHK
C:\FOUND.050\FILE0041.CHK
C:\FOUND.050\FILE0042.CHK
C:\FOUND.050\FILE0043.CHK
C:\FOUND.050\FILE0044.CHK
C:\FOUND.050\FILE0045.CHK
C:\FOUND.050\FILE0046.CHK
C:\FOUND.050\FILE0047.CHK
C:\FOUND.050\FILE0048.CHK
C:\FOUND.050\FILE0049.CHK
C:\FOUND.050\FILE0050.CHK
C:\FOUND.050\FILE0051.CHK
C:\FOUND.050\FILE0052.CHK
C:\FOUND.050\FILE0053.CHK
C:\FOUND.050\FILE0054.CHK
C:\FOUND.050\FILE0055.CHK
C:\FOUND.050\FILE0056.CHK
C:\FOUND.050\FILE0057.CHK
C:\FOUND.050\FILE0058.CHK
C:\FOUND.050\FILE0059.CHK
C:\FOUND.050\FILE0060.CHK
C:\FOUND.050\FILE0061.CHK
C:\FOUND.050\FILE0062.CHK
C:\FOUND.050\FILE0063.CHK
C:\FOUND.050\FILE0064.CHK
C:\FOUND.050\FILE0065.CHK
C:\FOUND.050\FILE0066.CHK
C:\FOUND.050\FILE0067.CHK
C:\FOUND.050\FILE0068.CHK
C:\FOUND.050\FILE0069.CHK
C:\FOUND.050\FILE0070.CHK
C:\FOUND.050\FILE0071.CHK
C:\FOUND.050\FILE0072.CHK
C:\FOUND.050\FILE0073.CHK
C:\FOUND.050\FILE0074.CHK
C:\FOUND.050\FILE0075.CHK
C:\FOUND.050\FILE0076.CHK
C:\FOUND.050\FILE0077.CHK
C:\FOUND.050\FILE0078.CHK
C:\FOUND.050\FILE0079.CHK
C:\FOUND.050\FILE0080.CHK
C:\FOUND.050\FILE0081.CHK
C:\FOUND.050\FILE0082.CHK
C:\FOUND.050\FILE0083.CHK
C:\FOUND.050\FILE0084.CHK
C:\FOUND.050\FILE0085.CHK
C:\FOUND.050\FILE0086.CHK
C:\FOUND.050\FILE0087.CHK
C:\FOUND.050\FILE0088.CHK
C:\FOUND.050\FILE0089.CHK
C:\FOUND.050\FILE0090.CHK
C:\FOUND.050\FILE0091.CHK
C:\FOUND.050\FILE0092.CHK
C:\FOUND.050\FILE0093.CHK
C:\FOUND.050\FILE0094.CHK
C:\FOUND.050\FILE0095.CHK
C:\FOUND.050\FILE0096.CHK
C:\FOUND.050\FILE0097.CHK
C:\FOUND.050\FILE0098.CHK
C:\FOUND.050\FILE0099.CHK
C:\FOUND.050\FILE0100.CHK
C:\FOUND.050\FILE0101.CHK
C:\FOUND.050\FILE0102.CHK
C:\FOUND.050\FILE0103.CHK
C:\FOUND.050\FILE0104.CHK
C:\FOUND.050\FILE0105.CHK
C:\FOUND.050\FILE0106.CHK
C:\FOUND.050\FILE0107.CHK
C:\FOUND.050\FILE0108.CHK
C:\FOUND.050\FILE0109.CHK
C:\FOUND.050\FILE0110.CHK
C:\FOUND.050\FILE0111.CHK
C:\FOUND.050\FILE0112.CHK
C:\FOUND.050\FILE0113.CHK
C:\FOUND.050\FILE0114.CHK
C:\FOUND.050\FILE0115.CHK
C:\FOUND.050\FILE0116.CHK
C:\FOUND.050\FILE0117.CHK
C:\FOUND.050\FILE0118.CHK
C:\FOUND.050\FILE0119.CHK
C:\FOUND.050\FILE0120.CHK
C:\FOUND.050\FILE0121.CHK
C:\FOUND.050\FILE0122.CHK
C:\FOUND.050\FILE0123.CHK
C:\FOUND.050\FILE0124.CHK
C:\FOUND.050\FILE0125.CHK
C:\FOUND.050\FILE0126.CHK
C:\FOUND.050\FILE0127.CHK
C:\FOUND.050\FILE0128.CHK
C:\FOUND.050\FILE0129.CHK
C:\FOUND.050\FILE0130.CHK
C:\FOUND.050\FILE0131.CHK
C:\FOUND.050\FILE0132.CHK
C:\FOUND.050\FILE0133.CHK
C:\FOUND.050\FILE0134.CHK
C:\FOUND.050\FILE0135.CHK
C:\FOUND.050\FILE0136.CHK
C:\FOUND.050\FILE0137.CHK
C:\FOUND.050\FILE0138.CHK
C:\FOUND.050\FILE0139.CHK
C:\FOUND.050\FILE0140.CHK
C:\FOUND.050\FILE0141.CHK
C:\FOUND.050\FILE0142.CHK
C:\FOUND.050\FILE0143.CHK
C:\FOUND.050\FILE0144.CHK
C:\FOUND.050\FILE0145.CHK
C:\FOUND.050\FILE0146.CHK
C:\FOUND.050\FILE0147.CHK
C:\FOUND.050\FILE0148.CHK
C:\FOUND.050\FILE0149.CHK
C:\FOUND.050\FILE0150.CHK
C:\FOUND.050\FILE0151.CHK
C:\FOUND.050\FILE0152.CHK
C:\FOUND.050\FILE0153.CHK
C:\FOUND.050\FILE0154.CHK
C:\FOUND.050\FILE0155.CHK
C:\FOUND.050\FILE0156.CHK
C:\FOUND.050\FILE0157.CHK
C:\FOUND.050\FILE0158.CHK
C:\FOUND.050\FILE0159.CHK
C:\FOUND.050\FILE0160.CHK
C:\FOUND.050\FILE0161.CHK
C:\FOUND.050\FILE0162.CHK
C:\FOUND.050\FILE0163.CHK
C:\FOUND.050\FILE0164.CHK
C:\FOUND.050\FILE0165.CHK
C:\FOUND.050\FILE0166.CHK
C:\FOUND.050\FILE0167.CHK
C:\FOUND.050\FILE0168.CHK
C:\FOUND.050\FILE0169.CHK
C:\FOUND.050\FILE0170.CHK
C:\FOUND.050\FILE0171.CHK
C:\FOUND.050\FILE0172.CHK
C:\FOUND.050\FILE0173.CHK
C:\FOUND.050\FILE0174.CHK
C:\FOUND.050\FILE0175.CHK
C:\FOUND.050\FILE0176.CHK
C:\FOUND.050\FILE0177.CHK
C:\FOUND.050\FILE0178.CHK
C:\FOUND.050\FILE0179.CHK
C:\FOUND.050\FILE0180.CHK
C:\FOUND.050\FILE0181.CHK
C:\FOUND.050\FILE0182.CHK
C:\FOUND.050\FILE0183.CHK
C:\FOUND.050\FILE0184.CHK
C:\FOUND.050\FILE0185.CHK
C:\FOUND.050\FILE0186.CHK
C:\FOUND.050\FILE0187.CHK
C:\FOUND.050\FILE0188.CHK
C:\FOUND.050\FILE0189.CHK
C:\FOUND.050\FILE0190.CHK
C:\FOUND.050\FILE0191.CHK
C:\FOUND.050\FILE0192.CHK
C:\FOUND.050\FILE0193.CHK
C:\FOUND.050\FILE0194.CHK
C:\FOUND.050\FILE0195.CHK
C:\FOUND.050\FILE0196.CHK
C:\FOUND.050\FILE0197.CHK
C:\FOUND.050\FILE0198.CHK
C:\FOUND.050\FILE0199.CHK
C:\FOUND.050\FILE0200.CHK
C:\FOUND.050\FILE0201.CHK
C:\FOUND.050\FILE0202.CHK
C:\FOUND.050\FILE0203.CHK
C:\FOUND.050\FILE0204.CHK
C:\FOUND.050\FILE0205.CHK
C:\FOUND.050\FILE0206.CHK
C:\FOUND.050\FILE0207.CHK
C:\FOUND.050\FILE0208.CHK
C:\FOUND.050\FILE0209.CHK
C:\FOUND.050\FILE0210.CHK
C:\FOUND.050\FILE0211.CHK
C:\FOUND.050\FILE0212.CHK
C:\FOUND.050\FILE0213.CHK
C:\FOUND.050\FILE0214.CHK
C:\FOUND.050\FILE0215.CHK
C:\FOUND.050\FILE0216.CHK
C:\FOUND.050\FILE0217.CHK
C:\FOUND.050\FILE0218.CHK
C:\FOUND.050\FILE0219.CHK
C:\FOUND.050\FILE0220.CHK
C:\FOUND.050\FILE0221.CHK
C:\FOUND.050\FILE0222.CHK
C:\FOUND.050\FILE0223.CHK
C:\FOUND.050\FILE0224.CHK
C:\FOUND.050\FILE0225.CHK
C:\FOUND.050\FILE0226.CHK
C:\FOUND.050\FILE0227.CHK
C:\FOUND.050\FILE0228.CHK
C:\FOUND.050\FILE0229.CHK
C:\FOUND.050\FILE0230.CHK
C:\FOUND.050\FILE0231.CHK
C:\FOUND.050\FILE0232.CHK
C:\FOUND.050\FILE0233.CHK
C:\FOUND.050\FILE0234.CHK
C:\FOUND.050\FILE0235.CHK
C:\FOUND.050\FILE0236.CHK
C:\FOUND.050\FILE0237.CHK
C:\FOUND.050\FILE0238.CHK
C:\FOUND.050\FILE0239.CHK
C:\FOUND.050\FILE0240.CHK
C:\FOUND.050\FILE0241.CHK
C:\FOUND.050\FILE0242.CHK
C:\FOUND.050\FILE0243.CHK
C:\FOUND.050\FILE0244.CHK
C:\FOUND.050\FILE0245.CHK
C:\FOUND.050\FILE0246.CHK
C:\FOUND.050\FILE0247.CHK
C:\FOUND.050\FILE0248.CHK
C:\FOUND.050\FILE0249.CHK
C:\FOUND.050\FILE0250.CHK
C:\FOUND.050\FILE0251.CHK
C:\FOUND.050\FILE0252.CHK
C:\FOUND.050\FILE0253.CHK
C:\FOUND.050\FILE0254.CHK
C:\FOUND.050\FILE0255.CHK
C:\FOUND.050\FILE0256.CHK
C:\FOUND.050\FILE0257.CHK
C:\FOUND.050\FILE0258.CHK
C:\FOUND.050\FILE0259.CHK
C:\FOUND.050\FILE0260.CHK
C:\FOUND.050\FILE0261.CHK
C:\FOUND.050\FILE0262.CHK
C:\FOUND.050\FILE0263.CHK
C:\FOUND.050\FILE0264.CHK
C:\FOUND.050\FILE0265.CHK
C:\FOUND.050\FILE0266.CHK
C:\FOUND.050\FILE0267.CHK
C:\FOUND.050\FILE0268.CHK
C:\FOUND.050\FILE0269.CHK
C:\FOUND.050\FILE0270.CHK
C:\FOUND.050\FILE0271.CHK
C:\FOUND.050\FILE0272.CHK
C:\FOUND.050\FILE0273.CHK
C:\FOUND.050\FILE0274.CHK
C:\FOUND.050\FILE0275.CHK
C:\FOUND.050\FILE0276.CHK
C:\FOUND.050\FILE0277.CHK
C:\FOUND.050\FILE0278.CHK
C:\FOUND.050\FILE0279.CHK
C:\FOUND.050\FILE0280.CHK
C:\FOUND.050\FILE0281.CHK
C:\FOUND.050\FILE0282.CHK
C:\FOUND.050\FILE0283.CHK
C:\FOUND.050\FILE0284.CHK
C:\FOUND.050\FILE0285.CHK
C:\FOUND.050\FILE0286.CHK
C:\FOUND.050\FILE0287.CHK
C:\FOUND.050\FILE0288.CHK
C:\FOUND.050\FILE0289.CHK
C:\FOUND.050\FILE0290.CHK
C:\FOUND.050\FILE0291.CHK
C:\FOUND.050\FILE0292.CHK
C:\FOUND.050\FILE0293.CHK
C:\FOUND.050\FILE0294.CHK
C:\FOUND.050\FILE0295.CHK
C:\FOUND.050\FILE0296.CHK
C:\FOUND.050\FILE0297.CHK
C:\FOUND.050\FILE0298.CHK
C:\FOUND.050\FILE0299.CHK
C:\FOUND.050\FILE0300.CHK
C:\FOUND.050\FILE0301.CHK
C:\FOUND.050\FILE0302.CHK
C:\FOUND.050\FILE0303.CHK
C:\FOUND.050\FILE0304.CHK
C:\FOUND.050\FILE0305.CHK
C:\FOUND.050\FILE0306.CHK
C:\FOUND.050\FILE0307.CHK
C:\FOUND.050\FILE0308.CHK
C:\FOUND.050\FILE0309.CHK
C:\FOUND.050\FILE0310.CHK
C:\FOUND.050\FILE0311.CHK
C:\FOUND.050\FILE0312.CHK
C:\FOUND.050\FILE0313.CHK
C:\FOUND.050\FILE0314.CHK
C:\FOUND.050\FILE0315.CHK
C:\FOUND.050\FILE0316.CHK
C:\FOUND.050\FILE0317.CHK
C:\FOUND.050\FILE0318.CHK
C:\FOUND.050\FILE0319.CHK
C:\FOUND.050\FILE0320.CHK
C:\FOUND.050\FILE0321.CHK
C:\FOUND.050\FILE0322.CHK
C:\FOUND.050\FILE0323.CHK
C:\FOUND.050\FILE0324.CHK
C:\FOUND.050\FILE0325.CHK
C:\FOUND.050\FILE0326.CHK
C:\FOUND.050\FILE0327.CHK
C:\FOUND.050\FILE0328.CHK
C:\FOUND.050\FILE0329.CHK
C:\FOUND.050\FILE0330.CHK
C:\FOUND.050\FILE0331.CHK
C:\FOUND.050\FILE0332.CHK
C:\FOUND.050\FILE0333.CHK
C:\FOUND.050\FILE0334.CHK
C:\FOUND.050\FILE0335.CHK
C:\FOUND.050\FILE0336.CHK
C:\FOUND.050\FILE0337.CHK
C:\FOUND.050\FILE0338.CHK
C:\FOUND.050\FILE0339.CHK
C:\FOUND.050\FILE0340.CHK
C:\FOUND.050\FILE0341.CHK
C:\FOUND.050\FILE0342.CHK
C:\FOUND.050\FILE0343.CHK
C:\FOUND.050\FILE0344.CHK
C:\FOUND.050\FILE0345.CHK
C:\FOUND.050\FILE0346.CHK
C:\FOUND.050\FILE0347.CHK
C:\FOUND.050\FILE0348.CHK
C:\FOUND.050\FILE0349.CHK
C:\FOUND.050\FILE0350.CHK
C:\FOUND.050\FILE0351.CHK
C:\FOUND.050\FILE0352.CHK
C:\FOUND.050\FILE0353.CHK
C:\FOUND.050\FILE0354.CHK
C:\FOUND.050\FILE0355.CHK
C:\FOUND.050\FILE0356.CHK
C:\FOUND.050\FILE0357.CHK
C:\FOUND.050\FILE0358.CHK
C:\FOUND.050\FILE0359.CHK
C:\FOUND.050\FILE0360.CHK
C:\FOUND.050\FILE0361.CHK
C:\FOUND.050\FILE0362.CHK
C:\FOUND.050\FILE0363.CHK
C:\FOUND.050\FILE0364.CHK
C:\FOUND.050\FILE0365.CHK
C:\FOUND.050\FILE0366.CHK
C:\FOUND.050\FILE0367.CHK
C:\FOUND.050\FILE0368.CHK
C:\FOUND.050\FILE0369.CHK
C:\FOUND.050\FILE0370.CHK
C:\FOUND.050\FILE0371.CHK
C:\FOUND.050\FILE0372.CHK
C:\FOUND.050\FILE0373.CHK
C:\FOUND.050\FILE0374.CHK
C:\FOUND.050\FILE0375.CHK
C:\FOUND.050\FILE0376.CHK
C:\FOUND.050\FILE0377.CHK
C:\FOUND.050\FILE0378.CHK
C:\FOUND.050\FILE0379.CHK
C:\FOUND.050\FILE0380.CHK
C:\FOUND.050\FILE0381.CHK
C:\FOUND.050\FILE0382.CHK
C:\FOUND.050\FILE0383.CHK
C:\FOUND.050\FILE0384.CHK
C:\FOUND.050\FILE0385.CHK
C:\FOUND.050\FILE0386.CHK
C:\FOUND.050\FILE0387.CHK
C:\FOUND.050\FILE0388.CHK
C:\FOUND.050\FILE0389.CHK
C:\FOUND.050\FILE0390.CHK
C:\FOUND.050\FILE0391.CHK
C:\FOUND.050\FILE0392.CHK
C:\FOUND.050\FILE0393.CHK
C:\FOUND.050\FILE0394.CHK
C:\FOUND.050\FILE0395.CHK
C:\FOUND.050\FILE0396.CHK
C:\FOUND.050\FILE0397.CHK
C:\FOUND.050\FILE0398.CHK
C:\FOUND.050\FILE0399.CHK
C:\FOUND.050\FILE0400.CHK
C:\FOUND.050\FILE0401.CHK
C:\FOUND.050\FILE0402.CHK
C:\FOUND.050\FILE0403.CHK
C:\FOUND.050\FILE0404.CHK
C:\FOUND.050\FILE0405.CHK
C:\FOUND.050\FILE0406.CHK
C:\FOUND.050\FILE0407.CHK
C:\FOUND.050\FILE0408.CHK
C:\FOUND.050\FILE0409.CHK
C:\FOUND.050\FILE0410.CHK
C:\FOUND.050\FILE0411.CHK
C:\FOUND.050\FILE0412.CHK
C:\FOUND.050\FILE0413.CHK
C:\FOUND.050\FILE0414.CHK
C:\FOUND.050\FILE0415.CHK
C:\FOUND.050\FILE0416.CHK
C:\FOUND.050\FILE0417.CHK
C:\FOUND.050\FILE0418.CHK
C:\FOUND.050\FILE0419.CHK
C:\FOUND.050\FILE0420.CHK
C:\FOUND.050\FILE0421.CHK
C:\FOUND.050\FILE0422.CHK
C:\FOUND.050\FILE0423.CHK
C:\FOUND.050\FILE0424.CHK
C:\FOUND.050\FILE0425.CHK
C:\FOUND.050\FILE0426.CHK
C:\FOUND.050\FILE0427.CHK
C:\FOUND.050\FILE0428.CHK
C:\FOUND.050\FILE0429.CHK
C:\FOUND.050\FILE0430.CHK
C:\FOUND.050\FILE0431.CHK
C:\FOUND.050\FILE0432.CHK
C:\FOUND.050\FILE0433.CHK
C:\FOUND.050\FILE0434.CHK
C:\FOUND.050\FILE0435.CHK
C:\FOUND.050\FILE0436.CHK
C:\FOUND.051
C:\FOUND.051\FILE0000.CHK
C:\FOUND.051\FILE0001.CHK
C:\FOUND.051\FILE0002.CHK
C:\FOUND.051\FILE0003.CHK
C:\FOUND.051\FILE0004.CHK
C:\FOUND.051\FILE0005.CHK
C:\FOUND.051\FILE0006.CHK
C:\FOUND.051\FILE0007.CHK
C:\FOUND.051\FILE0008.CHK
C:\FOUND.051\FILE0009.CHK
C:\FOUND.051\FILE0010.CHK
C:\FOUND.051\FILE0011.CHK
C:\FOUND.051\FILE0012.CHK
C:\FOUND.051\FILE0013.CHK
C:\FOUND.051\FILE0014.CHK
C:\FOUND.051\FILE0015.CHK
C:\FOUND.051\FILE0016.CHK
C:\FOUND.051\FILE0017.CHK
C:\FOUND.051\FILE0018.CHK
C:\FOUND.051\FILE0019.CHK
C:\FOUND.051\FILE0020.CHK
C:\FOUND.051\FILE0021.CHK
C:\FOUND.051\FILE0022.CHK
C:\FOUND.051\FILE0023.CHK
C:\FOUND.051\FILE0024.CHK
C:\FOUND.051\FILE0025.CHK
C:\FOUND.051\FILE0026.CHK
C:\FOUND.051\FILE0027.CHK
C:\FOUND.051\FILE0028.CHK
C:\FOUND.051\FILE0029.CHK
C:\FOUND.051\FILE0030.CHK
C:\FOUND.051\FILE0031.CHK
C:\FOUND.051\FILE0032.CHK
C:\FOUND.051\FILE0033.CHK
C:\FOUND.051\FILE0034.CHK
C:\FOUND.051\FILE0035.CHK
C:\FOUND.051\FILE0036.CHK
C:\FOUND.051\FILE0037.CHK
C:\FOUND.051\FILE0038.CHK
C:\FOUND.051\FILE0039.CHK
C:\FOUND.051\FILE0040.CHK
C:\FOUND.051\FILE0041.CHK
C:\FOUND.051\FILE0042.CHK
C:\FOUND.051\FILE0043.CHK
C:\FOUND.051\FILE0044.CHK
C:\FOUND.051\FILE0045.CHK
C:\FOUND.051\FILE0046.CHK
C:\FOUND.051\FILE0047.CHK
C:\FOUND.051\FILE0048.CHK
C:\FOUND.051\FILE0049.CHK
C:\FOUND.051\FILE0050.CHK
C:\FOUND.051\FILE0051.CHK
C:\FOUND.051\FILE0052.CHK
C:\FOUND.051\FILE0053.CHK
C:\FOUND.051\FILE0054.CHK
C:\FOUND.051\FILE0055.CHK
C:\FOUND.051\FILE0056.CHK
C:\FOUND.051\FILE0057.CHK
C:\FOUND.051\FILE0058.CHK
C:\FOUND.051\FILE0059.CHK
C:\FOUND.051\FILE0060.CHK
C:\FOUND.051\FILE0061.CHK
C:\FOUND.051\FILE0062.CHK
C:\FOUND.051\FILE0063.CHK
C:\FOUND.051\FILE0064.CHK
C:\FOUND.051\FILE0065.CHK
C:\FOUND.051\FILE0066.CHK
C:\FOUND.051\FILE0067.CHK
C:\FOUND.051\FILE0068.CHK
C:\FOUND.051\FILE0069.CHK
C:\FOUND.051\FILE0070.CHK
C:\FOUND.051\FILE0071.CHK
C:\FOUND.051\FILE0072.CHK
C:\FOUND.051\FILE0073.CHK
C:\FOUND.051\FILE0074.CHK
C:\FOUND.051\FILE0075.CHK
C:\FOUND.051\FILE0076.CHK
C:\FOUND.051\FILE0077.CHK
C:\FOUND.051\FILE0078.CHK
C:\FOUND.051\FILE0079.CHK
C:\FOUND.051\FILE0080.CHK
C:\FOUND.051\FILE0081.CHK
C:\FOUND.051\FILE0082.CHK
C:\FOUND.051\FILE0083.CHK
C:\FOUND.051\FILE0084.CHK
C:\FOUND.051\FILE0085.CHK
C:\FOUND.051\FILE0086.CHK
C:\FOUND.051\FILE0087.CHK
C:\FOUND.051\FILE0088.CHK
C:\FOUND.051\FILE0089.CHK
C:\FOUND.051\FILE0090.CHK
C:\FOUND.051\FILE0091.CHK
C:\FOUND.051\FILE0092.CHK
C:\FOUND.051\FILE0093.CHK
C:\FOUND.051\FILE0094.CHK
C:\FOUND.051\FILE0095.CHK
C:\FOUND.051\FILE0096.CHK
C:\FOUND.051\FILE0097.CHK
C:\FOUND.051\FILE0098.CHK
C:\FOUND.051\FILE0099.CHK
C:\FOUND.051\FILE0100.CHK
C:\FOUND.051\FILE0101.CHK
C:\FOUND.051\FILE0102.CHK
C:\FOUND.051\FILE0103.CHK
C:\FOUND.051\FILE0104.CHK
C:\FOUND.051\FILE0105.CHK
C:\FOUND.051\FILE0106.CHK
C:\FOUND.051\FILE0107.CHK
C:\FOUND.051\FILE0108.CHK
C:\FOUND.051\FILE0109.CHK
C:\FOUND.051\FILE0110.CHK
C:\FOUND.051\FILE0111.CHK
C:\FOUND.051\FILE0112.CHK
C:\FOUND.051\FILE0113.CHK
C:\FOUND.051\FILE0114.CHK
C:\FOUND.051\FILE0115.CHK
C:\FOUND.051\FILE0116.CHK
C:\FOUND.051\FILE0117.CHK
C:\FOUND.051\FILE0118.CHK
C:\FOUND.051\FILE0119.CHK
C:\FOUND.051\FILE0120.CHK
C:\FOUND.051\FILE0121.CHK
C:\FOUND.051\FILE0122.CHK
C:\FOUND.051\FILE0123.CHK
C:\FOUND.051\FILE0124.CHK
C:\FOUND.051\FILE0125.CHK
C:\FOUND.051\FILE0126.CHK
C:\FOUND.051\FILE0127.CHK
C:\FOUND.051\FILE0128.CHK
C:\FOUND.051\FILE0129.CHK
C:\FOUND.051\FILE0130.CHK
C:\FOUND.051\FILE0131.CHK
C:\FOUND.051\FILE0132.CHK
C:\FOUND.051\FILE0133.CHK
C:\FOUND.051\FILE0134.CHK
C:\FOUND.051\FILE0135.CHK
C:\FOUND.051\FILE0136.CHK
C:\FOUND.051\FILE0137.CHK
C:\FOUND.051\FILE0138.CHK
C:\FOUND.051\FILE0139.CHK
C:\FOUND.051\FILE0140.CHK
C:\FOUND.051\FILE0141.CHK
C:\FOUND.051\FILE0142.CHK
C:\FOUND.051\FILE0143.CHK
C:\FOUND.051\FILE0144.CHK
C:\FOUND.051\FILE0145.CHK
C:\FOUND.051\FILE0146.CHK
C:\FOUND.051\FILE0147.CHK
C:\FOUND.051\FILE0148.CHK
C:\FOUND.051\FILE0149.CHK
C:\FOUND.051\FILE0150.CHK
C:\FOUND.051\FILE0151.CHK
C:\FOUND.051\FILE0152.CHK
C:\FOUND.051\FILE0153.CHK
C:\FOUND.051\FILE0154.CHK
C:\FOUND.051\FILE0155.CHK
C:\FOUND.051\FILE0156.CHK
C:\FOUND.051\FILE0157.CHK
C:\FOUND.051\FILE0158.CHK
C:\FOUND.051\FILE0159.CHK
C:\FOUND.051\FILE0160.CHK
C:\FOUND.051\FILE0161.CHK
C:\FOUND.051\FILE0162.CHK
C:\FOUND.051\FILE0163.CHK
C:\FOUND.051\FILE0164.CHK
C:\FOUND.051\FILE0165.CHK
C:\FOUND.051\FILE0166.CHK
C:\FOUND.051\FILE0167.CHK
C:\FOUND.051\FILE0168.CHK
C:\FOUND.051\FILE0169.CHK
C:\FOUND.051\FILE0170.CHK
C:\FOUND.051\FILE0171.CHK
C:\FOUND.051\FILE0172.CHK
C:\FOUND.051\FILE0173.CHK
C:\FOUND.051\FILE0174.CHK
C:\FOUND.051\FILE0175.CHK
C:\FOUND.051\FILE0176.CHK
C:\FOUND.051\FILE0177.CHK
C:\FOUND.051\FILE0178.CHK
C:\FOUND.051\FILE0179.CHK
C:\FOUND.051\FILE0180.CHK
C:\FOUND.051\FILE0181.CHK
C:\FOUND.051\FILE0182.CHK
C:\FOUND.051\FILE0183.CHK
C:\FOUND.051\FILE0184.CHK
C:\FOUND.051\FILE0185.CHK
C:\FOUND.051\FILE0186.CHK
C:\FOUND.051\FILE0187.CHK
C:\FOUND.051\FILE0188.CHK
C:\FOUND.051\FILE0189.CHK
C:\FOUND.051\FILE0190.CHK
C:\FOUND.051\FILE0191.CHK
C:\FOUND.051\FILE0192.CHK
C:\FOUND.051\FILE0193.CHK
C:\FOUND.051\FILE0194.CHK
C:\FOUND.051\FILE0195.CHK
C:\FOUND.051\FILE0196.CHK
C:\FOUND.051\FILE0197.CHK
C:\FOUND.051\FILE0198.CHK
C:\FOUND.051\FILE0199.CHK
C:\FOUND.051\FILE0200.CHK
C:\FOUND.051\FILE0201.CHK
C:\FOUND.051\FILE0202.CHK
C:\FOUND.051\FILE0203.CHK
C:\FOUND.051\FILE0204.CHK
C:\FOUND.051\FILE0205.CHK
C:\FOUND.051\FILE0206.CHK
C:\FOUND.051\FILE0207.CHK
C:\FOUND.051\FILE0208.CHK
C:\FOUND.051\FILE0209.CHK
C:\FOUND.051\FILE0210.CHK
C:\FOUND.051\FILE0211.CHK
C:\FOUND.051\FILE0212.CHK
C:\FOUND.051\FILE0213.CHK
C:\FOUND.052
C:\FOUND.052\FILE0000.CHK
C:\FOUND.052\FILE0001.CHK
C:\FOUND.053
C:\FOUND.053\FILE0000.CHK
C:\FOUND.053\FILE0001.CHK
C:\FOUND.053\FILE0002.CHK
C:\FOUND.053\FILE0003.CHK
C:\WINDOWS\DUMPdf18.tmp
C:\WINDOWS\Tasks\1-Click Maintenance.job

.
((((((((((((((((((((((((( Files Created from 2008-08-20 to 2008-09-20 )))))))))))))))))))))))))))))))
.

2008-09-20 13:40 . 2008-09-20 13:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-20 13:40 . 2008-09-20 13:40 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\Malwarebytes
2008-09-20 13:40 . 2008-09-20 13:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-20 13:40 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-20 13:40 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-20 09:56 . 2008-09-20 09:56 <DIR> d--hs---- C:\FOUND.054
2008-09-19 23:24 . 2007-08-24 19:45 101,120 -ra------ C:\WINDOWS\system32\drivers\ewusbmdm.sys
2008-09-19 23:24 . 2007-08-24 19:45 24,448 -ra------ C:\WINDOWS\system32\drivers\ewdcsc.sys
2008-09-19 00:50 . 2008-09-19 00:50 <DIR> d-------- C:\Program Files\XoftSpySE
2008-09-18 23:11 . 2008-09-19 19:53 121 --a------ C:\WINDOWS\bdagent.INI
2008-09-18 12:16 . 2008-09-19 11:23 90,112 --a------ C:\WINDOWS\DUMP38d9.tmp
2008-09-18 12:16 . 2008-09-20 09:32 90,112 --a------ C:\WINDOWS\DUMP0cbd.tmp
2008-09-17 17:41 . 2008-09-17 17:42 <DIR> d-------- C:\Program Files\CONEXANT
2008-09-17 15:53 . 2008-09-17 15:53 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\Bitdefender
2008-09-17 15:53 . 2008-09-17 15:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-09-17 15:47 . 2008-09-17 15:47 <DIR> d-------- C:\Layouts
2008-09-17 14:26 . 2008-09-20 09:34 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-09-14 00:58 . 2008-09-14 00:58 <DIR> d-------- C:\Poker
2008-09-03 13:10 . 2008-09-03 13:10 <DIR> d-------- C:\Program Files\apo_4video
2008-09-03 13:09 . 1998-11-13 11:04 308,224 --a------ C:\WINDOWS\IsUn040a.exe
2008-09-01 09:14 . 2008-09-01 09:14 <DIR> d-------- C:\Program Files\Lexmark 3500-4500 Series
2008-09-01 09:08 . 2008-09-01 09:08 <DIR> d-------- C:\logs
2008-09-01 09:07 . 2007-02-22 18:32 344,064 -ra------ C:\WINDOWS\system32\lxdicoin.dll
2008-09-01 09:07 . 2007-02-08 22:04 77,906 -ra------ C:\WINDOWS\system32\lxdicfg.dll
2008-09-01 09:07 . 2007-03-06 10:41 1,900 -ra------ C:\WINDOWS\system32\lxdi.loc
2008-08-31 20:24 . 2008-08-31 20:24 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\PokerAcademyPro2
2008-08-31 20:24 . 2008-08-31 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PokerAcademyPro2
2008-08-31 20:17 . 2008-08-31 20:17 <DIR> d-------- C:\Documents and Settings\fernando\Application Data\PA-Prospector
2008-08-28 12:37 . 2008-08-28 12:37 <DIR> d-------- C:\Program Files\iTunes
2008-08-28 12:37 . 2008-08-28 12:37 <DIR> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 01:11 241,704 ----a-w C:\WINDOWS\system32\dllcache\wgaLogon.dll
2008-08-12 01:10 917,032 ----a-w C:\WINDOWS\system32\dllcache\WgaTray.exe
2008-07-31 23:15 --------- d-----w C:\Program Files\PKR
2008-07-23 21:34 --------- d-----w C:\Program Files\Apple Software Update
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-26 08:15 619,520 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2008-06-26 08:15 1,499,136 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-06-24 22:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:43 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-23 15:09 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-23 15:09 666,112 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2008-06-23 15:09 3,067,392 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-05-05 16:11 27,976 ----a-w C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
2008-05-05 16:11 125,848 ----a-w C:\Program Files\mozilla firefox\plugins\atgpcext.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 532480]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-11-23 118784]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-07-03 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-07-02 700416]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2004-07-14 151552]
"ePowerManagement"="C:\Acer\ePM\ePM.exe" [2004-09-01 2876416]
"LManager"="C:\Program Files\Launch Manager\QtZgAcer.EXE" [2004-07-29 319488]
"lxctmon.exe"="C:\Program Files\Lexmark 5400 Series\lxctmon.exe" [2006-06-20 286720]
"EzPrint"="C:\Program Files\Lexmark 5400 Series\ezprint.exe" [2006-06-06 98304]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 106496]
"GC75-Manager-Class"="C:\Program Files\Sony Ericsson\Wireless Manager\GC75Manager.exe" [2004-05-27 770141]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"emMON"="C:\WINDOWS\emmon.exe" [2006-12-15 61440]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-08-27 274432]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-08-27 49152]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 C:\WINDOWS\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]

C:\Documents and Settings\fernando\Start Menu\Programs\Startup\
Microsoft Office Groove.lnk - C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [2007-08-29 340856]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2008-02-08 738968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.NTN1"= NUVision.ax

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^desktop.ini]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ELWAVE UDS.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ELWAVE UDS.lnk
backup=C:\WINDOWS\pss\ELWAVE UDS.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check(2).lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check(2).lnk
backup=C:\WINDOWS\pss\EPSON Status Monitor 3 Environment Check(2).lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PrognosisUDS.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PrognosisUDS.lnk
backup=C:\WINDOWS\pss\PrognosisUDS.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^fernando^Start Menu^Programs^Startup^desktop.ini]
path=C:\Documents and Settings\fernando\Start Menu\Programs\Startup\desktop.ini
backup=C:\WINDOWS\pss\desktop.iniStartup

[HKLM\~\startupfolder\C:^Documents and Settings^fernando^Start Menu^Programs^Startup^Dial Engine Pro.LNK]
path=C:\Documents and Settings\fernando\Start Menu\Programs\Startup\Dial Engine Pro.LNK
backup=C:\WINDOWS\pss\Dial Engine Pro.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^fernando^Start Menu^Programs^Startup^ELWAVE UDS.lnk]
path=C:\Documents and Settings\fernando\Start Menu\Programs\Startup\ELWAVE UDS.lnk
backup=C:\WINDOWS\pss\ELWAVE UDS.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PIMOne

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-04 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-04 05:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-21 11:52 40960 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\System32\\FXSCLNT.exe"=
"C:\\WINDOWS\\System32\\mmc.exe"=
"C:\\Program Files\\Common Files\\PrognosisUDS\\esignal.ude"=
"C:\\Program Files\\Common Files\\PrognosisUDS\\FXtrek.ude"=
"C:\\Program Files\\FX\\FX AccuCharts\\Professional.exe"=
"C:\\Program Files\\FXSGTS\\FXTRADER.EXE"=
"C:\\Program Files\\FXSGTS\\fxtraderum.exe"=
"C:\\Program Files\\Conference\\Conference.dll"=
"C:\\WINDOWS\\System32\\dpvsetup.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\WINDOWS\\System32\\lxctcoms.exe"=
"C:\\WINDOWS\\System32\\ftp.exe"=
"C:\\Program Files\\1stWORKS\\hotCommCL\\BIN\\hotComm.exe"=
"C:\\Program Files\\Trading Rooms Technologies, Inc\\TradingRooms\\Avx\\TradingRooms.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\System32\\lxdicoms.exe"=
"C:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdiPSWX.EXE"=
"C:\\WINDOWS\\System32\\spool\\drivers\\W32X86\\3\\lxdijswx.exe"=

R0 Achernar;Achernar - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Achernar.sys [2003-10-09 16851]
R0 hotcore;hotcore;C:\WINDOWS\system32\drivers\hotcore.sys [2006-06-29 30820]
R1 NetBurn;Paragon NetBurning Driver;C:\WINDOWS\system32\DRIVERS\NetBurn.sys [2006-06-29 79104]
R1 SMBHC;Microsoft SM Bus Host Controller Driver;C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 6784]
R3 Aldebaran;Aldebaran - SCSI Command Filters;C:\WINDOWS\system32\Drivers\Aldebaran.sys [2003-10-09 11731]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-07-30 87568]
S2 Apache2.2;Apache2.2;C:\ServidorZofry\xampp\apache\bin\apache.exe [2007-03-05 16896]
S2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 4096]
S2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2004-08-14 78208]
S2 lxdi_device;lxdi_device;C:\WINDOWS\system32\lxdicoms.exe [2007-03-06 517040]
S2 NetBurnerService;Net Burner iSCSI Service;C:\Program Files\Paragon Software\Drive Backup 8 Professional\Net Burner Service\NetBurnerService.exe [2006-06-29 217600]
S2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2004-06-01 10594]
S2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2004-06-01 4054]
S3 NUVision;NUVision Video Service;C:\WINDOWS\system32\DRIVERS\nuvvid2.sys [2001-09-20 153824]
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [ ]
S3 PD91Agent;PD91Agent;C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-04-16 689416]
S3 PD91Engine;PD91Engine;C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-04-16 894216]
S3 SEMWModem;Sony Ericsson SEMWModem;C:\WINDOWS\system32\DRIVERS\GCXX.sys [2006-06-29 119424]
S3 SEMWWNIC;Sony Ericsson SEMWWNIC;C:\WINDOWS\system32\DRIVERS\GCXXNet.sys [2006-02-03 58112]
S3 SEWModem;Sony Ericsson Wireless Modem;C:\WINDOWS\system32\DRIVERS\GC75.sys [2004-05-27 109056]
S3 SEWWNIC;Sony Ericsson Wireless WAN Adapter;C:\WINDOWS\system32\DRIVERS\GC75Net.sys [2004-05-27 58880]
S3 SMBBATT;Microsoft Smart Battery Driver;C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2008-04-13 16000]
S3 USB28xxBGA;USB 2861 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-01-12 380416]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-12-21 30208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39668040-7cf9-11dd-a976-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bca8dd0-ff10-11db-a7d2-000e358ac9bd}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fcf64e0-b545-11da-88e9-000e358ac9bd}]
\Shell\AutoRun\command - Iexplores.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fcf64e1-b545-11da-88e9-000e358ac9bd}]
\Shell\AutoRun\command - Iexplores.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{528fe2a0-f6ca-11dc-a8fe-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70ff1850-f621-11dc-a8fc-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93080f00-86c5-11dd-a9bc-000e358ac9bd}]
\Shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{970d04c1-1abc-11dc-a7fd-000e358ac9bd}]
\Shell\AutoRun\command - F:\l3v.exe
\Shell\explore\Command - F:\l3v.exe
\Shell\open\Command - F:\l3v.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c68c7a9-ce62-11db-a767-000e358ac9bd}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c68c7aa-ce62-11db-a767-000e358ac9bd}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cec92281-5f1d-11dd-a954-000e358ac9bd}]
\Shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec85b7d0-4cf1-11dc-a83a-000e358ac9bd}]
\Shell\Auto\command - adp.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL adp.exe
.
Contents of the 'Scheduled Tasks' folder

2008-09-19 C:\WINDOWS\Tasks\XoftSpySE.job
- C:\Program Files\XoftSpySE\XoftSpy.exe [2006-03-10 16:24]

2008-09-19 C:\WINDOWS\Tasks\TradeStation Backup - Monthly.job
- C:\Program Files\TradeStation 8.3 (Build 1631)\Program\TSBackupRestore.exe [2008-04-18 12:07]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 13:53:20
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
------------------------ Other Running Processes ------------------------
.
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Completion time: 2008-09-20 13:55:52 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-20 17:55:50
ComboFix4.txt 2008-09-20 01:00:06
ComboFix3.txt 2008-09-20 03:20:00
ComboFix2.txt 2008-09-20 05:17:10

Pre-Run: 1,161,396,224 bytes free
Post-Run: 1,137,115,136 bytes free

1396 --- E O F --- 2008-09-17 19:20:51
Back to Top
 

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/20/2008 10:33 PM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Mbam log:

Malwarebytes' Anti-Malware 1.28
Database version: 1182
Windows 5.1.2600 Service Pack 3

2008-09-20 15:26:17
mbam-log-2008-09-20 (15-26-17).txt

Scan type: Full Scan (C:\|D:\|X:\|)
Objects scanned: 359735
Time elapsed: 50 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
X:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
X:\Documents and Settings\Eserycom\Configuración local\Temp\s2c0 (Adware.Agent) -> Quarantined and deleted successfully.
X:\Documents and Settings\Eserycom\Configuración local\Temp\tem20.tmp.exe (Adware.Agent) -> Quarantined and deleted successfully.
X:\Documents and Settings\Eserycom\Configuración local\Archivos temporales de Internet\Content.IE5\W5Y7O1UB\sa_1083.exe (Adware.Agent) -> Quarantined and deleted successfully.
X:\Archivos de programa\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
X:\Archivos de programa\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 9/22/2008 8:17 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Run a scan here: http://housecall.trendmicro.com/
 
Have it to fix/remove what it find.
 
Connect ALL your external drives before scan.
 
Then post fresh combofix log


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/22/2008 7:55 PM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Thanks Touch for keep helping me on this.
I'm trying to run that scan on safe mode with networking but the navigator (IE and firefox) closes when it initiates to install kernell.
I'll test with java based.

The laptop keeps really unstable and I get BSOD everytime when in normal mode.
Yesterday don't know how but I could finish running combofix on normal mode. It took almost an hour and a half to finish. Please find the log on the next post, maybe i found some other thing it didn't on safe mode.
Also, I'm trying to run a complete scan of BD on normal mode but sometimes it go for 10 hours and I see it have found 110 files infected but at some pint it dies again with BSOD :(

I'm starting to think my only possible move will be to reinstall windows :(

Thanks
Back to Top
 

Efex
New Member


Date Joined Sep 2008
Total Posts : 6
 
   Posted 9/23/2008 1:08 AM (GMT +3)    Quote: Help with NSAnti.H -My PC is not working-Alert an admin about: Help with NSAnti.H -My PC is not working-
Hi Touch,

I just can't run the scan even on safe mode.
The pc keeps getting the BSOD

As I have another windows os installed in one of the other partitions, I tried to do it from there, but again got the BSOD.

I'm starting to think it is something wrong with my hardwre and even a format and new install won't fix my problem.

Do you think I may be right?

What do u recommend I should do??

Thanks again
Back to Top
 
New Topic Post reply to : Help with NSAnti.H -My PC is not working- Printable version of : Help with NSAnti.H -My PC is not working-
 
Forum Information
Currently it is Wednesday, July 30, 2014 6:09 PM (GMT +3)
There are a total of 60,529 posts in 13,304 threads.
In the last 3 days there were 0 new threads and 0 reply posts. View Active Threads
Who's Online
This forum has 36191 registered members. Please welcome our newest member, EddieMayo.
3 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads