also @ TechSpot: 'Supercapacitor' could fully charge your phone in less than 30 seconds

TechSpot

TechSpot News Products Downloads Forums

About
Sign in

Welcome to TechSpot

Why should I register?

Sign up for a new account or log in here:

Forgot your password?

Couldn't sign you in, please try again.

Malware problem maybe more?

Discussion in 'Virus and Malware Removal' started by billyd, May 13, 2012.

Post New Reply

Page 2 of 5

billyd Newcomer, in training Posts: 60

ComboFix 12-05-17.02 - William 05/17/2012 4:13.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.2102 [GMT -4:00]
Running from: c:\users\William\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB37865$
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\usbcm.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_regspy
.
.
((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
.
.
2012-05-17 08:27 . 2012-05-17 08:30 -------- d-----w- c:\users\William\AppData\Local\temp
2012-05-17 08:27 . 2012-05-17 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-16 08:11 . 2012-05-16 08:11 -------- d-----w- C:\found.001
2012-05-16 08:07 . 2012-05-16 08:07 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-15 09:54 . 2012-04-18 07:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE8DEF1D-B252-40EE-A322-05E15EFDA7C7}\mpengine.dll
2012-05-13 23:46 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-13 23:46 . 2012-05-13 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-13 17:41 . 2012-05-13 17:41 -------- d-----w- c:\users\William\AppData\Local\ESET
2012-05-13 17:30 . 2012-05-13 17:30 -------- d-----w- c:\program files\Windows Resource Kits
2012-05-12 23:11 . 2012-05-12 23:11 -------- d-----w- c:\program files\ESET
2012-05-11 01:11 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-11 01:11 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 22:42 . 2012-05-05 22:43 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
2012-04-22 23:44 . 2012-04-22 23:44 -------- d-----w- C:\found.000
2012-04-22 19:14 . 2012-04-22 19:14 -------- d-----w- c:\programdata\Kaspersky Lab
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 08:08 . 2011-12-23 05:19 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-05 16:58 . 2012-04-04 17:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 16:58 . 2011-12-23 00:38 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-03 18:42 . 2012-04-03 18:42 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-04-03 18:42 . 2012-04-03 18:42 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-04-03 18:42 . 2012-04-03 18:42 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2012-04-02 13:36 . 2012-05-11 01:11 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-03-28 16:09 . 2012-03-20 23:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-29 15:11 . 2012-04-12 07:13 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11 . 2012-04-12 07:13 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09 . 2012-04-12 07:13 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32 . 2012-04-12 07:13 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18 . 2012-04-12 07:14 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-12 07:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 07:14 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-12 07:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-25 19:19 . 2012-02-25 19:19 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2012-02-23 14:18 . 2011-12-16 16:56 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Turbo Tourney 2012 Scheduler.lnk]
backup=c:\windows\pss\Turbo Tourney 2012 Scheduler.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
.
R0 70080763;70080763;c:\windows\system32\drivers\98925466.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
se2Bunic
ofcpfwsvc
upsmonservice
nmservice
atkkeyboardservice
SE2Bmdfl
SE2Dbus
omsad
tmtdi
wscsvc
wm
UNDPX2A
sdcoreservice
EIO_XP
ErrDev
qfcoresvc
mcdetect.exe
pelusblf
DS1410D
CTMFLT
EMATCORE
CVirtA
mssqlserverolapservice
pgpsdkservice
PTDCVsp
dsNcAdpt
sisnic
btnetfilter
nimcdfxk
MTC0001_ESB
SprintRcAppSvc
pcx1unic
RDID1027
pwkntmon
axsaki
mwagent
oracle_load_balancer_60_server-forms6ip9
rslinxng
mysql
teefer
atixsaudio
adminserver
mvserver
spmd
bc_filter
atiavaiw
UimBus
sisperf
imapiservice
s716mdm
rt2500usb
ppped
tfsnboio
dlartl_n
vstor2-ws60
iPassPeriodicUpdateService
speakerphone
ZDPNDIS5
ISAMSvc
plsremotesvc
smartwiservice
mcdbus
se45mgmt
ccflic0
webdriveservice
wlluc48b
webrootenterpriseclientservice
imagesrv
flashcom
ssm_bus
olapserver
wintab32
a016mgmt
MRV6X32P
EACSvrMngr
sglogplayer
AcronisOSSReinstallSvc
atdisk
bantext
nwlnkspx
PBADRV
oraclewebassistant
sonytvc
intelroam
papyjoy
tfsnudf
U3sHlpDr
npapimon
comhost
SetupSys
pdlnatcm
iPassP
perc2
statusagent
ATWPKT2
AdobeActiveFileMonitor6.0
WD_FireWire_HID
{a7447300-8075-4b0d-83f1-3d75c8ebc623}
hclinetd
i81x
SWUMX51
MQAC
UsbserFilt
dlbu_device
szkg
incdsrv
acrotray
rootmodem
nwlnknb
avgems
datasvr
NETw4v32
cfgwzsvc
tvtfilter
USB_NDIS_51
s125mdfl
tng-dtmg
vproeventmonitor
wmconnectcds
redbook
DivisCTS
NWSAP
macformatservice
sit_flt
EL2000
ssfs0509
procexp90
iksyssec
starwindservice
mnsframework
bwcsrv
aolservice
crauto
nvax
mctskshd.exe
ICAM5USB
LC7981
razerusb
EagleNT
elockservice
xfilt
ageremodemaudio
MA8032U
fshttps
slabbus
useraccess7
ctljystk
acermemusagecheckservice
NVR0Dev
rnadirectory
netmdsb
nm
bc_pat_f
MREMP50
W700mdm
oraclemtsrecoveryservice
pduip6000dmemcrdmgr
roxwatch
svv
SMCB000
vncdrv
tapeware
Angel2
qkbfiltr
persfw
cpucoolserver
elnkservice
btwusb
STV680m
msftpsvc
mxnic
ikhfile
opcenum
trioservice
cebdaldr
winpppoverethernet
lpx
TOSHIBASoftModem
mssql$sqlexpress
Hotkey
NITaggerService
dlcj_device
slabser
openldap-slapd
diskeeper
WinVd32
rchost
w800mdm
NTIDrvr
dlcc_device
server
SE26mgmt
z800mgmt
emitray
aspi32
S3GIGP
tgsrvc_smartagent
beatjamupnpmusicserver
iaimfp1
Slntamr
defwatch
sis315
queuemgr
penrendezvous
lktimesync
bthpan
ATMsg
ino_flpy
cvslock
dtsrvc
noipducservice
WaveFDE
ntcharge
se45nd5
rfcomm
tavsvc
SABSVC
screadspool
GTSCSER
mysqlinventime
modemcsa
timounter
NETw3v32
ma_cmidi_installerservice
getPlusHelper
nimxdfk
tdimsys
bdselfpr
PD0620VID
PGPdisk
SimpTcp
mfeavfk
AVerTV
SPFDRV
btwhid
pcradminserver
audstub
mlkkbdntdriver
WBHWDOCT
lvprcsrv
uleadburninghelper
mwstick
vsdatant
hibernation
lmab_device
rppkt
mcsysmon
UWProSys
s217nd5
CX88AUD
pdlnshay
monfilt
lxcj_device
ntpr_nic_service2
a016mdm
iAimTV5
zpsc
haspnt
Jukebox
VAIOMediaPlatform-MusicServer-HTTP
FETNDIS
scsk4
outpostfirewall
backupexecalertserver
nmwcdc
pavdrv
sandboxu
slee_503_service
HIDSwvd
ssm_mdm
LVRS
sifilter
viaagp1
ood2000
STV680
CnxTrLan
win32sl
s116mdm
cwcwdm
Pctspk
jaguar
ROB_A
Appn
hwpsgt
AVCSTRM
spcsutilityservice
nvstor32
mfesmfk
roxupnpserver
avg7rsw
SWNC5E00
DNE
ovsecurityserver
p2k
ADIDTSFiltService
wuolservice
ggsemc
winpowerrmi
GoToAssist
DgiVecp
cccredmgr
srvdpi
db2das00
spbbcsvc
vcommmgr
SNP2STD
NIPALK
hpqddsvc
harmony
sshrmd
GT890x
winpower
Slpsvdr
oracle_load_balancer_60_client-forms6ip9
APLMp50
TMKEmu
HPFECP20
pcidump
ftsata2
UVCFTR
nbservice
license
oracleorahomehttpserver
DirectUpdate
PGPsdkDriver
retroexplauncher
nfmservice
tng-dts
SE2Eobex
wampmysqld
s217mdm
dlcf_device
rimvserport
TNaviSrv
el90xbc
RESMGR
SDdriver
pdlnsx25
gameenum
wdica
AR5523
picturetaker
Evian
btwavdt
rnadiagnosticsservice
cusrvc
Via4in1
freepops
nimcrpcsu
dmio
TuneUp.Defrag
iPassPeriodicUpdateApp
prism_a02
IFPUSB
bt3cser
transarcafsdaemon
k750mdfl
USB_RNDIS
SRTSP
ifxtcs
VICESYS
PTDCBus
tcsd_win32.exe
pml
ScFBPNT3
UxTuneUp
vc5secs
tbhsd
stacsv
licensemanagersocket
avgarcln
tosrfnds
ql1280
s3ssavage
hmonitor
wlluc48
tmmbd
cbidf
zebrbus
dvd_2K
vsapint
w200bus
awhost32
filechecker
NsTrcNT
hsf_dp
trackcam4
arcltsrv
dladresm
WUSB54GPV4SRV
us30service
vvoice
inotask
inorpc
VNUSB
lxrjd31d
Ncrc710
rca
s125obex
NxSysMon
VX3000
srescan
{95808DC4-FA4A-4c74-92FE-5B863F82066B}
isapisearch
lockmgr
nvcap
ss_mdfl
SRS_SSCFilter
klif
DCamUSBSQTECH
se26unic
mks_scan
s7otranx
SED133x
ibmcicstransactiongateway
s7oppitx
LKbdFlt2
3comtftp
UMPass
U81xobex
U2SP
co_mon
atierecord
qbfcservice
tosrfsnd
openvpnservice
AmdLLD
freebsd
atkdisplf
se58unic
RMCAST
mcnasvc
cdr4_2k
avg7updsvc
cvsnt
k750mdm
s616unic
artourservice
symmpi
iastor
aclient
BTSLBCSP
askernel
acprfmgrsvc
https-admserv61
splitter
SaiU040B
proxyhostservice
USB_RNDIS_XP
nmsaccess
mfehidk
snmptrapdservice
digictrl
emupia
rimusb
array_utility_service4,0,1,3
gearaspiwdm
eskerlicensecontrol
lxbs_device
nimdbgk
CTMSHD
ihcservice
pavreport
ATKFUSService
iomdisk
se59mdfl
pnkbstrb
lp6nds35
syntp
SWMX00
se2Bnd5
e1express
w800mdfl
entech
T6963C
hnmsvc
VCAM
purgeieservice
XFX_program
smcservice
ldlcserv
PQNTDrv
iviaspi
enxpsvc
DniVad
acedrv07
Subsonic
iwebmsg
qmofiltr
agrsrvce
SunkFilt39
TcUsb
MA_CMIDI
trcboot
smsmdd
iam
a016mdfl
db2ntsecserver
ec2007service
sqlagent$sony_mediamgr
soma
tvs
ipsraidn
kservice
Bcim
amon
axinstsv
btwrchid
bdfsdrv
SE2Dmdfl
MTsensor
maya70docserver
ctdvda2k
wg111nd5
nchssvad
SaiNtSub
cpqarray
gv3
UpdateCenterService
MobilePreInstallerService
SQLWriter
iap
usb20l
s716nd5
FireTDI
pdframe
HSFHWICH
yukonwxp
lvpopflt
vzcdbsvc
NVTCP
SE27mdm
atalk
SunkFilt
NVENET
ctmmfilt
cicssfs.scmmc223
ifxspmgtsrv
se44nd5
agentsrv
ATMsrvc
nsengine
s117obex
aswrdr
z800obex
mwspollserver
lxbu_device
rtl8139
se44bus
USB11LDR
ramaint
pfc
athr
se59nd5
sentinel
ser2pl
websenselogserver
ltck000c
ZuneWlanCfgSvc
k750mgmt
Nsynas32
uclauncherservice
ossrv
sprtsvc_smartagent
autocomplete
sbhooksvc
USBCamera
TestHandler
adiloader
elotouchscreen
cwafrmiregistry
W55U01
tvicport
aec
ino_fltr
CTEDSPFX.DLL
U81xmdm
HFACSVC
imaservice
tmactmon
MpFilter
bthusb
symids
ASMMAP
atchksrv
AKSIFDH
GV600_4
nvmpu401
ASNDIS5
omniusbl
papycpu2
cpuz132
HECI
tsdhd
protexislicensing
slapd-data52
tandpl
dxdebug
scanwscs
ntrtscan
mod7700
TVALG
oracle_load_balancer_60_client-forms6ip14
telnet
mapserver6.3
incdfs
eamon
GTPTSER
atmeltpm
vetmsgnt
nvsmu
RSAFAL
alertmanager
sysmonlog
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:58]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
- c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
- c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-70080763.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-17 04:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\netbt]
"ImagePath"="system32\drivers\tsk9AF1.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:81,97,c7,74,c6,e0,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,3b,da,52,c0,a4,82,4f,a1,90,3e,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\dlbacoms.exe
c:\program files\ESET\ESET Smart Security\ekrn.exe
c:\program files\TeamViewer\Version4\TeamViewer_Service.exe
c:\program files\TeamViewer\Version4\TeamViewer.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
.
**************************************************************************
.
Completion time: 2012-05-17 04:39:27 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-17 08:39
ComboFix2.txt 2012-05-15 08:45
.
Pre-Run: 47,050,002,432 bytes free
Post-Run: 47,093,510,144 bytes free
.
- - End Of File - - 465FBB92983D187887138508D60CA266

billyd, May 17, 2012

#21
Broni Malware Annihilator Posts: 39,313 +175
Looks good

How is computer doing?

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Click the Scan All Users checkbox.

Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
Broni, May 17, 2012

#22
billyd Newcomer, in training Posts: 60

OTL logfile created on: 5/18/2012 3:51:28 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\William\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.12% Memory free
6.21 Gb Paging File | 4.99 Gb Available in Paging File | 80.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 41.77 Gb Free Space | 29.65% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.75 Gb Free Space | 21.39% Space Free | Partition Type: NTFS

Computer Name: WILLIAM-PC | User Name: William | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011/01/12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/10/07 09:04:44 | 003,872,552 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
PRC - [2009/10/07 08:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbacoms.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/11 05:03:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 05:03:13 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/11 04:52:33 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/11 04:52:12 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2007/12/08 15:34:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxrsii1s.dll -- (zpsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w200mgmt.dll -- (zebrbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSI_SiUSBXp_3_1.dll -- (z800obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssscsisv.dll -- (z800mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2ntsecserver.dll -- (WUSB54GPV4SRV)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMPLSCSI.dll -- (wuolservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavsrv.dll -- (wmi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UWProSys.dll -- (wmdmpmsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fingrd32.dll -- (wm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdralw2k.dll -- (wlluc48b)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaantmon.dll -- (wlluc48)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iap.dll -- (WinVd32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniserv.dll -- (wintab32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sptisrv.dll -- (winpppoverethernet)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (winpowerrmi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm21.dll -- (winpower)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8139.dll -- (win32sl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trayman.dll -- (wg111nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se58mgmt.dll -- (webrootenterpriseclientservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tos_sps32.dll -- (webdriveservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elagopro.dll -- (wdica)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_bus.dll -- (WD_FireWire_HID)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swwd.dll -- (WBHWDOCT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kraidsvc.dll -- (WaveFDE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tvtfilter.dll -- (wampmysqld)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\starwindservice.dll -- (w800mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdfl.dll -- (w800mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvstor64.dll -- (W55U01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbsermptxp.dll -- (w200bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032U.dll -- (vzcdbsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\irbus.dll -- (VX3000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s217unic.dll -- (vvoice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sympxsvc.dll -- (vsdatant)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\termdd.dll -- (vsapint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (VNUSB)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\niorbk.dll -- (vncdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\arkbcfltr.dll -- (VICESYS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v2imount.dll -- (viaagp1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aalogger.dll -- (Via4in1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\navap.dll -- (vetmsgnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NTIDrvr.dll -- (vcommmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\U3sHlpDr.dll -- (vc5secs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DMUSBUSBDCam.dll -- (VAIOMediaPlatform-MusicServer-HTTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdrbsvsd.dll -- (UxTuneUp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prodrv06.dll -- (UWProSys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\openvpnservice.dll -- (UVCFTR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclexeclragent.dll -- (useraccess7)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cercsr6.dll -- (usb20l)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avgascln.dll -- (USB11LDR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50.dll -- (USB_RNDIS_XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hprfdev.dll -- (USB_RNDIS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atapi.dll -- (us30service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cinemsup.dll -- (upsmonservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsf_dpv.dll -- (uploadmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome92tnslistener.dll -- (UpdateCenterService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidgame.dll -- (UNDPX2A)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniserv.dll -- (UMPass)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AdobeActiveFileMonitor6.0.dll -- (uleadburninghelper)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btwusb.dll -- (uclauncherservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032C.dll -- (U81xobex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\delldmi.dll -- (tvs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaimtv2.dll -- (TVALG)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132.dll -- (TuneUp.Defrag)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndisip.dll -- (tsdhd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atkkeyboardservice.dll -- (trioservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dmgmt.dll -- (transarcafsdaemon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\stllssvr.dll -- (trackcam4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tosporte.dll -- (tosrfsnd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regservice.dll -- (tosrfnds)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmio.dll -- (TOSHIBASoftModem)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\steamdvr.dll -- (tng-dts)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpnodecollector.dll -- (TNaviSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\es1371.dll -- (tmtdi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\quickhealfirewall.dll -- (tmmbd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slee_81_service.dll -- (TMKEmu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mscsptisrv.dll -- (timounter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PciBus.dll -- (tgsrvc_smartagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FTDIBUS.dll -- (tfsnudf)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032C.dll -- (telnet)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\alcaudsl.dll -- (tdimsys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidusb.dll -- (tcsd_win32.exe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rwbackupsrv.dll -- (tbhsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lbrtfdc.dll -- (tavsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcLps.dll -- (tapeware)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservauth.dll -- (tandpl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH905C.dll -- (syntp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (symmpi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pca.dll -- (symids)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafnotesservice.dll -- (SWUMX51)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CT20XUT.DLL.dll -- (SWNC5E00)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxdmCATSCustConnectService.dll -- (SWMX00)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdrframe.dll -- (svv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TClass2k.dll -- (SunkFilt39)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kerbkey.dll -- (SunkFilt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HECI.dll -- (Subsonic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccpwdsvc.dll -- (STV680m)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (STV680)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ntgrip.dll -- (stacsv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dot4print.dll -- (ssm_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MailService.dll -- (ssm_bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcgcustomerconnect.dll -- (sshrmd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMCB000.dll -- (ssfs0509)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NetMsmqActivator.dll -- (ss_mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ISAMSvc.dll -- (srvdpi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSNDIS5.dll -- (SRTSP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cm102u32.dll -- (SRS_SSCFilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (srescan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w29n51.dll -- (SQLWriter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdfsdrv.dll -- (sprtsvc_smartagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsunidrv.dll -- (spmd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupexecagentaccelerator.dll -- (splitter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiSGbeXP.dll -- (SPFDRV)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdtcp.dll -- (spcsutilityservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdfl.dll -- (spbbcsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NPPTNT.dll -- (sonytvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mbr.dll -- (SNP2STD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SerTVOutCtlr.dll -- (snmptrapdservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VRFIL.dll -- (smsmdd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HECI.dll -- (SMCB000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICSer_WPC300N.dll -- (smartwiservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ipfilterdriver.dll -- (Slpsvdr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Invoker.dll -- (Slntamr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcidrv.dll -- (slee_503_service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CoachUsb.dll -- (slabser)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\l8042pr2.dll -- (slabbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snmptrapdservice.dll -- (sisnic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wuauserv.dll -- (sis315)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ngdbserv.dll -- (SimpTcp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCISys.dll -- (sifilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\roxupnpserver.dll -- (sglogplayer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c-dillasrv.dll -- (SetupSys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NPDriver.dll -- (server)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBGrandTek.dll -- (ser2pl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdss.dll -- (sentinel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\psasrv.dll -- (SED133x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amfilter.dll -- (se59nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OEM02Vfx.dll -- (se58unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgsvcgen.dll -- (se45nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavprsrv.dll -- (se45mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH905C.dll -- (se44nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bthmodem.dll -- (se44bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (SE2Eobex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hdaudbus.dll -- (SE2Dbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PciBus.dll -- (se2Bunic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scramby.dll -- (se2Bnd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\afs2k.dll -- (SE2Bmdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GTSCSER.dll -- (se26unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirectory.dll -- (SE26mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (SDdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\konfig.dll -- (sdcoreservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ICM10USB.dll -- (scsk4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ufdsvc.dll -- (screadspool)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirmultiplexor.dll -- (ScFBPNT3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DKbFltr.dll -- (sbhooksvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odysseyIM4.dll -- (sandboxu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndis.dll -- (SaiU040B)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SNMP.dll -- (SaiNtSub)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BoiHwsetup.dll -- (SABSVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvuvc.dll -- (s7otranx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800mdm.dll -- (s7oppitx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spooler.dll -- (s716nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcbus.dll -- (s616unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sis162u.dll -- (s3ssavage)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BUFADPT.dll -- (S3GIGP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scarddrv.dll -- (s217nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsndrct.dll -- (s217mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svv.dll -- (s125obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epoxusdm.dll -- (s116mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDPNDIS5.dll -- (rtl8139)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ErrDev.dll -- (RSAFAL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ohci1394.dll -- (rppkt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rspndr.dll -- (roxupnpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portmapper.dll -- (ROB_A)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mksupdateint.dll -- (rnadiagnosticsservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tlntsvr.dll -- (RMCAST)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwcspud.dll -- (rimvserport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecpmcommunicationagent.dll -- (rimusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smtpd32.dll -- (rfcomm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccdecode.dll -- (retroexplauncher)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\shellhwdetection.dll -- (RESMGR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\itchfltr.dll -- (RDID1027)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symc8xx.dll -- (rchost)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acdpowerservice.dll -- (rca)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome90agent.dll -- (ramaint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\httpfilter.dll -- (queuemgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\navap.dll -- (qmofiltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RVIEG01.dll -- (ql1280)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usprserv.dll -- (qkbfiltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SRTSPL.dll -- (qbfcservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SecureStorageService.dll -- (PTDCVsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ncrc710.dll -- (PTDCBus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netddedsdm.dll -- (proxyhostservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avsinc.dll -- (protexislicensing)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CE3.dll -- (procexp90)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdpredir.dll -- (prism_a02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wdica.dll -- (pml)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aolservice.dll -- (picturetaker)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btwhid.dll -- (PGPsdkDriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\toscosrv.dll -- (PGPdisk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlndtdl.dll -- (pfc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hnmsvc.dll -- (persfw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWSCtrl.dll -- (perc2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (penrendezvous)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slabser.dll -- (pduip6000dmemcrdmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LMIRfsDriver.dll -- (pdlnsx25)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thpsrv.dll -- (pdlnatcm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WNCPKT.dll -- (pdframe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclesnmppeerencapsulator.dll -- (PD0620VID)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnmsrvc.dll -- (Pctspk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w29n51.dll -- (pcradminserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nic1394.dll -- (pcidump)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\quickhealfirewall.dll -- (papyjoy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmHidLo.dll -- (papycpu2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dntus26.dll -- (p2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\jaguar.dll -- (ovsecurityserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atixsaudio.dll -- (outpostfirewall)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Video3D.dll -- (oraclewebassistant)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (oracleorahomehttpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FVXSCSI.dll -- (oracle_load_balancer_60_client-forms6ip9)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SED133x.dll -- (oracle_load_balancer_60_client-forms6ip14)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TIEHDUSB.dll -- (openvpnservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vstor2.dll -- (openldap-slapd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avg7updsvc.dll -- (ood2000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (omsad)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\knobserv.dll -- (omniusbl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mlkkbdntdriver.dll -- (olapserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GameConsoleService.dll -- (NxSysMon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcusb.dll -- (nwlnkspx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\anydvd.dll -- (NVTCP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\6to4.dll -- (nvstor32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcsvc.dll -- (nvsmu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elagopro.dll -- (NVR0Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mpe.dll -- (nvmpu401)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfetdik.dll -- (NVENET)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NetwareWorkstation.dll -- (nvcap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\beatjamupnpmusicserver.dll -- (ntpr_nic_service2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elaunidr.dll -- (ntmssvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcccustomerconnect.dll -- (NTIDrvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rp32service.dll -- (ntcharge)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asp.net.dll -- (NsTrcNT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cisvc.dll -- (noipducservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZTEusbser6k.dll -- (nmwcdc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portio.dll -- (nmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mssql$microsoftbcm.dll -- (nmsaccess)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\shdserv.dll -- (NITaggerService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTEXFIFX.DLL.dll -- (NIPALK)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aliadwdm.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bocdrive.dll -- (nimcdfxk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLBrowser.dll -- (nfmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmtdi.dll -- (NETw3v32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (netmdsb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AtiPcie.dll -- (Ncrc710)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8023.dll -- (nbservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PcdrNt.dll -- (mysqlinventime)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rupsd.dll -- (mxnic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bcm43xx.dll -- (mwstick)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfdrv01.dll -- (mwspollserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\networkx.dll -- (mssqlserverolapservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdudf_xp.dll -- (mssql$sqlexpress)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MKEMUSB.dll -- (msftpsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\server.dll -- (monfilt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (modemcsa)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mgmt.dll -- (MobilePreInstallerService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (mlkkbdntdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se26unic.dll -- (mks_scan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcusb.dll -- (mfesmfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slip.dll -- (mfehidk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\YahooAUService.dll -- (mfeavfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msmpsvc.dll -- (mctskshd.exe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdcmdpst.dll -- (mcsysmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ltxred.dll -- (mcnasvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cam5603C.dll -- (mcdbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWIONT.dll -- (mapserver6.3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mferkdk.dll -- (MA8032U)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CiscoVpnInstallService.dll -- (ma_cmidi_installerservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mldserv.dll -- (lxrjd31d)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvsmu.dll -- (lxcj_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpsc.dll -- (lxbu_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sonicatheaterinstallerservice.dll -- (lxbs_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tcpip.dll -- (LVRS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\crystalinputfileserver.dll -- (lvprcsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (lpx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmservice.dll -- (lp6nds35)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrScnUsb.dll -- (lockmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vds.dll -- (lmab_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qhwscsvc.dll -- (lktimesync)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqalert.dll -- (LKbdFlt2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sweepsrv.sys.dll -- (licensemanagersocket)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DellAMBrokerService.dll -- (license)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmaCVideo32.dll -- (klif)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvstor64.dll -- (k750mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cis1284.dll -- (k750mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\actser.dll -- (Jukebox)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swmidi.dll -- (jaguar)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nsm1serd.dll -- (iwebmsg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116bus.dll -- (iviaspi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdm.dll -- (isapisearch)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLWriter.dll -- (ISAMSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MS1000.dll -- (iPassPeriodicUpdateService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hSONYPVh.dll -- (iPassPeriodicUpdateApp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadiagnosticsservice.dll -- (iPassP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbvideo.dll -- (inotask)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bridge.dll -- (inorpc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8335XP.dll -- (ino_flpy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rootmodem.dll -- (incdfs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qbcfmonitorservice.dll -- (imagesrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AcronisOSSReinstallSvc.dll -- (iksyssec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahomehttpserver.dll -- (ikhfile)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s616mgmt.dll -- (ifxtcs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eeyeevnt.dll -- (ifxspmgtsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agpcpq.dll -- (IFPUSB)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mrobeservice.dll -- (ibmcicstransactiongateway)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inetaccs.dll -- (iastor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\twdns.dll -- (iap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemap.dll -- (iAimTV5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp90.dll -- (iaimfp1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kerbkey.dll -- (i81x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i8042prt.dll -- (hwpsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (https-admserv61)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tappsrv.dll -- (HSFHWICH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msgsrvservice.dll -- (hsf_dp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (hpqddsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vsmon.dll -- (HPFECP20)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mxserver.dll -- (Hotkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\buslogic.dll -- (hmonitor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HIDSwvd.dll -- (HIDSwvd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elockservice.dll -- (hibernation)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (hclinetd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcCam.dll -- (haspnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ADIDTSFiltService.dll -- (harmony)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\jobserver_report.dll -- (GV600_4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thkeys.dll -- (gv3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MRESP50.dll -- (GTSCSER)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pnmsrv.dll -- (GTPTSER)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usb_rndisx.dll -- (gearaspiwdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateApp.dll -- (fshttps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Eunic.dll -- (freepops)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\samss.dll -- (freebsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfehidk.dll -- (flashcom)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kpfwsvc.dll -- (eskerlicensecontrol)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srv.dll -- (emupia)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sbpci.dll -- (el90xbc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-filt.dll -- (EL2000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mdfl.dll -- (EACSvrMngr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\L1e.dll -- (e1express)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemsg.dll -- (DNE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smapint.dll -- (dmio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcEPIOMngr.dll -- (dlcf_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issuser.dll -- (DirectUpdate)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pimsgss.dll -- (digictrl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndasscsi.dll -- (defwatch)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tones.dll -- (ctljystk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ps2.dll -- (cpucoolserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sit_bus.dll -- (cicssfs.scmmc223)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\captureservice.dll -- (cebdaldr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdde.dll -- (ccflic0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8100PCI.dll -- (btwusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\merakcontrol.dll -- (BTSLBCSP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nfsds.dll -- (btnetfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8029.dll -- (bthusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\akshhl.dll -- (bantext)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsaa.dll -- (backupexecalertserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ati.dll -- (axsaki)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpsupdaterr.dll -- (avg7rsw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\apphostsvc.dll -- (ATWPKT2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cyberpowerups.dll -- (ATMsrvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmesbs32.dll -- (atkkeyboardservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCDCODEC.dll -- (atixsaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w550mdm.dll -- (athr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cicssfs.scmmc223.dll -- (atalk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RTHDMIAzAudService.dll -- (aswrdr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmp54gv4svc.dll -- (ASNDIS5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdagent.dll -- (askernel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ShockMgr.dll -- (artourservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NTSIM.dll -- (array_utility_service4,0,1,3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ultra66.dll -- (Appn)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccispwdsvc.dll -- (Angel2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Eobex.dll -- (AKSIFDH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acpi.dll -- (agrsrvce)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\idsvc.dll -- (ageremodemaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WinHttpAutoProxySvc.dll -- (AdobeActiveFileMonitor6.0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TPM.dll -- (AcronisOSSReinstallSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RIOXDRV.dll -- (acprfmgrsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Dell1100_FUService.dll -- (aclient)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-MusicServer-HTTP.dll -- (acermemusagecheckservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acrotray.dll -- (a016mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmsmbus.dll -- ({a7447300-8075-4b0d-83f1-3d75c8ebc623})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iAimFP7.dll -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
SRV - [2012/05/05 12:58:23 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/01/12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/10/07 08:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbacoms.exe -- (dlba_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\tsk9AF1.tmp -- (netbt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - File not found [File_System | Boot | Stopped] -- system32\drivers\98925466.sys -- (70080763)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/25 15:19:08 | 000,121,208 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/12/21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010/12/21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/12/21 13:47:38 | 000,134,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010/12/21 13:47:38 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010/12/21 13:47:38 | 000,033,120 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/10/11 15:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 15:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes,DefaultScope = {14333CD8-819C-402F-9905-1CF972A81140}
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{14333CD8-819C-402F-9905-1CF972A81140}: "URL" = http://search.yahoo.com/?ourmark=4&p={searchTerms}
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7ADRA_enUS469
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{C36B4AC8-F9D8-49D2-B38D-B809B2153AFC}: "URL" = http://websearch.ask.com/redirect?c...pn_sauid=8924FAAA-C73B-46DA-8F63-61EB8B029E1C
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\William\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\William\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/23 17:26:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/05/13 13:40:04 | 000,000,000 | ---D | M]

[2012/03/24 20:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\William\AppData\Roaming\Mozilla\Firefox\Profiles\kxy542ye.default\extensions
[2011/11/23 02:45:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old

billyd, May 18, 2012

#23
billyd Newcomer, in training Posts: 60

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\William\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Toolbox Plugin (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0\plugin/convenience.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Chrome Toolbox (by Google) = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/17 04:29:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O15 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{431E6B66-43D9-4C45-9390-7F4CABDE6BF8}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - %systemroot%\system32\elaunidr.dll File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: se2Bunic - %systemroot%\system32\PciBus.dll File not found
NetSvcs: ofcpfwsvc - File not found
NetSvcs: upsmonservice - %systemroot%\system32\Cinemsup.dll File not found
NetSvcs: nmservice - %systemroot%\system32\portio.dll File not found
NetSvcs: atkkeyboardservice - %systemroot%\system32\tmesbs32.dll File not found
NetSvcs: SE2Bmdfl - %systemroot%\system32\afs2k.dll File not found
NetSvcs: SE2Dbus - %systemroot%\system32\hdaudbus.dll File not found
NetSvcs: omsad - %systemroot%\system32\WUSB54Gv4SVC.dll File not found
NetSvcs: tmtdi - %systemroot%\system32\es1371.dll File not found
NetSvcs: wm - %systemroot%\system32\fingrd32.dll File not found
NetSvcs: UNDPX2A - %systemroot%\system32\hidgame.dll File not found
NetSvcs: sdcoreservice - %systemroot%\system32\konfig.dll File not found
NetSvcs: EIO_XP - File not found
NetSvcs: ErrDev - File not found
NetSvcs: qfcoresvc - File not found
NetSvcs: mcdetect.exe - File not found
NetSvcs: pelusblf - File not found
NetSvcs: DS1410D - File not found
NetSvcs: CTMFLT - File not found
NetSvcs: EMATCORE - File not found
NetSvcs: CVirtA - File not found
NetSvcs: mssqlserverolapservice - %systemroot%\system32\networkx.dll File not found
NetSvcs: pgpsdkservice - File not found
NetSvcs: PTDCVsp - %systemroot%\system32\SecureStorageService.dll File not found
NetSvcs: dsNcAdpt - File not found
NetSvcs: sisnic - %systemroot%\system32\snmptrapdservice.dll File not found
NetSvcs: btnetfilter - %systemroot%\system32\nfsds.dll File not found
NetSvcs: nimcdfxk - %systemroot%\system32\bocdrive.dll File not found
NetSvcs: MTC0001_ESB - File not found
NetSvcs: SprintRcAppSvc - File not found
NetSvcs: pcx1unic - File not found
NetSvcs: RDID1027 - %systemroot%\system32\itchfltr.dll File not found
NetSvcs: pwkntmon - File not found
NetSvcs: axsaki - %systemroot%\system32\ati.dll File not found
NetSvcs: mwagent - File not found
NetSvcs: oracle_load_balancer_60_server-forms6ip9 - File not found
NetSvcs: rslinxng - File not found
NetSvcs: mysql - File not found
NetSvcs: teefer - File not found
NetSvcs: atixsaudio - %systemroot%\system32\PCDCODEC.dll File not found
NetSvcs: mvserver - File not found
NetSvcs: spmd - %systemroot%\system32\dsunidrv.dll File not found
NetSvcs: bc_filter - File not found
NetSvcs: atiavaiw - File not found
NetSvcs: UimBus - File not found
NetSvcs: sisperf - File not found
NetSvcs: imapiservice - File not found
NetSvcs: s716mdm - File not found
NetSvcs: rt2500usb - File not found
NetSvcs: ppped - File not found
NetSvcs: tfsnboio - File not found
NetSvcs: dlartl_n - File not found
NetSvcs: vstor2-ws60 - File not found
NetSvcs: iPassPeriodicUpdateService - %systemroot%\system32\MS1000.dll File not found
NetSvcs: speakerphone - File not found
NetSvcs: ZDPNDIS5 - File not found
NetSvcs: ISAMSvc - %systemroot%\system32\SQLWriter.dll File not found
NetSvcs: plsremotesvc - File not found
NetSvcs: smartwiservice - %systemroot%\system32\NICSer_WPC300N.dll File not found
NetSvcs: mcdbus - %systemroot%\system32\Cam5603C.dll File not found
NetSvcs: se45mgmt - %systemroot%\system32\pavprsrv.dll File not found
NetSvcs: ccflic0 - %systemroot%\system32\netdde.dll File not found
NetSvcs: webdriveservice - %systemroot%\system32\tos_sps32.dll File not found
NetSvcs: wlluc48b - %systemroot%\system32\cdralw2k.dll File not found
NetSvcs: webrootenterpriseclientservice - %systemroot%\system32\se58mgmt.dll File not found
NetSvcs: imagesrv - %systemroot%\system32\qbcfmonitorservice.dll File not found
NetSvcs: flashcom - %systemroot%\system32\mfehidk.dll File not found
NetSvcs: ssm_bus - %systemroot%\system32\MailService.dll File not found
NetSvcs: olapserver - %systemroot%\system32\mlkkbdntdriver.dll File not found
NetSvcs: wintab32 - %systemroot%\system32\omniserv.dll File not found
NetSvcs: a016mgmt - %systemroot%\system32\acrotray.dll File not found
NetSvcs: MRV6X32P - File not found
NetSvcs: EACSvrMngr - %systemroot%\system32\s116mdfl.dll File not found
NetSvcs: sglogplayer - %systemroot%\system32\roxupnpserver.dll File not found
NetSvcs: AcronisOSSReinstallSvc - %systemroot%\system32\TPM.dll File not found
NetSvcs: atdisk - File not found
NetSvcs: bantext - %systemroot%\system32\akshhl.dll File not found
NetSvcs: nwlnkspx - %systemroot%\system32\vpcusb.dll File not found
NetSvcs: PBADRV - File not found
NetSvcs: oraclewebassistant - %systemroot%\system32\Video3D.dll File not found
NetSvcs: sonytvc - %systemroot%\system32\NPPTNT.dll File not found
NetSvcs: intelroam - File not found
NetSvcs: papyjoy - %systemroot%\system32\quickhealfirewall.dll File not found
NetSvcs: tfsnudf - %systemroot%\system32\FTDIBUS.dll File not found
NetSvcs: U3sHlpDr - File not found
NetSvcs: npapimon - File not found
NetSvcs: comhost - File not found
NetSvcs: SetupSys - %systemroot%\system32\c-dillasrv.dll File not found
NetSvcs: pdlnatcm - %systemroot%\system32\thpsrv.dll File not found
NetSvcs: iPassP - %systemroot%\system32\rnadiagnosticsservice.dll File not found
NetSvcs: perc2 - %systemroot%\system32\HWSCtrl.dll File not found
NetSvcs: statusagent - File not found
NetSvcs: ATWPKT2 - %systemroot%\system32\apphostsvc.dll File not found
NetSvcs: AdobeActiveFileMonitor6.0 - %systemroot%\system32\WinHttpAutoProxySvc.dll File not found
NetSvcs: WD_FireWire_HID - %systemroot%\system32\ssm_bus.dll File not found
NetSvcs: {a7447300-8075-4b0d-83f1-3d75c8ebc623} - %systemroot%\system32\ibmsmbus.dll File not found
NetSvcs: hclinetd - %systemroot%\system32\xusb21.dll File not found
NetSvcs: i81x - %systemroot%\system32\kerbkey.dll File not found
NetSvcs: SWUMX51 - %systemroot%\system32\cwafnotesservice.dll File not found
NetSvcs: MQAC - File not found
NetSvcs: UsbserFilt - File not found
NetSvcs: dlbu_device - File not found
NetSvcs: szkg - File not found
NetSvcs: incdsrv - File not found
NetSvcs: acrotray - File not found
NetSvcs: rootmodem - File not found
NetSvcs: nwlnknb - File not found
NetSvcs: avgems - File not found
NetSvcs: datasvr - File not found
NetSvcs: NETw4v32 - File not found
NetSvcs: cfgwzsvc - File not found
NetSvcs: tvtfilter - File not found
NetSvcs: USB_NDIS_51 - File not found
NetSvcs: s125mdfl - File not found
NetSvcs: tng-dtmg - File not found
NetSvcs: vproeventmonitor - File not found
NetSvcs: wmconnectcds - File not found
NetSvcs: redbook - File not found
NetSvcs: DivisCTS - File not found
NetSvcs: NWSAP - File not found
NetSvcs: macformatservice - File not found
NetSvcs: sit_flt - File not found
NetSvcs: EL2000 - %systemroot%\system32\vet-filt.dll File not found
NetSvcs: ssfs0509 - %systemroot%\system32\SMCB000.dll File not found
NetSvcs: procexp90 - %systemroot%\system32\CE3.dll File not found
NetSvcs: iksyssec - %systemroot%\system32\AcronisOSSReinstallSvc.dll File not found
NetSvcs: starwindservice - File not found
NetSvcs: mnsframework - File not found
NetSvcs: aolservice - File not found
NetSvcs: crauto - File not found
NetSvcs: nvax - File not found
NetSvcs: mctskshd.exe - %systemroot%\system32\msmpsvc.dll File not found
NetSvcs: ICAM5USB - File not found
NetSvcs: LC7981 - File not found
NetSvcs: razerusb - File not found
NetSvcs: EagleNT - File not found
NetSvcs: xfilt - File not found
NetSvcs: ageremodemaudio - %systemroot%\system32\idsvc.dll File not found
NetSvcs: MA8032U - %systemroot%\system32\mferkdk.dll File not found
NetSvcs: fshttps - %systemroot%\system32\iPassPeriodicUpdateApp.dll File not found
NetSvcs: slabbus - %systemroot%\system32\l8042pr2.dll File not found
NetSvcs: useraccess7 - %systemroot%\system32\oraclexeclragent.dll File not found
NetSvcs: ctljystk - %systemroot%\system32\tones.dll File not found
NetSvcs: acermemusagecheckservice - %systemroot%\system32\VAIOMediaPlatform-MusicServer-HTTP.dll File not found
NetSvcs: NVR0Dev - %systemroot%\system32\elagopro.dll File not found
NetSvcs: rnadirectory - File not found
NetSvcs: netmdsb - %systemroot%\system32\symantecantibotshim.dll File not found
NetSvcs: nm - File not found
NetSvcs: bc_pat_f - File not found
NetSvcs: MREMP50 - File not found
NetSvcs: W700mdm - File not found
NetSvcs: oraclemtsrecoveryservice - File not found
NetSvcs: pduip6000dmemcrdmgr - %systemroot%\system32\slabser.dll File not found
NetSvcs: roxwatch - File not found
NetSvcs: svv - %systemroot%\system32\pdrframe.dll File not found
NetSvcs: SMCB000 - %systemroot%\system32\HECI.dll File not found
NetSvcs: vncdrv - %systemroot%\system32\niorbk.dll File not found
NetSvcs: tapeware - %systemroot%\system32\DcLps.dll File not found
NetSvcs: Angel2 - %systemroot%\system32\ccispwdsvc.dll File not found
NetSvcs: qkbfiltr - %systemroot%\system32\usprserv.dll File not found
NetSvcs: persfw - %systemroot%\system32\hnmsvc.dll File not found
NetSvcs: cpucoolserver - %systemroot%\system32\ps2.dll File not found
NetSvcs: btwusb - %systemroot%\system32\W8100PCI.dll File not found
NetSvcs: STV680m - %systemroot%\system32\ccpwdsvc.dll File not found
NetSvcs: msftpsvc - %systemroot%\system32\MKEMUSB.dll File not found
NetSvcs: mxnic - %systemroot%\system32\rupsd.dll File not found
NetSvcs: ikhfile - %systemroot%\system32\oracleorahomehttpserver.dll File not found
NetSvcs: opcenum - File not found
NetSvcs: trioservice - %systemroot%\system32\atkkeyboardservice.dll File not found
NetSvcs: cebdaldr - %systemroot%\system32\captureservice.dll File not found
NetSvcs: winpppoverethernet - %systemroot%\system32\sptisrv.dll File not found
NetSvcs: lpx - %systemroot%\system32\dptrackerd.dll File not found
NetSvcs: TOSHIBASoftModem - %systemroot%\system32\dmio.dll File not found
NetSvcs: mssql$sqlexpress - %systemroot%\system32\cdudf_xp.dll File not found
NetSvcs: Hotkey - %systemroot%\system32\mxserver.dll File not found
NetSvcs: NITaggerService - %systemroot%\system32\shdserv.dll File not found
NetSvcs: slabser - %systemroot%\system32\CoachUsb.dll File not found
NetSvcs: openldap-slapd - %systemroot%\system32\vstor2.dll File not found
NetSvcs: WinVd32 - %systemroot%\system32\iap.dll File not found
NetSvcs: rchost - %systemroot%\system32\symc8xx.dll File not found
NetSvcs: w800mdm - %systemroot%\system32\starwindservice.dll File not found
NetSvcs: NTIDrvr - %systemroot%\system32\lxcccustomerconnect.dll File not found
NetSvcs: server - %systemroot%\system32\NPDriver.dll File not found
NetSvcs: SE26mgmt - %systemroot%\system32\rnadirectory.dll File not found
NetSvcs: z800mgmt - %systemroot%\system32\ssscsisv.dll File not found
NetSvcs: S3GIGP - %systemroot%\system32\BUFADPT.dll File not found
NetSvcs: tgsrvc_smartagent - %systemroot%\system32\PciBus.dll File not found
NetSvcs: iaimfp1 - %systemroot%\system32\procexp90.dll File not found
NetSvcs: Slntamr - %systemroot%\system32\Invoker.dll File not found
NetSvcs: defwatch - %systemroot%\system32\ndasscsi.dll File not found
NetSvcs: sis315 - %systemroot%\system32\wuauserv.dll File not found
NetSvcs: queuemgr - %systemroot%\system32\httpfilter.dll File not found
NetSvcs: penrendezvous - %systemroot%\system32\venturi2.dll File not found
NetSvcs: lktimesync - %systemroot%\system32\qhwscsvc.dll File not found
NetSvcs: ino_flpy - %systemroot%\system32\W8335XP.dll File not found
NetSvcs: noipducservice - %systemroot%\system32\cisvc.dll File not found
NetSvcs: WaveFDE - %systemroot%\system32\kraidsvc.dll File not found
NetSvcs: ntcharge - %systemroot%\system32\rp32service.dll File not found
NetSvcs: se45nd5 - %systemroot%\system32\bgsvcgen.dll File not found
NetSvcs: rfcomm - %systemroot%\system32\smtpd32.dll File not found
NetSvcs: tavsvc - %systemroot%\system32\lbrtfdc.dll File not found
NetSvcs: SABSVC - %systemroot%\system32\BoiHwsetup.dll File not found
NetSvcs: screadspool - %systemroot%\system32\ufdsvc.dll File not found
NetSvcs: GTSCSER - %systemroot%\system32\MRESP50.dll File not found
NetSvcs: mysqlinventime - %systemroot%\system32\PcdrNt.dll File not found
NetSvcs: modemcsa - %systemroot%\system32\sermouse.dll File not found
NetSvcs: timounter - %systemroot%\system32\mscsptisrv.dll File not found
NetSvcs: NETw3v32 - %systemroot%\system32\tmtdi.dll File not found
NetSvcs: ma_cmidi_installerservice - %systemroot%\system32\CiscoVpnInstallService.dll File not found
NetSvcs: nimxdfk - File not found
NetSvcs: tdimsys - %systemroot%\system32\alcaudsl.dll File not found
NetSvcs: PD0620VID - %systemroot%\system32\oraclesnmppeerencapsulator.dll File not found
NetSvcs: PGPdisk - %systemroot%\system32\toscosrv.dll File not found
NetSvcs: SimpTcp - %systemroot%\system32\ngdbserv.dll File not found
NetSvcs: mfeavfk - %systemroot%\system32\YahooAUService.dll File not found
NetSvcs: SPFDRV - %systemroot%\system32\SiSGbeXP.dll File not found
NetSvcs: pcradminserver - %systemroot%\system32\w29n51.dll File not found
NetSvcs: mlkkbdntdriver - %systemroot%\system32\sermouse.dll File not found
NetSvcs: WBHWDOCT - %systemroot%\system32\swwd.dll File not found
NetSvcs: lvprcsrv - %systemroot%\system32\crystalinputfileserver.dll File not found
NetSvcs: uleadburninghelper - %systemroot%\system32\AdobeActiveFileMonitor6.0.dll File not found
NetSvcs: mwstick - %systemroot%\system32\bcm43xx.dll File not found
NetSvcs: vsdatant - %systemroot%\system32\sympxsvc.dll File not found
NetSvcs: hibernation - %systemroot%\system32\elockservice.dll File not found
NetSvcs: lmab_device - %systemroot%\system32\vds.dll File not found
NetSvcs: rppkt - %systemroot%\system32\ohci1394.dll File not found
NetSvcs: mcsysmon - %systemroot%\system32\tdcmdpst.dll File not found
NetSvcs: UWProSys - %systemroot%\system32\prodrv06.dll File not found
NetSvcs: s217nd5 - %systemroot%\system32\scarddrv.dll File not found
NetSvcs: monfilt - %systemroot%\system32\server.dll File not found
NetSvcs: lxcj_device - %systemroot%\system32\nvsmu.dll File not found
NetSvcs: ntpr_nic_service2 - %systemroot%\system32\beatjamupnpmusicserver.dll File not found
NetSvcs: iAimTV5 - %systemroot%\system32\pdlnemap.dll File not found
NetSvcs: zpsc - %systemroot%\system32\lxrsii1s.dll File not found
NetSvcs: haspnt - %systemroot%\system32\DcCam.dll File not found
NetSvcs: Jukebox - %systemroot%\system32\actser.dll File not found
NetSvcs: VAIOMediaPlatform-MusicServer-HTTP - %systemroot%\system32\DMUSBUSBDCam.dll File not found
NetSvcs: scsk4 - %systemroot%\system32\ICM10USB.dll File not found
NetSvcs: outpostfirewall - %systemroot%\system32\atixsaudio.dll File not found
NetSvcs: backupexecalertserver - %systemroot%\system32\fsaa.dll File not found
NetSvcs: nmwcdc - %systemroot%\system32\ZTEusbser6k.dll File not found
NetSvcs: pavdrv - File not found
NetSvcs: sandboxu - %systemroot%\system32\odysseyIM4.dll File not found
NetSvcs: slee_503_service - %systemroot%\system32\pcidrv.dll File not found
NetSvcs: wmi - %systemroot%\system32\pavsrv.dll File not found
NetSvcs: HIDSwvd - %systemroot%\system32\HIDSwvd.dll File not found
NetSvcs: ssm_mdm - %systemroot%\system32\dot4print.dll File not found
NetSvcs: LVRS - %systemroot%\system32\tcpip.dll File not found
NetSvcs: sifilter - %systemroot%\system32\PCISys.dll File not found
NetSvcs: viaagp1 - %systemroot%\system32\v2imount.dll File not found
NetSvcs: ood2000 - %systemroot%\system32\avg7updsvc.dll File not found
NetSvcs: STV680 - %systemroot%\system32\avidsdmservice.dll File not found
NetSvcs: win32sl - %systemroot%\system32\rtl8139.dll File not found
NetSvcs: s116mdm - %systemroot%\system32\epoxusdm.dll File not found
NetSvcs: Pctspk - %systemroot%\system32\mnmsrvc.dll File not found
NetSvcs: jaguar - %systemroot%\system32\swmidi.dll File not found
NetSvcs: ROB_A - %systemroot%\system32\portmapper.dll File not found
NetSvcs: Appn - %systemroot%\system32\ultra66.dll File not found
NetSvcs: hwpsgt - %systemroot%\system32\i8042prt.dll File not found
NetSvcs: spcsutilityservice - %systemroot%\system32\tdtcp.dll File not found
NetSvcs: nvstor32 - %systemroot%\system32\6to4.dll File not found
NetSvcs: mfesmfk - %systemroot%\system32\vpcusb.dll File not found
NetSvcs: roxupnpserver - %systemroot%\system32\rspndr.dll File not found
NetSvcs: avg7rsw - %systemroot%\system32\rpsupdaterr.dll File not found
NetSvcs: SWNC5E00 - %systemroot%\system32\CT20XUT.DLL.dll File not found
NetSvcs: DNE - %systemroot%\system32\pdlnemsg.dll File not found
NetSvcs: ovsecurityserver - %systemroot%\system32\jaguar.dll File not found
NetSvcs: p2k - %systemroot%\system32\dntus26.dll File not found
NetSvcs: wuolservice - %systemroot%\system32\SMPLSCSI.dll File not found
NetSvcs: winpowerrmi - %systemroot%\system32\k750mdfl.dll File not found
NetSvcs: srvdpi - %systemroot%\system32\ISAMSvc.dll File not found
NetSvcs: spbbcsvc - %systemroot%\system32\z525mdfl.dll File not found
NetSvcs: vcommmgr - %systemroot%\system32\NTIDrvr.dll File not found
NetSvcs: SNP2STD - %systemroot%\system32\mbr.dll File not found
NetSvcs: NIPALK - %systemroot%\system32\CTEXFIFX.DLL.dll File not found
NetSvcs: hpqddsvc - %systemroot%\system32\redbook.dll File not found
NetSvcs: harmony - %systemroot%\system32\ADIDTSFiltService.dll File not found
NetSvcs: sshrmd - %systemroot%\system32\lxcgcustomerconnect.dll File not found
NetSvcs: winpower - %systemroot%\system32\tifm21.dll File not found
NetSvcs: Slpsvdr - %systemroot%\system32\ipfilterdriver.dll File not found
NetSvcs: oracle_load_balancer_60_client-forms6ip9 - %systemroot%\system32\FVXSCSI.dll File not found
NetSvcs: TMKEmu - %systemroot%\system32\slee_81_service.dll File not found
NetSvcs: HPFECP20 - %systemroot%\system32\vsmon.dll File not found
NetSvcs: pcidump - %systemroot%\system32\nic1394.dll File not found
NetSvcs: UVCFTR - %systemroot%\system32\openvpnservice.dll File not found
NetSvcs: nbservice - %systemroot%\system32\rtl8023.dll File not found
NetSvcs: license - %systemroot%\system32\DellAMBrokerService.dll File not found
NetSvcs: oracleorahomehttpserver - %systemroot%\system32\NSSvcMgr.dll File not found
NetSvcs: DirectUpdate - %systemroot%\system32\issuser.dll File not found
NetSvcs: PGPsdkDriver - %systemroot%\system32\btwhid.dll File not found
NetSvcs: retroexplauncher - %systemroot%\system32\ccdecode.dll File not found
NetSvcs: nfmservice - %systemroot%\system32\SQLBrowser.dll File not found
NetSvcs: tng-dts - %systemroot%\system32\steamdvr.dll File not found
NetSvcs: SE2Eobex - %systemroot%\system32\asapiw2k.dll File not found
NetSvcs: wampmysqld - %systemroot%\system32\tvtfilter.dll File not found
NetSvcs: s217mdm - %systemroot%\system32\tfsndrct.dll File not found
NetSvcs: dlcf_device - %systemroot%\system32\SrvcEPIOMngr.dll File not found
NetSvcs: rimvserport - %systemroot%\system32\cwcspud.dll File not found
NetSvcs: TNaviSrv - %systemroot%\system32\zpnodecollector.dll File not found
NetSvcs: el90xbc - %systemroot%\system32\sbpci.dll File not found
NetSvcs: RESMGR - %systemroot%\system32\shellhwdetection.dll File not found
NetSvcs: SDdriver - %systemroot%\system32\dlacdbhm.dll File not found
NetSvcs: pdlnsx25 - %systemroot%\system32\LMIRfsDriver.dll File not found
NetSvcs: wdica - %systemroot%\system32\elagopro.dll File not found
NetSvcs: wmdmpmsp - %systemroot%\system32\UWProSys.dll File not found
NetSvcs: picturetaker - %systemroot%\system32\aolservice.dll File not found
NetSvcs: rnadiagnosticsservice - %systemroot%\system32\mksupdateint.dll File not found
NetSvcs: Via4in1 - %systemroot%\system32\aalogger.dll File not found
NetSvcs: freepops - %systemroot%\system32\se2Eunic.dll File not found
NetSvcs: nimcrpcsu - %systemroot%\system32\aliadwdm.dll File not found
NetSvcs: dmio - %systemroot%\system32\smapint.dll File not found
NetSvcs: TuneUp.Defrag - %systemroot%\system32\Si3132.dll File not found
NetSvcs: iPassPeriodicUpdateApp - %systemroot%\system32\hSONYPVh.dll File not found
NetSvcs: prism_a02 - %systemroot%\system32\bdpredir.dll File not found
NetSvcs: IFPUSB - %systemroot%\system32\agpcpq.dll File not found
NetSvcs: transarcafsdaemon - %systemroot%\system32\SE2Dmgmt.dll File not found
NetSvcs: k750mdfl - %systemroot%\system32\cis1284.dll File not found
NetSvcs: USB_RNDIS - %systemroot%\system32\hprfdev.dll File not found
NetSvcs: SRTSP - %systemroot%\system32\NSNDIS5.dll File not found
NetSvcs: ifxtcs - %systemroot%\system32\s616mgmt.dll File not found
NetSvcs: VICESYS - %systemroot%\system32\arkbcfltr.dll File not found
NetSvcs: PTDCBus - %systemroot%\system32\Ncrc710.dll File not found
NetSvcs: tcsd_win32.exe - %systemroot%\system32\hidusb.dll File not found
NetSvcs: pml - %systemroot%\system32\wdica.dll File not found
NetSvcs: ScFBPNT3 - %systemroot%\system32\rnadirmultiplexor.dll File not found
NetSvcs: UxTuneUp - %systemroot%\system32\cdrbsvsd.dll File not found
NetSvcs: vc5secs - %systemroot%\system32\U3sHlpDr.dll File not found
NetSvcs: tbhsd - %systemroot%\system32\rwbackupsrv.dll File not found
NetSvcs: stacsv - %systemroot%\system32\ntgrip.dll File not found
NetSvcs: licensemanagersocket - %systemroot%\system32\sweepsrv.sys.dll File not found
NetSvcs: tosrfnds - %systemroot%\system32\regservice.dll File not found
NetSvcs: ql1280 - %systemroot%\system32\RVIEG01.dll File not found
NetSvcs: s3ssavage - %systemroot%\system32\sis162u.dll File not found
NetSvcs: hmonitor - %systemroot%\system32\buslogic.dll File not found
NetSvcs: wlluc48 - %systemroot%\system32\iaantmon.dll File not found
NetSvcs: tmmbd - %systemroot%\system32\quickhealfirewall.dll File not found
NetSvcs: zebrbus - %systemroot%\system32\w200mgmt.dll File not found
NetSvcs: vsapint - %systemroot%\system32\termdd.dll File not found
NetSvcs: w200bus - %systemroot%\system32\usbsermptxp.dll File not found
NetSvcs: NsTrcNT - %systemroot%\system32\asp.net.dll File not found
NetSvcs: hsf_dp - %systemroot%\system32\msgsrvservice.dll File not found
NetSvcs: trackcam4 - %systemroot%\system32\stllssvr.dll File not found
NetSvcs: WUSB54GPV4SRV - %systemroot%\system32\db2ntsecserver.dll File not found
NetSvcs: us30service - %systemroot%\system32\atapi.dll File not found
NetSvcs: vvoice - %systemroot%\system32\s217unic.dll File not found
NetSvcs: inotask - %systemroot%\system32\usbvideo.dll File not found
NetSvcs: inorpc - %systemroot%\system32\bridge.dll File not found
NetSvcs: VNUSB - %systemroot%\system32\xusb21.dll File not found
NetSvcs: lxrjd31d - %systemroot%\system32\mldserv.dll File not found
NetSvcs: Ncrc710 - %systemroot%\system32\AtiPcie.dll File not found
NetSvcs: rca - %systemroot%\system32\acdpowerservice.dll File not found
NetSvcs: s125obex - %systemroot%\system32\svv.dll File not found
NetSvcs: NxSysMon - %systemroot%\system32\GameConsoleService.dll File not found
NetSvcs: VX3000 - %systemroot%\system32\irbus.dll File not found
NetSvcs: srescan - %systemroot%\system32\WUSB54Gv4SVC.dll File not found
NetSvcs: {95808DC4-FA4A-4c74-92FE-5B863F82066B} - %systemroot%\system32\iAimFP7.dll File not found
NetSvcs: isapisearch - %systemroot%\system32\z525mdm.dll File not found
NetSvcs: lockmgr - %systemroot%\system32\BrScnUsb.dll File not found
NetSvcs: nvcap - %systemroot%\system32\NetwareWorkstation.dll File not found
NetSvcs: ss_mdfl - %systemroot%\system32\NetMsmqActivator.dll File not found
NetSvcs: SRS_SSCFilter - %systemroot%\system32\cm102u32.dll File not found
NetSvcs: klif - %systemroot%\system32\WmaCVideo32.dll File not found
NetSvcs: se26unic - %systemroot%\system32\GTSCSER.dll File not found
NetSvcs: mks_scan - %systemroot%\system32\se26unic.dll File not found
NetSvcs: s7otranx - %systemroot%\system32\lvuvc.dll File not found
NetSvcs: SED133x - %systemroot%\system32\psasrv.dll File not found
NetSvcs: ibmcicstransactiongateway - %systemroot%\system32\mrobeservice.dll File not found
NetSvcs: s7oppitx - %systemroot%\system32\w800mdm.dll File not found
NetSvcs: LKbdFlt2 - %systemroot%\system32\cpqalert.dll File not found
NetSvcs: UMPass - %systemroot%\system32\omniserv.dll File not found
NetSvcs: U81xobex - %systemroot%\system32\MA8032C.dll File not found
NetSvcs: qbfcservice - %systemroot%\system32\SRTSPL.dll File not found
NetSvcs: tosrfsnd - %systemroot%\system32\tosporte.dll File not found
NetSvcs: openvpnservice - %systemroot%\system32\TIEHDUSB.dll File not found
NetSvcs: freebsd - %systemroot%\system32\samss.dll File not found
NetSvcs: se58unic - %systemroot%\system32\OEM02Vfx.dll File not found
NetSvcs: RMCAST - %systemroot%\system32\tlntsvr.dll File not found
NetSvcs: mcnasvc - %systemroot%\system32\ltxred.dll File not found
NetSvcs: k750mdm - %systemroot%\system32\nvstor64.dll File not found
NetSvcs: s616unic - %systemroot%\system32\vpcbus.dll File not found
NetSvcs: artourservice - %systemroot%\system32\ShockMgr.dll File not found
NetSvcs: symmpi - %systemroot%\system32\dlacdbhm.dll File not found

billyd, May 18, 2012

#24
billyd Newcomer, in training Posts: 60

NetSvcs: iastor - %systemroot%\system32\inetaccs.dll File not found
NetSvcs: aclient - %systemroot%\system32\Dell1100_FUService.dll File not found
NetSvcs: BTSLBCSP - %systemroot%\system32\merakcontrol.dll File not found
NetSvcs: askernel - %systemroot%\system32\pdagent.dll File not found
NetSvcs: acprfmgrsvc - %systemroot%\system32\RIOXDRV.dll File not found
NetSvcs: https-admserv61 - %systemroot%\system32\dptrackerd.dll File not found
NetSvcs: splitter - %systemroot%\system32\backupexecagentaccelerator.dll File not found
NetSvcs: SaiU040B - %systemroot%\system32\ndis.dll File not found
NetSvcs: proxyhostservice - %systemroot%\system32\netddedsdm.dll File not found
NetSvcs: USB_RNDIS_XP - %systemroot%\system32\MREMP50.dll File not found
NetSvcs: nmsaccess - %systemroot%\system32\mssql$microsoftbcm.dll File not found
NetSvcs: mfehidk - %systemroot%\system32\slip.dll File not found
NetSvcs: snmptrapdservice - %systemroot%\system32\SerTVOutCtlr.dll File not found
NetSvcs: digictrl - %systemroot%\system32\pimsgss.dll File not found
NetSvcs: emupia - %systemroot%\system32\srv.dll File not found
NetSvcs: rimusb - %systemroot%\system32\websensecpmcommunicationagent.dll File not found
NetSvcs: array_utility_service4 - File not found
NetSvcs: 0 - File not found
NetSvcs: 1 - File not found
NetSvcs: 3 - File not found
NetSvcs: gearaspiwdm - %systemroot%\system32\usb_rndisx.dll File not found
NetSvcs: eskerlicensecontrol - %systemroot%\system32\kpfwsvc.dll File not found
NetSvcs: lxbs_device - %systemroot%\system32\sonicatheaterinstallerservice.dll File not found
NetSvcs: nimdbgk - File not found
NetSvcs: CTMSHD - File not found
NetSvcs: ihcservice - File not found
NetSvcs: pavreport - File not found
NetSvcs: ATKFUSService - File not found
NetSvcs: iomdisk - File not found
NetSvcs: se59mdfl - File not found
NetSvcs: pnkbstrb - File not found
NetSvcs: lp6nds35 - %systemroot%\system32\nmservice.dll File not found
NetSvcs: syntp - %systemroot%\system32\SQTECH905C.dll File not found
NetSvcs: SWMX00 - %systemroot%\system32\lxdmCATSCustConnectService.dll File not found
NetSvcs: se2Bnd5 - %systemroot%\system32\scramby.dll File not found
NetSvcs: e1express - %systemroot%\system32\L1e.dll File not found
NetSvcs: w800mdfl - %systemroot%\system32\z525mdfl.dll File not found
NetSvcs: entech - File not found
NetSvcs: hnmsvc - File not found
NetSvcs: VCAM - File not found
NetSvcs: purgeieservice - File not found
NetSvcs: XFX_program - File not found
NetSvcs: smcservice - File not found
NetSvcs: ldlcserv - File not found
NetSvcs: PQNTDrv - File not found
NetSvcs: iviaspi - %systemroot%\system32\s116bus.dll File not found
NetSvcs: enxpsvc - File not found
NetSvcs: DniVad - File not found
NetSvcs: acedrv07 - File not found
NetSvcs: Subsonic - %systemroot%\system32\HECI.dll File not found
NetSvcs: iwebmsg - %systemroot%\system32\nsm1serd.dll File not found
NetSvcs: qmofiltr - %systemroot%\system32\navap.dll File not found
NetSvcs: agrsrvce - %systemroot%\system32\acpi.dll File not found
NetSvcs: SunkFilt39 - %systemroot%\system32\TClass2k.dll File not found
NetSvcs: TcUsb - File not found
NetSvcs: MA_CMIDI - File not found
NetSvcs: trcboot - File not found
NetSvcs: smsmdd - %systemroot%\system32\VRFIL.dll File not found
NetSvcs: iam - File not found
NetSvcs: a016mdfl - File not found
NetSvcs: db2ntsecserver - File not found
NetSvcs: ec2007service - File not found
NetSvcs: sqlagent$sony_mediamgr - File not found
NetSvcs: soma - File not found
NetSvcs: tvs - %systemroot%\system32\delldmi.dll File not found
NetSvcs: ipsraidn - File not found
NetSvcs: kservice - File not found
NetSvcs: Bcim - File not found
NetSvcs: amon - File not found
NetSvcs: axinstsv - File not found
NetSvcs: btwrchid - File not found
NetSvcs: bdfsdrv - File not found
NetSvcs: SE2Dmdfl - File not found
NetSvcs: MTsensor - File not found
NetSvcs: maya70docserver - File not found
NetSvcs: ctdvda2k - File not found
NetSvcs: wg111nd5 - %systemroot%\system32\trayman.dll File not found
NetSvcs: nchssvad - File not found
NetSvcs: SaiNtSub - %systemroot%\system32\SNMP.dll File not found
NetSvcs: gv3 - %systemroot%\system32\thkeys.dll File not found
NetSvcs: UpdateCenterService - %systemroot%\system32\oracleorahome92tnslistener.dll File not found
NetSvcs: MobilePreInstallerService - %systemroot%\system32\s116mgmt.dll File not found
NetSvcs: SQLWriter - %systemroot%\system32\w29n51.dll File not found
NetSvcs: iap - %systemroot%\system32\twdns.dll File not found
NetSvcs: usb20l - %systemroot%\system32\cercsr6.dll File not found
NetSvcs: s716nd5 - %systemroot%\system32\spooler.dll File not found
NetSvcs: FireTDI - File not found
NetSvcs: pdframe - %systemroot%\system32\WNCPKT.dll File not found
NetSvcs: HSFHWICH - %systemroot%\system32\tappsrv.dll File not found
NetSvcs: yukonwxp - File not found
NetSvcs: lvpopflt - File not found
NetSvcs: vzcdbsvc - %systemroot%\system32\MA8032U.dll File not found
NetSvcs: NVTCP - %systemroot%\system32\anydvd.dll File not found
NetSvcs: SE27mdm - File not found
NetSvcs: atalk - %systemroot%\system32\cicssfs.scmmc223.dll File not found
NetSvcs: SunkFilt - %systemroot%\system32\kerbkey.dll File not found
NetSvcs: NVENET - %systemroot%\system32\mfetdik.dll File not found
NetSvcs: ctmmfilt - File not found
NetSvcs: cicssfs.scmmc223 - %systemroot%\system32\sit_bus.dll File not found
NetSvcs: ifxspmgtsrv - %systemroot%\system32\eeyeevnt.dll File not found
NetSvcs: se44nd5 - %systemroot%\system32\SQTECH905C.dll File not found
NetSvcs: agentsrv - File not found
NetSvcs: ATMsrvc - %systemroot%\system32\cyberpowerups.dll File not found
NetSvcs: nsengine - File not found
NetSvcs: s117obex - File not found
NetSvcs: aswrdr - %systemroot%\system32\RTHDMIAzAudService.dll File not found
NetSvcs: z800obex - %systemroot%\system32\DSI_SiUSBXp_3_1.dll File not found
NetSvcs: mwspollserver - %systemroot%\system32\sfdrv01.dll File not found
NetSvcs: lxbu_device - %systemroot%\system32\zpsc.dll File not found
NetSvcs: rtl8139 - %systemroot%\system32\ZDPNDIS5.dll File not found
NetSvcs: se44bus - %systemroot%\system32\bthmodem.dll File not found
NetSvcs: USB11LDR - %systemroot%\system32\avgascln.dll File not found
NetSvcs: ramaint - %systemroot%\system32\oracleorahome90agent.dll File not found
NetSvcs: pfc - %systemroot%\system32\pdlndtdl.dll File not found
NetSvcs: athr - %systemroot%\system32\w550mdm.dll File not found
NetSvcs: se59nd5 - %systemroot%\system32\amfilter.dll File not found
NetSvcs: sentinel - %systemroot%\system32\bdss.dll File not found
NetSvcs: ser2pl - %systemroot%\system32\DCamUSBGrandTek.dll File not found
NetSvcs: websenselogserver - File not found
NetSvcs: ltck000c - File not found
NetSvcs: ZuneWlanCfgSvc - File not found
NetSvcs: k750mgmt - File not found
NetSvcs: Nsynas32 - File not found
NetSvcs: uclauncherservice - %systemroot%\system32\btwusb.dll File not found
NetSvcs: ossrv - File not found
NetSvcs: sprtsvc_smartagent - %systemroot%\system32\bdfsdrv.dll File not found
NetSvcs: autocomplete - File not found
NetSvcs: sbhooksvc - %systemroot%\system32\DKbFltr.dll File not found
NetSvcs: USBCamera - File not found
NetSvcs: TestHandler - File not found
NetSvcs: adiloader - File not found
NetSvcs: cwafrmiregistry - File not found
NetSvcs: W55U01 - %systemroot%\system32\nvstor64.dll File not found
NetSvcs: tvicport - File not found
NetSvcs: aec - File not found
NetSvcs: ino_fltr - File not found
NetSvcs: CTEDSPFX.DLL - File not found
NetSvcs: U81xmdm - File not found
NetSvcs: HFACSVC - File not found
NetSvcs: imaservice - File not found
NetSvcs: tmactmon - File not found
NetSvcs: MpFilter - File not found
NetSvcs: ntmssvc - %systemroot%\system32\elaunidr.dll File not found
NetSvcs: bthusb - %systemroot%\system32\rtl8029.dll File not found
NetSvcs: symids - %systemroot%\system32\pca.dll File not found
NetSvcs: ASMMAP - File not found
NetSvcs: atchksrv - File not found
NetSvcs: AKSIFDH - %systemroot%\system32\SE2Eobex.dll File not found
NetSvcs: GV600_4 - %systemroot%\system32\jobserver_report.dll File not found
NetSvcs: nvmpu401 - %systemroot%\system32\mpe.dll File not found
NetSvcs: ASNDIS5 - %systemroot%\system32\wmp54gv4svc.dll File not found
NetSvcs: omniusbl - %systemroot%\system32\knobserv.dll File not found
NetSvcs: papycpu2 - %systemroot%\system32\WmHidLo.dll File not found
NetSvcs: cpuz132 - File not found
NetSvcs: HECI - File not found
NetSvcs: tsdhd - %systemroot%\system32\ndisip.dll File not found
NetSvcs: protexislicensing - %systemroot%\system32\avsinc.dll File not found
NetSvcs: slapd-data52 - File not found
NetSvcs: tandpl - %systemroot%\system32\smservauth.dll File not found
NetSvcs: dxdebug - File not found
NetSvcs: scanwscs - File not found
NetSvcs: ntrtscan - File not found
NetSvcs: mod7700 - File not found
NetSvcs: TVALG - %systemroot%\system32\iaimtv2.dll File not found
NetSvcs: oracle_load_balancer_60_client-forms6ip14 - %systemroot%\system32\SED133x.dll File not found
NetSvcs: telnet - %systemroot%\system32\MA8032C.dll File not found
NetSvcs: mapserver6.3 - %systemroot%\system32\HWIONT.dll File not found
NetSvcs: incdfs - %systemroot%\system32\rootmodem.dll File not found
NetSvcs: eamon - File not found
NetSvcs: GTPTSER - %systemroot%\system32\pnmsrv.dll File not found
NetSvcs: atmeltpm - File not found
NetSvcs: vetmsgnt - %systemroot%\system32\navap.dll File not found
NetSvcs: nvsmu - %systemroot%\system32\npkcsvc.dll File not found
NetSvcs: RSAFAL - %systemroot%\system32\ErrDev.dll File not found
NetSvcs: alertmanager - File not found
NetSvcs: sysmonlog - File not found
NetSvcs: Wmi - %systemroot%\system32\pavsrv.dll File not found
NetSvcs: WmdmPmSp - %systemroot%\system32\UWProSys.dll File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - %systemroot%\system32\hsf_dpv.dll File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/17 17:54:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/05/17 14:26:51 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
[2012/05/17 05:04:39 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\War Horse 2011 XviD iNT FL4X
[2012/05/17 04:40:19 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Local\temp
[2012/05/17 04:30:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/17 04:05:15 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/05/16 06:46:41 | 002,126,424 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe
[2012/05/16 04:11:03 | 000,000,000 | ---D | C] -- C:\found.001
[2012/05/16 04:07:43 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/15 03:48:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/15 03:48:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/15 03:48:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/15 03:48:13 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/15 03:39:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/15 02:49:56 | 004,495,594 | R--- | C] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
[2012/05/14 00:03:48 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Users\William\Desktop\boot_cleaner.exe
[2012/05/13 23:33:04 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
[2012/05/13 19:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/13 19:46:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/13 19:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/13 13:41:45 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Roaming\ESET
[2012/05/13 13:41:45 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Local\ESET
[2012/05/13 13:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012/05/13 13:32:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support Logs
[2012/05/13 13:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2012/05/12 19:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/05/12 19:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/05/09 03:20:24 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\TV
[2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes and the Hound of the Baskervilles
[2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes and the Hound of the Baskervilles
[2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sherlock Holmes and the Hound of the Baskervilles
[2012/04/24 21:51:46 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\lola
[2012/04/22 19:44:40 | 000,000,000 | ---D | C] -- C:\found.000
[2012/04/22 15:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

========== Files - Modified Within 30 Days ==========

[2012/05/18 03:54:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/18 03:54:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/18 03:02:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/18 03:00:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
[2012/05/18 02:58:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/17 22:01:19 | 000,001,057 | ---- | M] () -- C:\Users\William\AppData\Roaming\vso_ts_preview.xml
[2012/05/17 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/17 17:56:36 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012/05/17 17:54:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/17 17:54:35 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/17 17:54:34 | 263,780,575 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/17 17:02:10 | 000,027,136 | ---- | M] () -- C:\Users\William\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
[2012/05/17 15:00:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
[2012/05/17 14:41:00 | 158,097,764 | ---- | M] () -- C:\Users\William\Desktop\Person.of.Interest.S01E22[TEH-SONG].mkv
[2012/05/17 04:29:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/05/17 04:03:55 | 004,495,594 | R--- | M] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
[2012/05/16 07:40:44 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe
[2012/05/14 21:06:50 | 000,606,556 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/14 21:06:50 | 000,105,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/14 00:00:46 | 000,000,512 | ---- | M] () -- C:\Users\William\Desktop\MBR.dat
[2012/05/13 23:33:38 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
[2012/05/13 19:58:28 | 000,302,592 | ---- | M] () -- C:\Users\William\Desktop\oibfjxod.exe
[2012/05/13 19:46:04 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/11 07:58:02 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC
[2012/05/11 04:47:51 | 000,236,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/05 18:43:08 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\Play Sherlock Holmes and the Hound of the Baskervilles.lnk
[2012/05/05 18:43:08 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/04/29 20:22:03 | 000,000,166 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012/04/27 20:15:21 | 000,000,260 | ---- | M] () -- C:\Windows\dellstat.ini
[2012/04/22 20:02:08 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/04/22 20:02:08 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/04/20 16:53:22 | 000,049,772 | ---- | M] () -- C:\Users\William\Desktop\captain_dylan_hunt.jpg

========== Files Created - No Company Name ==========

[2012/05/17 14:22:24 | 158,097,764 | ---- | C] () -- C:\Users\William\Desktop\Person.of.Interest.S01E22[TEH-SONG].mkv
[2012/05/17 04:53:28 | 000,001,057 | ---- | C] () -- C:\Users\William\AppData\Roaming\vso_ts_preview.xml
[2012/05/15 03:48:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/15 03:48:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/15 03:48:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/15 03:48:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/15 03:48:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/14 00:00:46 | 000,000,512 | ---- | C] () -- C:\Users\William\Desktop\MBR.dat
[2012/05/13 19:58:28 | 000,302,592 | ---- | C] () -- C:\Users\William\Desktop\oibfjxod.exe
[2012/05/13 19:46:04 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/05 18:43:08 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\Play Sherlock Holmes and the Hound of the Baskervilles.lnk
[2012/05/05 18:43:08 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/04/22 19:22:48 | 3210,784,768 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/22 19:15:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/04/22 19:15:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/04/20 16:53:28 | 000,049,772 | ---- | C] () -- C:\Users\William\Desktop\captain_dylan_hunt.jpg
[2012/03/20 11:38:01 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/03/17 01:40:34 | 000,000,260 | ---- | C] () -- C:\Windows\dellstat.ini
[2012/01/13 19:11:06 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/23 01:20:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/23 01:20:16 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/22 23:36:02 | 000,027,136 | ---- | C] () -- C:\Users\William\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/22 21:18:07 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/12/22 21:11:40 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/12/22 20:49:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/12/22 19:54:56 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011/12/22 19:54:55 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011/12/16 11:12:10 | 000,000,680 | ---- | C] () -- C:\Users\William\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/04/12 19:38:18 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Boomzap
[2012/03/29 14:36:18 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Canneverbe Limited
[2012/01/22 05:00:53 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\DVDFab
[2012/01/13 22:22:15 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ERS Game Studios
[2012/05/13 13:41:45 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ESET
[2012/02/03 14:32:17 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Foxit Software
[2011/12/23 00:54:56 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ImgBurn
[2011/12/24 01:33:23 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\quickclick
[2011/12/27 12:50:31 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\SumatraPDF
[2011/12/22 22:54:32 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\TeamViewer
[2012/03/14 13:47:41 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\theSideline.com
[2012/03/10 01:08:44 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Vast Studios
[2012/05/17 22:01:20 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Vso
[2012/05/17 04:28:33 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2011/12/14 15:05:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/05/17 04:39:36 | 000,017,259 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/12/22 19:51:58 | 056,396,264 | ---- | M] () -- C:\Dell_multi-device_A17_R174292.exe
[2012/05/17 17:54:35 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/22 19:54:44 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2011/12/22 19:54:44 | 000,022,729 | ---- | M] () -- C:\newkey
[2012/05/17 17:54:34 | 3524,587,520 | -HS- | M] () -- C:\pagefile.sys
[2012/05/16 04:06:40 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_04.06.34_log.txt
[2012/05/16 04:07:57 | 000,137,436 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_04.06.55_log.txt
[2012/05/16 06:41:39 | 000,003,692 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_06.37.52_log.txt
[2012/05/16 06:46:21 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_06.46.13_log.txt
[2012/05/16 06:47:58 | 000,136,264 | ---- | M] () -- C:\TDSSKiller.2.7.35.0_16.05.2012_06.47.16_log.txt
[2012/05/16 14:04:24 | 000,136,264 | ---- | M] () -- C:\TDSSKiller.2.7.35.0_16.05.2012_13.46.09_log.txt
[2011/03/11 05:49:22 | 455,611,504 | ---- | M] (Microsoft Corporation) -- C:\Vista SP1.exe
[2011/02/26 13:27:44 | 365,230,920 | ---- | M] (Microsoft Corporation) -- C:\Vista SP2.exe

< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2011/12/23 01:56:25 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 17:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/02/20 12:27:50 | 000,102,400 | ---- | M] () -- C:\Windows\system32\spool\prtprocs\w32x86\dlbapp5c.dll
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/12/16 15:36:11 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/12/24 05:43:03 | 000,000,286 | -HS- | M] () -- C:\Users\William\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012/05/13 23:33:38 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
[2011/09/20 03:02:40 | 000,083,968 | ---- | M] (Esage Lab) -- C:\Users\William\Desktop\boot_cleaner.exe
[2012/05/17 04:03:55 | 004,495,594 | R--- | M] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
[2012/05/13 19:58:28 | 000,302,592 | ---- | M] () -- C:\Users\William\Desktop\oibfjxod.exe
[2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
[2012/05/16 07:40:44 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012/05/18 03:58:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/17 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/18 03:02:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/17 15:00:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
[2012/05/18 03:00:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
[2012/05/17 17:54:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/05/17 04:28:33 | 000,032,644 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2011/12/23 02:11:59 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbtmp.log

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/12/16 11:12:49 | 000,000,402 | -HS- | M] () -- C:\Users\William\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2012/04/29 20:22:03 | 000,000,166 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012/01/20 16:56:19 | 000,000,451 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

< dir /b "%systemroot%\*.exe" | find /I " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-15 09:54:44

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty
@Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\#1Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty
@Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:025DF3DE
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:E6C6EB3B
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:3B454A5C
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:AFC732F7
< End of report >

billyd, May 18, 2012

#25

billyd Newcomer, in training Posts: 60

OTL Extras logfile created on: 5/18/2012 3:51:28 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\William\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.12% Memory free
6.21 Gb Paging File | 4.99 Gb Available in Paging File | 80.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 41.77 Gb Free Space | 29.65% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.75 Gb Free Space | 21.39% Space Free | Partition Type: NTFS

Computer Name: WILLIAM-PC | User Name: William | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0890EA9F-6379-42ED-83FE-252307EB25C2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{19B1F53A-4C2B-4B05-A8F9-C01C57374912}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3FA29CAE-30C3-48CC-888F-0528C6DAFB4F}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service v4\intuitupdater.exe |
"{78B30951-9219-4D6D-ADDC-D45F272DB43D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{825DFAD3-92C2-4E80-9C04-2935A41F4E42}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A622C1C9-7AD5-4AE3-8BB5-CAF1F8A7B4DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A93B931E-A9D1-429C-8BBA-AA544C8F3B84}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CF12188E-6551-43C6-A6DD-D2F20C5ECA7B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{EB37A1DC-E0E4-48F1-95A9-76426126E514}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F264D194-6520-4551-BF81-84C41C8AC897}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service v4\intuitupdateservice.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{33DC7EE8-2F4A-4A23-93CF-A19377FD548D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{626D6EB2-D438-4AFD-9318-250A2408CDBC}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{689C5BBF-3BE2-4612-8682-0E5F6015808B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{6E66C14B-51A4-4B75-9D24-2E70DA64396F}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{944DA429-F871-4212-B4AA-9AD910270FBF}" = protocol=6 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"{B8580AB8-8A18-4F3A-BD2D-5510F0592E93}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F6F18879-72E8-41C0-8DFF-A420B945FFAA}" = protocol=17 | dir=in | app=c:\windows\system32\dlbacoms.exe |
"TCP Query User{D4C11919-9DB6-412B-B04F-C1A940265583}C:\program files\panda security\panda global protection 2012\apvxdwin.exe" = protocol=6 | dir=in | app=c:\program files\panda security\panda global protection 2012\apvxdwin.exe |
"UDP Query User{A154D613-702A-402A-9B02-E684127B99DA}C:\program files\panda security\panda global protection 2012\apvxdwin.exe" = protocol=17 | dir=in | app=c:\program files\panda security\panda global protection 2012\apvxdwin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.04
"{38D80A4C-D893-4985-BA3F-0B1D9E848CED}" = ESET Smart Security
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65C0F43C-5F3B-4AB5-BFC9-ABA1C8F4AA7D}" = TurboTax 2011 wohiper
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B5FDFDC4-F992-4E44-BF59-A693FA2CFD14}" = Turbo Tourney 2012
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AirXonix_is1" = AirXonix version 1.40
"AnyDVD" = AnyDVD
"Ball Breaker 3D" = Ball Breaker 3D
"BFG-Awakening - The Dreamless Castle" = Awakening: The Dreamless Castle
"BFGC" = Big Fish Games: Game Manager
"BFG-Nightfall Mysteries - Asylum Conspiracy" = Nightfall Mysteries: Asylum Conspiracy
"BFG-Sherlock Holmes and the Hound of the Baskervilles" = Sherlock Holmes and the Hound of the Baskervilles
"BFG-Temple of Life - The legend of Four Elements Collector's Edition" = Temple of Life: The Legend of Four Elements Collector's Edition
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"CloneDVD2" = CloneDVD2
"Defraggler" = Defraggler
"DivX Setup" = DivX Setup
"DVDFab 8 Qt RePack DMT_is1" = DVDFab 8.1.5.9 (20/01/2012) Qt
"DX-Ball 2 v1.25" = DX-Ball 2 v1.25
"Elven Mists" = Elven Mists
"Foxit Reader_is1" = Foxit Reader 5.1
"FrostWire 5" = FrostWire 5.3.2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"QuickPar" = QuickPar 0.9
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"TeamViewer 4" = TeamViewer 4
"Treasure Island 2" = Treasure Island 2
"TurboTax 2011" = TurboTax 2011
"UKGplayer" = SCREENSEVEN GAME CENTER
"WinASO Registry Optimizer_is1" = WinASO Registry Optimizer 4.7.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Wonderlines" = Wonderlines

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

billyd, May 18, 2012

#26

billyd Newcomer, in training Posts: 60

computer seems to be runnung much better so far thanks!

billyd, May 18, 2012

#27
Broni Malware Annihilator Posts: 39,313 +175
Good news

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL DRV - File not found [Kernel | System | Stopped] -- system32\drivers\tsk9AF1.tmp -- (netbt) DRV - File not found [File_System | Boot | Stopped] -- system32\drivers\98925466.sys -- (70080763) IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\URLSearchHook: - No CLSID value found O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. @Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty @Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\#1Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty @Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:025DF3DE @Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:E6C6EB3B @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:3B454A5C @Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:206470A5 @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:AFC732F7 :Commands [purity] [emptytemp] [emptyjava] [emptyflash] [Reboot]

Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.

====================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Press "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

3. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

4. Please, run F-Secure Online Scanner

Disable your Antivirus program.

Checkmark I have read and accepted the license terms.

Click on Run Check button.

Quick scan (recommended) option will come pre-checked. Don't change it.

Click on Start button.

When scan is done, in Step 3: Clean the files, leave all settings as they're.

Click Next button.

Click Full report... button.

Copy report's content and paste it into your next reply.
Broni, May 18, 2012

#28
billyd Newcomer, in training Posts: 60

All processes killed
========== OTL ==========
Service netbt stopped successfully!
Service netbt deleted successfully!
File system32\drivers\tsk9AF1.tmp not found.
Service 70080763 stopped successfully!
Service 70080763 deleted successfully!
File system32\drivers\98925466.sys not found.
Registry value HKEY_USERS\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
ADS C:\Users\William\Desktop\Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty deleted successfully.
ADS C:\Users\William\Desktop\#1Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty deleted successfully.
ADS C:\ProgramData\TEMP:025DF3DE deleted successfully.
ADS C:\ProgramData\TEMP:E6C6EB3B deleted successfully.
ADS C:\ProgramData\TEMP:3B454A5C deleted successfully.
ADS C:\ProgramData\TEMP:206470A5 deleted successfully.
ADS C:\ProgramData\TEMP:AFC732F7 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: William
->Temp folder emptied: 2206878 bytes
->Temporary Internet Files folder emptied: 1374369833 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 43808800 bytes
->Google Chrome cache emptied: 10998590 bytes
->Flash cache emptied: 36242 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 44544 bytes
Windows Temp folder emptied: 8940 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 178439637 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 740 bytes
RecycleBin emptied: 6431195945 bytes

Total Files Cleaned = 7,669.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: William
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: William
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.43.0 log created on 05192012_122015
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...

billyd, May 19, 2012

#29
billyd Newcomer, in training Posts: 60

Results of screen317's Security Check version 0.99.24
Windows Vista Service Pack 2 x86 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ESET Smart Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
CCleaner
Java(TM) 6 Update 31
Adobe Flash Player 11.2.202.235
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

billyd, May 19, 2012

#30
billyd Newcomer, in training Posts: 60

Farbar Service Scanner Version: 17-05-2012
Ran by William (administrator) on 19-05-2012 at 12:36:34
Running from "C:\Users\William\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============
System Restore Disabled Policy:
========================

Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-10 21:12] - [2012-03-30 08:39] - 0914304 ____A (Microsoft Corporation) EE7E10BED85C312C1D5D30C435BDDA9F
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

billyd, May 19, 2012

#31
billyd Newcomer, in training Posts: 60

the F-Secure Online Scanner doesn't seem to start ? after accepting terms and clicking run check it just sits there thinking?

thanks bill

billyd, May 19, 2012

#32
Broni Malware Annihilator Posts: 39,313 +175

Try different browser.

Broni, May 19, 2012

#33
billyd Newcomer, in training Posts: 60
Scanning Report

Sunday, May 20, 2012 00:54:00 - 00:58:54

Computer name: WILLIAM-PC
Scanning type: Quick scan
Target: System
No malware found

Statistics

Scanned:

Files: 4173

System: 4173

Not scanned: 0

Actions:

Disinfected: 0

Renamed: 0

Deleted: 0

Not cleaned: 0

Submitted: 0

Options

Scanning engines:
billyd, May 20, 2012

#34
Broni Malware Annihilator Posts: 39,313 +175
Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code:

:OTL :Commands [purity] [emptytemp] [EMPTYFLASH] [emptyjava] [CLEARALLRESTOREPOINTS] [Reboot]

Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
Broni, May 20, 2012

#35
billyd Newcomer, in training Posts: 60

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: William
->Temp folder emptied: 175428034 bytes
->Temporary Internet Files folder emptied: 179993438 bytes
->Java cache emptied: 29632 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 35042759 bytes
->Flash cache emptied: 4953 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1180 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 372.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: William
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: William
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.43.0 log created on 05202012_132321
Files\Folders moved on Reboot...
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FN3ZEZVF\bizo_multi[1].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EE10DR7\918[1].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EE10DR7\net[2].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5H3HAAE5\PugTracker[1].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57MS0C3J\dpsync[1].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57MS0C3J\dpsync[2].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57MS0C3J\dpsync[3].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57MS0C3J\partner[1].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57MS0C3J\partner[2].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57MS0C3J\partner[3].htm moved successfully.
C:\Users\William\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Z0JQAEY\up[1].htm moved successfully.
Registry entries deleted on Reboot...

billyd, May 20, 2012

#36
billyd Newcomer, in training Posts: 60

computer seems pretty good ! the only other problem I was having before was system crashes ! they started happening around 3/1/2012 Right after I in stalled panda antivirus! happened quite a bit for about a month . slowed down after that ! changed to eset smart security , & still was getting one intermitently! had one a couple days ago in the middle of our cleaning process? do you think this was being caused by the malware or another problem? if I can figure out how to post one of the mini dumps I can if you want

anyways thanks for all your help so far

billyd, May 20, 2012

#37
Broni Malware Annihilator Posts: 39,313 +175

Let's see...

Download BlueScreenView
No installation required.
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Broni, May 20, 2012

#38
billyd Newcomer, in training Posts: 60

it shows 31 crashes since early april you want the last one ?

billyd, May 20, 2012

#39
Broni Malware Annihilator Posts: 39,313 +175

I want all of them.

Broni, May 20, 2012

#40

Page 2 of 5

Add New Comment

	Social Login & Guest Posting			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.