ComboFix 11-11-18.02 - Admin-Kemper 11/18/2011 8:32:59.3.2 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4094.2776 [GMT -8:00] Running from: C:\Users\admin-kemper\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ((((((((((((((((((((((((( Files Created from 2011-10-18 to 2011-11-18 ))))))))))))))))))))))))))))))) 2011-11-18 17:04:31 . 2011-11-18 17:04:31 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DEE02441-3DF8-4425-843C-7B7BCA1FD772}\offreg.dll 2011-11-18 17:02:18 . 2011-11-18 17:02:18 -------- d-----w- C:\Users\owner\AppData\Local\temp 2011-11-18 17:02:18 . 2011-11-18 17:02:18 -------- d-----w- C:\Users\Default\AppData\Local\temp 2011-11-18 01:18:20 . 2011-10-07 04:16:03 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DEE02441-3DF8-4425-843C-7B7BCA1FD772}\mpengine.dll 2011-11-18 01:12:27 . 2011-05-12 22:05:32 18816 ------w- C:\Windows\SysWow64\SAVRKBootTasks.sys 2011-11-18 00:55:40 . 2011-05-12 22:03:12 6144 ------w- C:\Windows\system32\E61B.tmp 2011-11-18 00:55:13 . 2011-05-12 22:03:12 6144 ------w- C:\Windows\system32\7ABB.tmp 2011-11-18 00:55:06 . 2011-11-18 00:55:06 -------- d-----w- C:\Program Files (x86)\Sophos 2011-11-18 00:31:46 . 2011-11-18 00:31:46 -------- d-----w- C:\Windows\system32\appmgmt 2011-11-18 00:13:09 . 2011-11-18 00:31:45 -------- d-----w- C:\ProgramData\STOPzilla! 2011-11-14 21:38:21 . 2011-10-01 05:45:21 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll 2011-11-14 21:38:21 . 2011-10-01 04:37:08 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll 2011-11-14 21:38:20 . 2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\system32\drivers\tcpip.sys 2011-11-14 21:38:19 . 2011-09-29 04:03:32 3144704 ----a-w- C:\Windows\system32\win32k.sys 2011-11-14 21:36:33 . 2011-11-14 23:46:02 -------- d-----w- C:\ProgramData\PC Tools 2011-11-09 01:12:19 . 2011-11-09 01:12:19 -------- d-----w- C:\_OTM 2011-11-08 23:39:09 . 2011-11-08 23:39:09 -------- d-----w- C:\Users\admin-kemper\AppData\Roaming\Malwarebytes 2011-11-08 23:38:59 . 2010-04-29 23:39:38 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-11-08 23:09:46 . 2011-11-08 23:09:46 -------- d-----w- C:\Users\admin-kemper\AppData\Local\DYMO 2011-11-08 23:09:33 . 2011-11-08 23:09:33 -------- d-----w- C:\Users\admin-kemper\AppData\Roaming\Intel Corporation 2011-11-08 23:09:31 . 2011-11-08 23:09:31 -------- d-----w- C:\Users\admin-kemper\AppData\Local\Adobe 2011-11-08 23:09:28 . 2011-11-08 23:09:28 -------- d-----w- C:\Users\admin-kemper\AppData\Roaming\Realtime Soft 2011-11-08 18:42:15 . 2011-11-08 21:08:06 -------- d-----w- C:\Users\kemper 2011-11-08 16:59:47 . 2011-11-09 01:34:19 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2011-11-08 16:59:47 . 2011-11-09 01:17:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2011-11-08 16:52:52 . 2011-11-08 23:39:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-11-08 16:52:52 . 2011-11-08 16:52:52 -------- d-----w- C:\ProgramData\Malwarebytes 2011-10-28 16:54:23 . 2009-11-10 19:33:22 118784 ----a-w- C:\Windows\csasvc.exe 2011-10-28 16:54:22 . 2009-11-10 19:32:26 148480 ----a-w- C:\Windows\system32\Spool\prtprocs\x64\csantprt.dll 2011-10-28 16:54:22 . 2009-11-10 19:32:04 11264 ----a-w- C:\Windows\espurge.exe 2011-10-28 16:54:04 . 2001-07-30 17:40:12 44032 ----a-w- C:\Windows\SysWow64\temp.00B 2011-10-28 16:54:04 . 2000-05-27 07:00:00 1388544 ----a-w- C:\Windows\SysWow64\temp.00C 2011-10-28 16:54:04 . 1998-05-31 07:00:00 22288 ----a-w- C:\Windows\SysWow64\temp.00D 2011-10-28 16:54:03 . 2001-07-30 17:42:00 1118720 ----a-w- C:\Windows\SysWow64\temp.00A 2011-10-28 16:53:09 . 2001-11-16 00:14:12 295000 ----a-w- C:\Windows\SysWow64\temp.008 2011-10-28 16:53:09 . 2001-11-16 00:14:04 995383 ----a-w- C:\Windows\SysWow64\temp.009 2011-10-28 16:53:09 . 1998-06-17 19:52:14 401462 ----a-w- C:\Windows\SysWow64\temp.007 2011-10-25 19:06:00 . 2011-10-25 19:06:00 -------- d--h--w- C:\Windows\Sun 2011-10-25 15:03:21 . 2011-11-08 21:51:38 -------- d-----w- C:\Program Files (x86)\Common Files\Java . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-10-17 16:04:39 . 2011-10-17 16:04:39 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-11 10:49:10 . 2011-09-01 09:59:28 57856 ----a-w- C:\Windows\RemComSvc.exe 2011-10-03 12:06:03 . 2011-07-19 21:06:07 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-09-01 05:24:07 . 2011-10-17 15:54:04 2309120 ----a-w- C:\Windows\system32\jscript9.dll 2011-09-01 05:17:57 . 2011-10-17 15:54:05 1389056 ----a-w- C:\Windows\system32\wininet.dll 2011-09-01 05:12:04 . 2011-10-17 15:54:07 2382848 ----a-w- C:\Windows\system32\mshtml.tlb 2011-09-01 02:35:59 . 2011-10-17 15:54:04 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-09-01 02:28:15 . 2011-10-17 15:54:05 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-09-01 02:22:54 . 2011-10-17 15:54:07 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-08-27 05:37:49 . 2011-10-12 21:03:09 861696 ----a-w- C:\Windows\system32\oleaut32.dll 2011-08-27 05:37:48 . 2011-10-12 21:03:09 331776 ----a-w- C:\Windows\system32\oleacc.dll 2011-08-27 04:26:27 . 2011-10-12 21:03:09 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-08-27 04:26:27 . 2011-10-12 21:03:09 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-08-24 23:07:08 . 2011-08-24 23:07:08 58640 ----a-r- C:\Users\admin-kemper\AppData\Roaming\Microsoft\Installer\{9B5B1BF4-95D7-4767-97FE-FA64E3EA03E7}\ARPPRODUCTICON.exe 2011-08-24 21:33:31 . 2011-08-24 21:33:31 73216 ----a-w- C:\Windows\ST6UNST.EXE 2011-08-24 21:33:31 . 2011-08-24 21:33:31 286720 ----a-w- C:\Windows\Setup1.exe 2011-08-24 20:44:26 . 2010-06-24 16:33:56 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll ((((((((((((((((((((((((((((( SnapShot@2011-11-09_00.44.55 ))))))))))))))))))))))))))))))))))))))))) + 2009-07-14 04:54:17 . 2011-11-14 23:36:45 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54:17 . 2009-07-14 04:55:03 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54:17 . 2011-11-14 23:36:45 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54:17 . 2009-07-14 04:55:03 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54:17 . 2011-11-14 23:36:45 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54:17 . 2009-07-14 04:55:03 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09:11 . 2011-11-18 16:11:43 36814 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10:35 . 2011-11-18 01:15:21 42532 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-08-24 20:44:40 . 2011-11-08 23:27:52 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-08-24 20:44:40 . 2011-11-09 18:07:04 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-08-24 20:44:40 . 2011-11-08 23:27:52 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-08-24 20:44:40 . 2011-11-09 18:07:04 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54:19 . 2011-11-08 23:27:52 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54:19 . 2011-11-09 18:07:04 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-08-24 21:42:43 . 2011-11-18 01:15:21 4692 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1143584805-1158168592-2786356322-1250_UserData.bin - 2011-11-09 00:43:11 . 2011-11-09 00:43:11 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-11-18 17:04:18 . 2011-11-18 17:04:18 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-11-09 00:43:11 . 2011-11-09 00:43:11 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-11-18 17:04:18 . 2011-11-18 17:04:18 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-11-14 21:45:14 . 2011-11-14 23:36:45 262144 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2011-08-25 00:22:42 . 2011-11-09 15:56:51 233170 C:\Windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin + 2009-07-14 02:36:59 . 2011-11-18 16:18:42 740388 C:\Windows\system32\perfh009.dat - 2009-07-14 02:36:59 . 2011-11-08 23:34:39 740388 C:\Windows\system32\perfh009.dat - 2009-07-14 02:36:59 . 2011-11-08 23:34:39 151234 C:\Windows\system32\perfc009.dat + 2009-07-14 02:36:59 . 2011-11-18 16:18:42 151234 C:\Windows\system32\perfc009.dat - 2009-07-14 04:45:34 . 2011-10-17 16:01:14 445696 C:\Windows\system32\FNTCACHE.DAT + 2009-07-14 04:45:34 . 2011-11-18 00:05:49 445696 C:\Windows\system32\FNTCACHE.DAT - 2009-07-14 02:34:08 . 2011-10-17 16:00:07 9961472 C:\Windows\system32\SMI\Store\Machine\schema.dat + 2009-07-14 02:34:08 . 2011-11-14 23:54:05 9961472 C:\Windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 04:45:55 . 2011-11-08 22:10:49 7400902 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45:55 . 2011-11-18 00:07:12 7400902 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2011-11-08 18:51:50 . 2011-11-08 21:49:39 1291496 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1143584805-1158168592-2786356322-1121-12288.dat + 2011-11-08 18:51:50 . 2011-11-14 23:53:59 1291496 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1143584805-1158168592-2786356322-1121-12288.dat + 2011-08-24 23:45:40 . 2011-11-14 23:52:34 52174280 C:\Windows\system32\MRT.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 00:07:20 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 19:37:24 1314816] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 04:54:20 283160] "RemoteControl9"="C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 19:22:04 87336] "PDVD9LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 15:33:18 50472] "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2011-08-30 20:24:59 624056] "DLSService"="C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" [2009-06-24 04:08:12 55808] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 04:59:06 937920] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 20:06:06 254696] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1549680] UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico [2011-8-24 29310] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "DisableCAD"= 1 (0x1) "EnableLinkedConnections"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoNTSecurity"= 1 (0x1) "NoDisconnect"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R0 is3srv;is3srv;C:\Windows\SySWOW64\drivers\is3srv64.sys [x] R0 szkg5;szkg5;C:\Windows\SySWOW64\DRIVERS\szkg64.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 21:16:28 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 22:27:14 138576] R3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys [x] R3 MEMSWEEP2;MEMSWEEP2;C:\Windows\system32\E61B.tmp [x] R3 netvsc;netvsc;C:\Windows\system32\DRIVERS\netvsc60.sys [x] R3 SynthVid;SynthVid;C:\Windows\system32\DRIVERS\VMBusVideoM.sys [x] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe [x] R4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 21:59:28 136176] R4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 21:59:28 136176] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 04:55:56 47128] R4 SQLAgent$PROFXENGAGEMENT;SQL Server Agent (PROFXENGAGEMENT);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.PROFXENGAGEMENT\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 17:14:58 370008] R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 23:10:10 57184] S1 ehdrv;ehdrv;C:\Windows\system32\DRIVERS\ehdrv.sys [x] S2 CSAPrintService;Creative Solutions Accounting Print Service;C:\Windows\csasvc.exe [2009-11-10 19:33:22 118784] S2 dcpsysmgrsvc;Dell System Manager Service;c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 22:07:24 517488] S2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-02-22 23:50:16 810120] S2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 04:54:22 13336] S2 MSSQL$PROFXENGAGEMENT;SQL Server (PROFXENGAGEMENT);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.PROFXENGAGEMENT\MSSQL\Binn\sqlservr.exe [2010-09-17 17:16:58 42773336] S2 PFXEngDesktopService;PFXEngDesktopService;C:\Pfx Engagement\Common\PFXEngDesktopService.exe [2011-07-28 23:11:22 395264] S2 PFXSYNPFTService;PFXSYNPFTService;C:\Pfx Engagement\Common\PFXSYNPFTService.exe [2011-07-28 23:09:54 549888] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 23:31:10 1153368] S2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 09:11:42 20512] Contents of the 'Scheduled Tasks' folder 2011-11-18 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 21:59:31 . 2011-10-17 21:59:28] 2011-11-18 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-17 21:59:31 . 2011-10-17 21:59:28] --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay] @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}" [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}] 2010-10-16 21:17:10 138608 ----a-w- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay] @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}" [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}] 2010-10-16 21:17:10 138608 ----a-w- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="C:\Program Files\NVIDIA Corporation\nView\nwiz.exe" [2009-12-03 15:46:10 1712232] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-02-22 23:49:58 2837256] ------- Supplementary Scan ------- uLocal Page = C:\Windows\system32\blank.htm mLocal Page = C:\Windows\SysWOW64\blank.htm IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 10.0.10.210 - - - - ORPHANS REMOVED - - - - Toolbar-Locked - (no file)