Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Generic Host Process for Win32 services has...

Started by DBSullivan , Dec 14 2010 05:57 PM

  • Please log in to reply

#1
DBSullivan
Posted 14 December 2010 - 05:57 PM

DBSullivan

    New Member

  • Member
  • Pip
  • 2 posts
Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.

My computer lately has gone back to the stoneage, it has seen way better days. About a week ago i had a popup on my computer out of the blue that said HDD Plus and began running a "scan" of my computer and noted that my Cdrive had no memory and needed to be defragged. My computer then spammed me with "Low memory" before it crashed and burned. Then i would need to restart my computer, and go through the same process. After deleting some files, running some malware programs, and praying in safemode. I was able to get my computer to stay on. However i now get the issue i typed above and having other issues. But the problem just returned for a few days before some how it stopped. I still get the hdd plus virus to pop up in my anti virus protector, but i still believe its wrecking my system.

After having my computer on for about 10-15 minutes one of the svchost.exe begins to go crazy. It runs at about 80% of the cpu's memory before crashing. Thats what i believe gives me the generic host process error. At that time i lose all sound on things i have yet to open. But if there are files open like ventrillo or a youtube video they will be left unharmed. Right after the Generic host process error comes up my computer does this really weird thing were it resorts back to the "classical" theme that microsoft provides, then almost instantly switches back. Some programs will stay in the XP setting, but the new ones that are opened will be in classical theme, these classical themed programs are the ones that have issues.

The svchoste.exe that went into hyperdrive is no longer listed in the task manager afterwards, i believe process explorer list it as svchost.exe:1252netsvcs.

I don't know if its a malicious program causing the errors, or myself disabling something in the process of executing the infection. So hopefully its an easy fix and my malpractice insurance wont go through the roof.

Thank you.



OTL logfile created on: 12/14/2010 6:43:52 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Dan\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.42 Gb Total Space | 17.23 Gb Free Space | 23.15% Space Free | Partition Type: NTFS

Computer Name: ZOTAKUL | User Name: Dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/14 18:43:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\My Documents\Downloads\OTL.exe
PRC - [2010/12/10 23:56:32 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 23:56:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/22 10:59:00 | 004,177,272 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Dan\Desktop\procexp.exe
PRC - [2008/11/10 10:23:50 | 001,539,072 | ---- | M] () -- C:\Program Files\Ventrilo\Ventrilo.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/26 10:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/12/05 17:24:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/09/14 10:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2007/04/15 21:49:16 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2007/04/15 21:49:08 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/04/15 21:49:08 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/04/15 21:49:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2006/11/30 07:50:00 | 000,144,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2006/11/30 07:50:00 | 000,112,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2006/11/30 07:50:00 | 000,054,872 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2006/11/17 12:40:56 | 000,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2006/11/17 12:39:58 | 000,136,768 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2006/11/17 12:37:44 | 000,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2006/11/17 02:06:00 | 000,086,016 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\Mctray.exe


========== Modules (SafeList) ==========

MOD - [2010/12/14 18:43:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/12/05 17:24:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/11/08 22:50:10 | 001,552,384 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/09/13 14:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.) [Disabled | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2007/09/07 17:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Disabled | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2007/08/31 17:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.) [Disabled | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2007/07/25 16:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2007/07/25 16:29:38 | 000,987,136 | ---- | M] (Intel Corporation ) [Disabled | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2007/07/25 16:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2007/06/11 18:18:00 | 000,537,520 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\lxdjcoms.exe -- (lxdj_device)
SRV - [2007/02/14 15:23:18 | 000,538,096 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\dlcccoms.exe -- (dlcc_device)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/19 14:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Disabled | Stopped] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2006/11/30 07:50:00 | 000,144,960 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2006/11/30 07:50:00 | 000,054,872 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2006/11/17 12:37:44 | 000,104,000 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/09/10 19:44:28 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/15 20:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/12/05 17:24:44 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/12/02 18:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 18:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 18:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/12/02 18:06:06 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/11/28 16:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/11/02 07:36:10 | 000,018,176 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/10/10 09:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/09/25 09:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007/09/10 09:55:00 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 09:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/09/06 09:18:40 | 000,018,176 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2007/08/12 18:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/05/29 15:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/04/15 21:49:08 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/18 15:44:38 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/23 12:03:44 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2006/12/19 14:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/11/30 07:50:00 | 000,168,776 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2006/11/30 07:50:00 | 000,072,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2006/11/30 07:50:00 | 000,064,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2006/11/30 07:50:00 | 000,052,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2006/11/30 07:50:00 | 000,034,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2006/11/30 07:50:00 | 000,031,944 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys -- (mferkdk)
DRV - [2006/11/02 12:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4080721
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4080721

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4080721
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lhup.edu/
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {FBCEC142-D254-4C89-983B-636C47EC7C19}:1.9.1


FF - HKLM\software\mozilla\Firefox\extensions\\{FBCEC142-D254-4C89-983B-636C47EC7C19}: C:\Documents and Settings\Dan\Local Settings\Application Data\{FBCEC142-D254-4C89-983B-636C47EC7C19} [2010/12/07 16:01:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 23:56:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 23:56:37 | 000,000,000 | ---D | M]

[2010/12/09 04:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2009/04/02 14:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\MediaCoder
[2009/04/02 15:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions\XulPlayer
[2010/12/14 17:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\hxg4x70a.default\extensions
[2010/12/09 04:41:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\hxg4x70a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/09 04:04:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/12/12 21:10:01 | 000,426,615 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14694 more lines...
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\ScriptCl.dll (McAfee, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuz2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DLCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1220888638593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/14 18:28:33 | 004,177,272 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Dan\Desktop\procexp.exe
[2010/12/14 18:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Malwarebytes
[2010/12/14 18:15:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/14 18:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/14 18:15:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/14 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/14 00:54:12 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/12/14 00:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/12/10 19:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/12/09 21:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2010/12/09 07:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2010/12/09 04:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla
[2010/12/09 04:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/12/08 23:44:42 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/12/08 21:45:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/12/08 21:44:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/08 15:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/12/07 18:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/12/07 18:51:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/12/07 16:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/07 16:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/12/07 16:40:04 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Dan\My Documents\spybotsd162.exe
[2010/12/07 16:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/12/07 16:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/12/07 16:01:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\{FBCEC142-D254-4C89-983B-636C47EC7C19}
[2010/12/01 11:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\ConduitEngine
[2010/12/01 11:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010/11/16 20:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\PTR Installer 4.0.0.12824 enUS
[2009/07/14 14:57:17 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhcp.dll
[2007/06/01 00:20:12 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpmui.dll
[2007/06/01 00:18:48 | 001,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjserv.dll
[2007/06/01 00:12:07 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomm.dll
[2007/06/01 00:10:19 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjlmpm.dll
[2007/06/01 00:08:48 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjiesc.dll
[2007/06/01 00:06:05 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjpplc.dll
[2007/06/01 00:05:15 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjcomc.dll
[2007/06/01 00:04:29 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjprox.dll
[2007/05/31 23:56:37 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjinpa.dll
[2007/05/31 23:55:43 | 000,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjusb1.dll
[2007/05/31 23:51:06 | 000,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdjhbn3.dll
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlccusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcchbn3.dll

========== Files - Modified Within 30 Days ==========

[2010/12/14 18:35:39 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/12/14 18:34:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/14 18:31:33 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\WefiStartup.job
[2010/12/14 18:31:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/14 18:31:28 | 1600,094,208 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/14 18:15:49 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/13 13:34:39 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/12/12 21:10:01 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/12 21:07:42 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101212-211001.backup
[2010/12/12 19:55:39 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Pgitif.dat
[2010/12/12 17:01:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\WavXMapDrive.bat
[2010/12/12 02:56:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Vfoquwatonudow.bin
[2010/12/10 19:35:29 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\Robin Hood.doc
[2010/12/10 18:46:02 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Microsoft Office Word 2003.lnk
[2010/12/09 21:15:32 | 000,000,383 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\GenericHostErrorProblem.bat
[2010/12/09 04:04:22 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/09 04:04:22 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/12/08 23:45:28 | 000,000,109 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/12/08 23:19:43 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/08 21:44:13 | 003,986,523 | R--- | M] () -- C:\Documents and Settings\Dan\My Documents\ComboFix.exe
[2010/12/08 13:55:54 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101212-210742.backup
[2010/12/07 17:14:27 | 000,447,266 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/07 17:14:27 | 000,073,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/07 16:47:07 | 000,426,615 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101207-170054.backup
[2010/12/07 16:47:07 | 000,426,615 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101208-135554.backup
[2010/12/07 16:42:44 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/07 16:42:44 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Spybot - Search & Destroy.lnk
[2010/12/07 16:40:29 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Dan\My Documents\spybotsd162.exe
[2010/12/07 15:58:28 | 000,046,080 | -H-- | M] () -- C:\WINDOWS\System32\netstify.dll
[2010/12/05 14:16:35 | 000,529,408 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\SteveMadden ImpConc.ppt
[2010/12/03 21:34:20 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/01 19:30:25 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\Maple avenue.doc
[2010/11/29 18:30:59 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\Decentralization.doc
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/23 13:05:29 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\ADV. Managerial Test 2.xls
[2010/11/22 10:59:00 | 004,177,272 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Dan\Desktop\procexp.exe
[2010/11/21 15:41:37 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\Adv Managerial Question 4.doc
[2010/11/21 01:50:09 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Curse Client.appref-ms
[2010/11/20 13:23:28 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\Battle.doc
[2010/11/17 11:16:31 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Dan\My Documents\Self Improvement Plan PArt II.doc

========== Files Created - No Company Name ==========

[2010/12/14 18:15:49 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/14 17:05:11 | 1600,094,208 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/10 19:34:02 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\Robin Hood.doc
[2010/12/09 21:15:32 | 000,000,383 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\GenericHostErrorProblem.bat
[2010/12/09 04:04:22 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/12/09 04:04:22 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/12/08 23:45:28 | 000,000,109 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/12/08 21:43:42 | 003,986,523 | R--- | C] () -- C:\Documents and Settings\Dan\My Documents\ComboFix.exe
[2010/12/07 16:42:44 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/12/07 16:42:44 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Spybot - Search & Destroy.lnk
[2010/12/07 16:01:44 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pgitif.dat
[2010/12/07 16:01:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Vfoquwatonudow.bin
[2010/12/07 15:58:28 | 000,046,080 | -H-- | C] () -- C:\WINDOWS\System32\netstify.dll
[2010/12/05 14:16:35 | 000,529,408 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\SteveMadden ImpConc.ppt
[2010/12/01 19:30:23 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\Maple avenue.doc
[2010/11/29 18:30:59 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\Decentralization.doc
[2010/11/21 15:41:37 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\Adv Managerial Question 4.doc
[2010/11/21 13:29:22 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\ADV. Managerial Test 2.xls
[2010/11/20 13:23:27 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\Battle.doc
[2010/11/17 11:16:06 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\Dan\My Documents\Self Improvement Plan PArt II.doc
[2010/07/05 00:46:21 | 000,129,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/03 16:45:33 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Questionmark Secure.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/14 14:57:20 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\lxdjrwrd.ini
[2009/07/14 14:57:17 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\lxdjinst.dll
[2009/07/14 14:56:21 | 000,348,160 | R--- | C] () -- C:\WINDOWS\System32\lxdjcoin.dll
[2009/04/02 13:55:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\VideoConvert.INI
[2009/03/27 19:01:31 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/23 12:10:21 | 000,000,075 | ---- | C] () -- C:\WINDOWS\TaxACT08.ini
[2009/01/25 11:30:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/26 18:39:19 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/10/06 14:34:07 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\iPod Access v4 Prefs
[2008/10/06 14:32:34 | 000,000,011 | -H-- | C] () -- C:\Documents and Settings\Dan\Application Data\iPodAccess_Time
[2008/10/02 10:17:25 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/09/18 15:02:58 | 001,843,784 | ---- | C] () -- C:\WINDOWS\System32\igklg400.dll
[2008/09/18 15:02:58 | 001,399,880 | ---- | C] () -- C:\WINDOWS\System32\igklg450.dll
[2008/09/18 15:02:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2008/09/18 15:02:58 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2008/09/10 19:44:28 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/07/27 11:49:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2008/07/24 11:31:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\WavXMapDrive.bat
[2008/07/21 15:40:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/07/21 15:27:05 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2008/07/21 15:24:30 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2008/07/21 15:24:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2008/07/21 14:57:00 | 000,910,304 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/07/21 14:57:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4831.dll
[2008/07/21 14:55:10 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/13 14:42:30 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/09/13 14:42:30 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/09/13 14:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/09/13 14:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/09/13 14:42:28 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/09/13 14:42:28 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/09/13 14:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/09/13 14:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/09/13 14:42:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/09/13 14:42:26 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/09/13 14:36:24 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/09/12 15:05:08 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/09/12 15:04:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/09/12 15:04:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/09/12 15:04:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/09/12 15:03:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/09/12 15:03:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/09/12 15:03:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/09/12 15:02:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/09/12 15:02:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/09/12 15:02:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/09/10 09:53:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/06/15 10:19:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2007/05/24 11:04:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdjgrd.dll
[2007/02/07 11:57:16 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcccoin.dll
[2007/01/26 06:11:42 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlccinsr.dll
[2007/01/26 06:11:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcccur.dll
[2007/01/26 06:09:58 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\dlccjswr.dll
[2007/01/26 05:59:04 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlccinsb.dll
[2007/01/26 05:58:30 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcccub.dll
[2007/01/26 05:57:38 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcccu.dll
[2007/01/26 05:57:18 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\dlccins.dll
[2007/01/26 05:53:46 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\dlccutil.dll
[2007/01/22 01:24:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlcccfg.dll
[2006/08/14 11:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/12 08:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2006/05/18 09:47:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdjvs.dll
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlccvs.dll
[2005/04/01 10:44:16 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcccnv4.dll
[2004/09/10 13:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/11 17:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 17:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2008/07/24 12:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/09/01 16:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/09/19 19:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco
[2008/12/05 20:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab
[2008/07/21 15:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2009/09/08 14:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pervasive Software
[2010/09/20 16:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/06/16 19:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/07/21 15:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2010/08/01 15:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2009/05/25 22:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/07/16 20:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/06/16 18:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/07/24 12:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\acccore
[2010/11/17 18:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Azureus
[2009/04/02 15:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Broad Intelligence
[2008/08/22 23:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\CiscoCAA
[2008/09/10 19:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\DAEMON Tools
[2010/08/23 09:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Dropbox
[2010/12/08 23:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Keit
[2010/10/23 15:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Lexmark Productivity Studio
[2009/01/03 15:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\LimeWire
[2010/09/21 11:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\LolClient
[2009/09/08 14:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Peachtree
[2008/07/29 18:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Viewpoint
[2008/07/21 15:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Wave Systems Corp
[2008/09/08 13:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Windows Search
[2010/07/21 20:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\WindSolutions
[2010/12/14 18:31:33 | 000,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\WefiStartup.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
DBSullivan
Posted 14 December 2010 - 10:15 PM

DBSullivan

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Unable to activate DirectSound for selected device.
DirectSoundCaptureCreate failed. HR=DSERR_NODRIVER. No sound driver is available for use

Is a message i receive when trying to use ventrillo after the crash.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP