Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Many Viruses


  • This topic is locked This topic is locked

#1
hospitaldoctor

hospitaldoctor

    Member

  • Member
  • PipPipPip
  • 318 posts
I did a recent virus scan with Symantec, and it shows that I have a lot of various viruses and trojans. Some of which could not be cleaned or quarantined. So what is the best way of cleaning all of the viruses from my computer? What steps should I take exactly in order to effeciently clean as much as possible? Which programs and scans should I use please?
Thank you!
  • 0

Advertisements


#2
redcar92

redcar92

    Member

  • Member
  • PipPip
  • 69 posts
Hello hospitaldoctor and welcome to the G2G Form. :)
I'm RedCar92 and my name is Bill, I'll be glad to help you with your computer problems.

  • Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear. Malware removal can be stressful but we will clean it.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise, this will be a team effort.
This may cause a delay, but I will do my best to keep it as short as possible.

Please bear with me, I will post back to you as soon as I can.

IMPORTANT NOTE : Please do not delete anything unless instructed to.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperative and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

These tools MUST be run from the executable. (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.


Thanks
Bill
In Training at WTT Classroom
  • 0

#3
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
Thanks
So whats the first step please?
How can I effectively remove all of these viruses and trojans from my computer?
I have Windows 7 64 Bit

Edited by hospitaldoctor, 16 May 2011 - 12:10 PM.

  • 0

#4
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
What should I do please?
Thanks
  • 0

#5
redcar92

redcar92

    Member

  • Member
  • PipPip
  • 69 posts
Hello hospitaldoctor,
My apologies, I am not ignoring you, as I stated above, I am still in training. That means that any responses to you involving downloading, running or posting results must first be checked and approved by and instructor. I have submitted my response and am awaiting approval.
  • 0

#6
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
Can you run windows defender and online armor (firewall) at the same time, by the way?
or do i have to deactivate one?
Is windows defender a firewall program too?
What is the best (free) firewall program to use that wont slow down my computer?
Thanks

Edited by hospitaldoctor, 17 May 2011 - 12:02 AM.

  • 0

#7
redcar92

redcar92

    Member

  • Member
  • PipPip
  • 69 posts
Greetings hospitaldoctor,
I will try to answer your question about firewalls when I know a little more about your computer
Please do the following:

Please download DDS from LINK 1 or LINK 2
and save it to your desktop.

Vista and Windows 7 users:
  • These tools MUST be run from the executable. (.exe) every time you run them
  • With Admin Rights (Right click, choose "Run as Administrato
  • When done, two DDS.txt's will open.
  • Save both reports to your desktop.
  • Please include the contents of the following in your reply using Copy / Paste:
  • DDS.txt & Attach.txt
Next

  • Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Logs to post:
  • DDS.txt
  • attach.txt
  • aswmbr.txt

  • 0

#8
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
Can you run windows defender and online armor (firewall) at the same time, by the way?
or do i have to deactivate one?
Is windows defender a firewall program too?
What is the best (free) firewall program to use that wont slow down my computer?
Thanks
  • 0

#9
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4055.2198 [GMT -4:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Windows\SysWOW64\java.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
C:\Windows\System32\vds.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2JXKKUKG\dds[1].scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {00000000-0000-0000-0000-000000000000} - No File
TB: {22E03916-85C5-44B0-8DC9-1830C11238D9} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://rap.northshorelij.com/dana-cached/sc/JuniperSetupClient.cab
TCP: {A3CC3618-63E5-4287-BE5F-6C6043DBF78D} = 208.67.222.222,208.67.220.220
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {00000000-0000-0000-0000-000000000000} - No File
TB-X64: {22E03916-85C5-44B0-8DC9-1830C11238D9} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [RunDLLEntry_THXCfg] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
mRun-x64: [RunDLLEntry_EptMon] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
mRun-x64: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uaqss536.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-21 55280]
R1 NEOFLTR_650_16789;Juniper Networks TDI Filter Driver (NEOFLTR_650_16789);C:\Windows\System32\drivers\NEOFLTR_650_16789.SYS [2011-4-14 100472]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-21 13336]
R2 LinksysUpdater;Linksys Updater;C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-6-26 204800]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-3-1 373640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-5-15 72216]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-29 705856]
R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-5-17 1831024]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2011-4-1 23904]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-5-10 136824]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-21 56344]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-21 271872]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-12-21 320040]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
R3 LVUVC64;Logitech HD Webcam C510(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-12-21 86120]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-21 158976]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-11-17 25072]
S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2010-12-29 38536]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-17 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-30 1255736]
.
=============== Created Last 30 ================
.
2011-05-17 06:35:10 -------- d-----w- C:\Windows\System32\SPReview
2011-05-17 06:34:05 -------- d-----w- C:\Windows\System32\EventProviders
2011-05-17 06:29:59 299392 ----a-w- C:\Windows\System32\mcupdate_GenuineIntel.dll
2011-05-17 06:28:59 406528 ----a-w- C:\Windows\SysWow64\netcfgx.dll
2011-05-17 06:27:59 658432 ----a-w- C:\Windows\System32\PerfCenterCPL.dll
2011-05-17 06:26:59 624128 ----a-w- C:\Windows\System32\qedit.dll
2011-05-17 06:25:59 600576 ----a-w- C:\Windows\SysWow64\PerfCenterCPL.dll
2011-05-17 06:24:59 91648 ----a-w- C:\Windows\System32\mapistub.dll
2011-05-17 06:23:59 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax
2011-05-17 06:22:59 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2011-05-17 06:21:55 323072 ----a-w- C:\Windows\SysWow64\drvstore.dll
2011-05-17 06:21:55 257024 ----a-w- C:\Windows\SysWow64\dpx.dll
2011-05-17 06:21:52 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-05-17 06:21:52 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-05-17 06:18:47 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-05-17 06:18:47 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-05-17 06:18:47 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-05-17 06:18:35 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-05-17 06:18:21 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-05-17 06:17:50 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-05-17 06:17:50 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-05-17 04:45:57 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-05-17 04:45:57 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-05-17 04:45:57 465880 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-05-17 04:45:57 2145240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-05-17 04:45:57 1974616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-05-17 04:45:57 1892184 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-05-17 04:45:57 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-05-17 04:45:57 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-17 04:41:10 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility
2011-05-17 04:40:05 -------- d-----w- C:\Program Files (x86)\Auslogics
2011-05-17 04:19:16 -------- d-----w- C:\Program Files (x86)\FileHippo.com
2011-05-16 21:14:56 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-16 03:33:53 -------- d-----w- C:\Users\Jonathan\AppData\Local\LogMeIn
2011-05-16 03:33:51 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-05-16 03:33:51 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-05-16 03:33:50 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-05-16 03:33:50 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-05-16 03:33:49 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-05-16 03:33:48 -------- d-----w- C:\PROGRA~3\LogMeIn
2011-05-16 03:33:42 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-05-15 07:05:34 -------- d-----r- C:\Users\Jonathan\Dropbox
2011-05-15 07:04:05 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Dropbox
2011-05-12 22:49:08 53248 ----a-r- C:\Users\Jonathan\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-12 22:37:15 8802128 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{A003E1F8-B0A4-48DE-880D-00A50EEC9778}\mpengine.dll
2011-05-12 22:36:24 -------- d-----w- C:\Program Files\Microsoft IntelliType Pro
2011-05-12 22:33:12 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-05-12 22:33:11 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-05-12 22:33:11 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-05-12 22:33:10 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-05-12 22:31:04 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-12 22:31:03 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-11 15:20:25 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-11 15:20:24 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-11 15:20:23 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-11 15:20:21 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-11 15:20:21 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-11 15:20:20 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-11 15:20:19 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-11 15:20:19 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-11 15:20:18 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-11 15:20:18 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-08 15:03:26 -------- d-sh--w- C:\found.001
2011-05-04 16:22:17 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-05-04 16:22:17 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-05-04 16:22:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-05-04 16:22:15 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-05-04 16:22:15 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-04-27 14:45:09 2871808 ----a-w- C:\Windows\explorer.exe
2011-04-27 14:45:08 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-04-27 14:45:06 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-04-27 14:45:05 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-04-21 14:19:57 -------- d-----w- C:\Program Files\iPod
2011-04-21 14:19:54 -------- d-----w- C:\Program Files\iTunes
2011-04-21 14:18:20 -------- d-----w- C:\Program Files\Bonjour
.
==================== Find3M ====================
.
2011-05-17 06:41:44 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-05-17 06:41:44 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-05-17 04:47:09 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2011-04-09 03:00:34 465920 ----a-w- C:\Windows\System32\itpcoin815.dll
2011-04-06 20:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 20:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 20:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 20:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 20:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 20:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 20:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 20:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-04-01 09:10:46 539232 ----a-w- C:\Windows\SysWow64\LVUI2RC.dll
2011-04-01 09:10:24 543328 ----a-w- C:\Windows\SysWow64\LVUI2.dll
2011-04-01 09:08:36 301664 ----a-w- C:\Windows\SysWow64\lvcodec2.dll
2011-04-01 09:07:54 4184672 ----a-w- C:\Windows\System32\drivers\lvuvc64.sys
2011-04-01 09:07:30 559712 ----a-w- C:\Windows\System32\LVUIRC64.dll
2011-04-01 09:07:08 767584 ----a-w- C:\Windows\System32\LVUI64.dll
2011-04-01 09:07:02 10877272 ----a-w- C:\Windows\SysWow64\LogiDPP.dll
2011-04-01 09:07:02 10877272 ----a-w- C:\Windows\System32\LogiDPP.dll
2011-04-01 09:07:02 102744 ----a-w- C:\Windows\SysWow64\LogiDPPApp.exe
2011-04-01 09:07:02 102744 ----a-w- C:\Windows\System32\LogiDPPApp.exe
2011-04-01 09:06:56 331608 ----a-w- C:\Windows\SysWow64\DevManagerCore.dll
2011-04-01 09:06:56 331608 ----a-w- C:\Windows\System32\DevManagerCore.dll
2011-04-01 09:06:22 341856 ----a-w- C:\Windows\System32\drivers\lvrs64.sys
2011-04-01 09:05:38 261728 ----a-w- C:\Windows\System32\lvco13251014.dll
2011-04-01 09:05:16 172128 ----a-w- C:\Windows\System32\lvcod64.dll
2011-04-01 09:04:32 23904 ----a-w- C:\Windows\System32\drivers\lvbflt64.sys
2011-04-01 08:56:20 39318 ----a-w- C:\Windows\System32\Repository.reg
2011-03-23 04:02:22 15192 ----a-w- C:\Windows\System32\drivers\iKeyLFT264.dll
2011-03-11 06:41:37 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:41:34 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:41:34 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:41:34 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:41:26 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:41:12 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:41:12 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:33:29 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:30:28 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:33:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:31:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-07 06:31:44 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-03-07 05:33:13 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-03-07 04:24:34 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-03-07 03:52:25 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-03-04 06:19:28 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19:27 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-23 04:56:31 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 04:55:12 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 04:55:12 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 04:55:04 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 12:03:46 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 09:00:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 06:30:46 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:34:54 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-18 20:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-18 20:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 10:56:44 613376 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-18 10:51:16 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-02-18 05:43:28 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-18 05:39:44 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
.
============= FINISH: 21:35:47.46 ===============
  • 0

#10
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/29/2010 2:46:26 PM
System Uptime: 5/17/2011 9:21:18 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0G3HR7
Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz | CPU 1 | 2801/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 689 GiB total, 541.247 GiB free.
D: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP62: 5/17/2011 2:34:55 AM - Windows 7 Service Pack 1
RP63: 5/17/2011 10:55:09 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.0.1)
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AIM 7
Apple Application Support
Apple Software Update
Auslogics Disk Defrag
BufferChm
C4700
CameraHelperMsi
Compatibility Pack for the 2007 Office system
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Destinations
DeviceDiscovery
DirectXInstallService
Download Updater (AOL LLC)
Dropbox
EMC 10 Content
erLT
FileHippo.com Update Checker
GoToAssist Corporate
GPBaseService2
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
Intel® Control Center
Intel® Rapid Storage Technology
Java Auto Updater
Java™ 6 Update 24
Java™ 6 Update 3
Juniper Networks Secure Application Manager
Juniper Networks Setup Client
Junk Mail filter update
LG USB Modem driver
Linksys EasyLink Advisor
LiveUpdate 3.3 (Symantec Corporation)
Logitech Vid HD
Logitech Webcam Software
LogMeIn
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes' Anti-Malware
MarketResearch
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Works
Mozilla Firefox 4.0.1 (x86 en-US)
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
OpenDNS Updater 2.2.1
PDF Settings
PowerDVD DX
PS_AIO_06_C4700_SW_Min
Pure Networks Platform
QuickTime
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
Skype™ 5.3
SmartWebPrinting
SolutionCenter
Sonic CinePlayer Decoder Pack
SpywareBlaster 4.4
Status
THX TruStudio PC
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Update Service
Viewpoint Media Player
WebReg
Windows Essentials Media Codec Pack 3.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
5/17/2011 9:24:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
5/17/2011 9:23:27 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.
5/17/2011 2:45:44 AM, Error: Service Control Manager [7034] - The UMVPFSrv service terminated unexpectedly. It has done this 1 time(s).
5/17/2011 2:02:19 AM, Error: Service Control Manager [7034] - The Online Armor service terminated unexpectedly. It has done this 1 time(s).
5/17/2011 10:49:46 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
5/16/2011 12:09:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
5/15/2011 8:50:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
5/15/2011 2:02:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
5/15/2011 1:59:17 AM, Error: Service Control Manager [7022] - The Security Center service hung on starting.
5/12/2011 11:26:00 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Jonathan-PC\Jonathan SID (S-1-5-21-295125538-460386852-33234567-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/11/2011 8:00:36 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
5/11/2011 6:28:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2529073).
5/11/2011 6:19:04 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2534366).
.
==== End Of File ===========================
  • 0

Advertisements


#11
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
-----------------------------
21:39:35.950 OS Version: Windows x64 6.1.7601 Service Pack 1
21:39:35.950 Number of processors: 8 586 0x1E05
21:39:35.950 ComputerName: JONATHAN-PC UserName: Jonathan
21:39:40.006 Initialize success
21:39:41.613 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:39:41.628 Disk 0 Vendor: ST375052 CC46 Size: 715404MB BusType: 8
21:39:41.628 Disk 0 MBR read successfully
21:39:41.628 Disk 0 MBR scan
21:39:41.628 Disk 0 Windows 7 default MBR code
21:39:41.644 Service scanning
21:39:42.783 Disk 0 trace - called modules:
21:39:42.798 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:39:42.798 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d8c790]
21:39:42.798 3 CLASSPNP.SYS[fffff88001ba743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004acd050]
21:39:42.798 Scan finished successfully
21:40:25.808 Disk 0 MBR has been saved successfully to "C:\Users\Jonathan\Desktop\MBR.dat"
21:40:25.808 The log file has been saved successfully to "C:\Users\Jonathan\Desktop\aswMBR.txt"
  • 0

#12
redcar92

redcar92

    Member

  • Member
  • PipPip
  • 69 posts
Greetings hospitaldoctor,

Your logs indicate that you have Peer-to-Peer software installed on your PC. :) Peer-to-Peer sites like uTorrent are a major source of malware problems. It is in your best interest to avoid the sites. I strongly recommend that you remove this program by:
  • Click Start
  • Click Control Panel
  • Click Add/Remove Programs
  • Select uTorrent
  • Click Remove
Note: Often removal questions are stated so as to dissuade you from removing the program, please be careful.
Should you decide to not remove Peer – to – Peer software, do not use it until we are done. Continued use of this software will eventually infect you again.

Next
***Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.***
Download Combofix from any of the links below. Save it to your desktop.

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.
  • Double click on ComboFix.exe & follow the prompts.

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

Logs to post:Combofix.txt
Were you able to remove uTorrent?
  • 0

#13
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
ComboFix 11-05-17.01 - Jonathan 05/17/2011 23:33:22.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4055.2995 [GMT -4:00]
Running from: c:\users\Jonathan\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\5744\Downloads\09c89f7c-3785-4562-bfa2-0294dad219cb.dll
c:\programdata\PCDr\5744\Downloads\211f2e06-18cf-4b15-8d16-613c14340779.dll
c:\programdata\PCDr\5744\Downloads\295a87df-c8df-47c1-8928-31d3bc55eae3.dll
c:\programdata\PCDr\5744\Downloads\7cfc7ddb-2ff0-41ad-a5d7-3e2c7c6da278.dll
c:\programdata\PCDr\5744\Downloads\9f7cb229-6226-4846-9375-1b73ad107c4e.dll
c:\programdata\PCDr\5744\Downloads\aad4193c-5f11-4479-83a6-e739206cb375.dll
c:\programdata\PCDr\5744\Downloads\ccb2bb33-3a38-4a93-93e7-871d4d9be0b6.dll
c:\programdata\PCDr\5744\Downloads\d57ca607-df9e-42be-b6e5-f975ebf2105b.dll
c:\programdata\PCDr\5744\Downloads\db49fe36-7c40-41f5-b9c1-5a7c3297c269.dll
c:\programdata\PCDr\5744\Downloads\e3d50fea-9128-4ef0-9ea5-b4d74186612f.dll
c:\programdata\PCDr\5744\Downloads\e87994e7-694e-4058-a64a-df23fd76e4df.dll
c:\users\Jonathan\GoToAssistDownloadHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-18 to 2011-05-18 )))))))))))))))))))))))))))))))
.
.
2011-05-18 03:37 . 2011-05-18 03:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 07:10 . 2011-05-17 07:10 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-17 06:35 . 2011-05-17 06:35 -------- d-----w- c:\windows\system32\SPReview
2011-05-17 06:34 . 2011-05-17 06:34 -------- d-----w- c:\windows\system32\EventProviders
2011-05-17 06:29 . 2010-11-20 13:33 299392 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-05-17 06:28 . 2010-11-20 12:21 1010688 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2011-05-17 06:27 . 2010-11-20 13:28 223248 ----a-w- c:\windows\system32\drivers\fvevol.sys
2011-05-17 06:26 . 2010-11-20 13:27 624128 ----a-w- c:\windows\system32\qedit.dll
2011-05-17 06:25 . 2010-11-20 13:24 373248 ----a-w- c:\windows\system32\intl.cpl
2011-05-17 06:24 . 2010-11-20 13:26 91648 ----a-w- c:\windows\system32\mapistub.dll
2011-05-17 06:23 . 2010-11-20 13:27 681472 ----a-w- c:\windows\system32\WUDFx.dll
2011-05-17 06:22 . 2010-11-20 12:20 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2011-05-17 06:21 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-05-17 06:21 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-05-17 06:21 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-05-17 06:21 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-05-17 06:18 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-05-17 06:18 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-05-17 06:18 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-05-17 06:18 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-05-17 06:18 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-05-17 06:17 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-05-17 06:17 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-05-17 04:45 . 2011-04-28 18:01 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-17 04:45 . 2011-04-28 18:01 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-05-17 04:45 . 2011-04-28 18:01 2145240 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-05-17 04:45 . 2011-04-28 18:01 465880 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-05-17 04:45 . 2011-04-28 18:01 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-05-17 04:45 . 2011-04-28 18:01 89048 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-05-17 04:45 . 2010-01-01 08:00 1974616 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-05-17 04:45 . 2010-01-01 08:00 1892184 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-05-17 04:41 . 2011-05-17 04:41 -------- d-----w- c:\program files (x86)\Common Files\Software Update Utility
2011-05-17 04:40 . 2011-05-17 04:40 -------- d-----w- c:\program files (x86)\Auslogics
2011-05-17 04:19 . 2011-05-17 04:19 -------- d-----w- c:\program files (x86)\FileHippo.com
2011-05-16 21:14 . 2011-05-17 04:39 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-16 03:33 . 2011-05-16 03:33 -------- d-----w- c:\users\Jonathan\AppData\Local\LogMeIn
2011-05-16 03:33 . 2011-03-01 16:12 60800 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll
2011-05-16 03:33 . 2011-03-01 16:12 33152 ----a-w- c:\windows\system32\LMIport.dll
2011-05-16 03:33 . 2011-03-01 16:12 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-05-16 03:33 . 2010-09-17 19:40 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2011-05-16 03:33 . 2011-03-01 16:12 80768 ----a-w- c:\windows\system32\LMIinit.dll
2011-05-16 03:33 . 2011-05-17 04:59 -------- d-----w- c:\programdata\LogMeIn
2011-05-16 03:33 . 2011-05-16 03:42 -------- d-----w- c:\program files (x86)\LogMeIn
2011-05-15 07:05 . 2011-05-16 15:21 -------- d-----r- c:\users\Jonathan\Dropbox
2011-05-15 07:04 . 2011-05-16 15:21 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Dropbox
2011-05-12 22:49 . 2011-05-12 22:49 53248 ----a-r- c:\users\Jonathan\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-12 22:37 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A003E1F8-B0A4-48DE-880D-00A50EEC9778}\mpengine.dll
2011-05-12 22:36 . 2011-05-12 22:36 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2011-05-12 22:33 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-12 22:33 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-05-12 22:33 . 2010-11-20 13:26 321024 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-12 22:33 . 2010-11-20 12:18 219136 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-05-12 22:31 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-12 22:31 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 15:20 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 15:20 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 15:20 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 15:20 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 15:20 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 15:20 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 15:20 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 15:20 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 15:20 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 15:20 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-08 15:03 . 2011-05-08 15:03 -------- d-----w- C:\found.001
2011-05-04 16:22 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-05-04 16:22 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-05-04 16:22 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-04 16:22 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-04 16:22 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-04-27 14:45 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-27 14:45 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-27 14:45 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 14:45 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-21 14:19 . 2011-04-21 14:19 -------- d-----w- c:\program files\iPod
2011-04-21 14:19 . 2011-04-21 14:20 -------- d-----w- c:\program files\iTunes
2011-04-21 14:18 . 2011-04-21 14:18 -------- d-----w- c:\program files\Bonjour
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-17 06:41 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-05-17 06:41 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-17 04:47 . 2010-12-21 19:24 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-09 03:00 . 2011-04-09 03:00 465920 ----a-w- c:\windows\system32\itpcoin815.dll
2011-04-06 20:26 . 2011-04-06 20:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:26 . 2011-04-06 20:26 69408 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:26 . 2011-04-06 20:26 237856 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:26 . 2011-04-06 20:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-04-01 09:10 . 2011-04-01 09:10 539232 ----a-w- c:\windows\SysWow64\LVUI2RC.dll
2011-04-01 09:10 . 2011-04-01 09:10 543328 ----a-w- c:\windows\SysWow64\LVUI2.dll
2011-04-01 09:08 . 2011-04-01 09:08 301664 ----a-w- c:\windows\SysWow64\lvcodec2.dll
2011-04-01 09:07 . 2011-04-01 09:07 4184672 ----a-w- c:\windows\system32\drivers\lvuvc64.sys
2011-04-01 09:07 . 2011-04-01 09:07 559712 ----a-w- c:\windows\system32\LVUIRC64.dll
2011-04-01 09:07 . 2011-04-01 09:07 767584 ----a-w- c:\windows\system32\LVUI64.dll
2011-04-01 09:07 . 2011-04-01 09:07 10877272 ----a-w- c:\windows\SysWow64\LogiDPP.dll
2011-04-01 09:07 . 2011-04-01 09:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-04-01 09:07 . 2011-04-01 09:07 102744 ----a-w- c:\windows\SysWow64\LogiDPPApp.exe
2011-04-01 09:07 . 2011-04-01 09:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-04-01 09:06 . 2011-04-01 09:06 331608 ----a-w- c:\windows\SysWow64\DevManagerCore.dll
2011-04-01 09:06 . 2011-04-01 09:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-04-01 09:06 . 2011-04-01 09:06 341856 ----a-w- c:\windows\system32\drivers\lvrs64.sys
2011-04-01 09:05 . 2011-04-01 09:05 261728 ----a-w- c:\windows\system32\lvco13251014.dll
2011-04-01 09:05 . 2011-04-01 09:05 172128 ----a-w- c:\windows\system32\lvcod64.dll
2011-04-01 09:04 . 2011-04-01 09:04 23904 ----a-w- c:\windows\system32\drivers\lvbflt64.sys
2011-04-01 08:56 . 2011-04-01 08:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-23 04:02 . 2011-03-23 04:02 15192 ----a-w- c:\windows\system32\drivers\iKeyLFT264.dll
2011-03-15 05:10 . 2010-06-24 16:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-11 06:34 . 2011-04-15 17:11 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-15 17:11 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-15 17:11 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-15 17:11 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:29 . 2011-04-15 16:40 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-15 16:40 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-07 06:31 . 2011-04-15 17:38 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-03-07 05:33 . 2011-04-15 17:38 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-07 04:24 . 2011-04-15 17:37 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-07 03:52 . 2011-04-15 17:38 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-04 06:19 . 2011-04-27 14:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-27 14:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-15 16:45 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-15 16:45 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-15 16:45 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-15 17:12 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:15 . 2011-04-15 07:18 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:38 . 2011-04-15 07:18 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 04:56 . 2011-04-15 06:18 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:56 . 2011-04-15 17:11 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 04:56 . 2011-04-15 17:11 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 04:55 . 2011-04-15 17:11 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:55 . 2011-04-15 06:18 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:55 . 2011-04-15 06:18 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:55 . 2011-04-15 06:18 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 12:03 . 2011-04-15 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 09:00 . 2011-04-15 16:52 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 06:30 . 2011-04-15 16:52 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:34 . 2011-04-15 16:52 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-18 20:36 . 2011-02-18 20:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 20:36 . 2011-02-18 20:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 10:56 . 2011-04-15 07:18 613376 ----a-w- c:\windows\system32\vbscript.dll
2011-02-18 05:43 . 2011-04-15 07:18 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"OpenDNS Updater"="c:\program files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-05-17 115560]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-12-29 560128]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LinksysUpdater;Linksys Updater;c:\program files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-06-26 204800]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 NEOFLTR_650_16789;Juniper Networks TDI Filter Driver (NEOFLTR_650_16789);c:\windows\system32\Drivers\NEOFLTR_650_16789.SYS [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-03-01 373640]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 136824]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-31 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]
.
2011-05-18 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-07 8158240]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1860496]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {A3CC3618-63E5-4287-BE5F-6C6043DBF78D} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uaqss536.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{22e03916-85c5-44b0-8dc9-1830c11238d9} - (no file)
Toolbar-Locked - (no file)
SafeBoot-Symantec Antvirus
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{22E03916-85C5-44B0-8DC9-1830C11238D9} - (no file)
AddRemove-Windows Essentials Media Codec Pack - c:\program files (x86)\Essentials Codec Pack\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Swearware\backup\winsock2\Parameters]
@DACL=(02 0000)
@SACL=
"NameSpace_Callout"=expand:"%SystemRoot%\\System32\\fwpuclnt.dll"
"WinSock_Registry_Version"="2.0"
"AutodialDLL"="rasadhlp.dll"
"Current_NameSpace_Catalog"="NameSpace_Catalog5"
"Current_Protocol_Catalog"="Protocol_Catalog9"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-17 23:39:33
ComboFix-quarantined-files.txt 2011-05-18 03:39
.
Pre-Run: 580,098,068,480 bytes free
Post-Run: 579,779,256,320 bytes free
.
- - End Of File - - 98EAEA1706B6892A39C991A1645BE992
  • 0

#14
redcar92

redcar92

    Member

  • Member
  • PipPip
  • 69 posts
Greetings hospitaldoctor,
To answer your questions about firewalls, you only want one software firewall running on your PC, using 2 can have adverse affects. I see that you have a desktop so you probably will not be using public hotppots.
On this basis the Windows firewall or the one that comes with Symantec Endpoint Protection are adequate and will do a superb job for you.
Be sure to check your firewall status by clicking on Control Panel then Windows Firewall. Firewalls all do about the same job so I can not recommend one over the other. Here are some free firewall we do recommend:
Zone Alarm http://www.zonealarm...gn=FreeFirewall
Comodo http://personalfirew...e-download.html
Online Armor http://www.online-ar...-armor-free.php
If you use a router, the Windows Firewall will use the least resources and give excellent protection.

Next
I see that you have Malwarebytes installed on your PC.
  • Run Malwarebytes by right clicking and select Run as Administrator
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    Copy&Paste the entire report in your next reply.

Next
Please use Internet Explorer to download and run the following scan: Eset Online Scanner
  • Place a check mark in the box YES, I accept the Terms Of Use
  • Click the Start button.
  • Now click the Install button.
  • Click Start. The scanner engine will initialize and update.
  • Do Not place a check mark in the box beside Remove found threats.
  • Click the Scan button. The scan will now run, please be patient.
  • When the scan finishes if there are any infections you will see a List of found threats.
  • Click Export to text file
  • Copy and paste the contents of the C:\Program Files\ESET\log.txt into your next reply.
  • If no threats are found there will be no list, this is good, just tell me that no threats were found.

Logs to post:
  • Malwarebyte.txt
  • Results of ESET Scan

  • 0

#15
hospitaldoctor

hospitaldoctor

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 318 posts
Do I need to disable Symantec antivirus when I run Eset?
Thanks
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP