Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Removed "Fedex" virus (I hope), now left with blank desktop, m

Started by MartineSutera , Oct 14 2011 04:17 PM

  • Please log in to reply

#1
MartineSutera
Posted 14 October 2011 - 04:17 PM

MartineSutera

    New Member

  • Member
  • Pip
  • 1 posts
First, this is my fourth time using geekstogo...a lifesaver...so thank you in advance. I'm expecting a new laptop from work and stupidly opened the "Fedex Customer Service" virus (whatever it's called). Ran Malwarebytes a couple of times, SUPERAntispyware and CWShredder, and have hopefully removed it. Now I have a blank desktop, missing "favorites" in IE, missing documents, etc. I'm leaving Sunday afternoon for a work trip and need my laptop working! So thank you, thank you, thank you for your help!!! My OTL log is below:

OTL logfile created on: 10/14/2011 6:04:49 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\msutera\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.24 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 59.46% Memory free
6.48 Gb Paging File | 4.87 Gb Available in Paging File | 75.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 230.11 Gb Total Space | 198.25 Gb Free Space | 86.15% Space Free | Partition Type: NTFS
Drive D: | 2.00 Gb Total Space | 1.87 Gb Free Space | 93.42% Space Free | Partition Type: NTFS
Drive E: | 702.82 Mb Total Space | 129.40 Mb Free Space | 18.41% Space Free | Partition Type: UDF

Computer Name: MSUTERAM4500 | User Name: msutera | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/14 18:04:23 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\msutera\Downloads\OTL.exe
PRC - [2011/10/12 12:18:01 | 004,615,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/09/27 09:01:34 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/07/29 08:55:39 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/07/22 10:50:45 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\723\g2mstart.exe
PRC - [2011/07/22 10:50:45 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\723\g2mlauncher.exe
PRC - [2011/07/22 10:50:45 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMeeting\723\g2mcomm.exe
PRC - [2011/07/16 00:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/20 15:13:28 | 000,533,800 | ---- | M] () -- C:\Program Files\Backblaze\bzbui.exe
PRC - [2011/05/20 15:13:27 | 000,269,096 | ---- | M] () -- C:\Program Files\Backblaze\bzserv.exe
PRC - [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/09 15:30:20 | 000,472,432 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/08/27 02:56:40 | 000,660,848 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2010/08/24 17:51:50 | 000,388,464 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
PRC - [2010/08/13 18:35:46 | 000,959,824 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
PRC - [2010/07/29 04:19:24 | 001,358,160 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
PRC - [2010/07/29 04:13:46 | 001,316,176 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
PRC - [2010/07/21 17:01:38 | 000,147,840 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2010/07/07 17:59:22 | 000,054,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010/07/05 14:51:30 | 000,345,424 | ---- | M] () -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2010/06/22 12:33:38 | 000,034,232 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2010/05/31 18:17:06 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/05/26 07:54:36 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/05/26 07:54:32 | 000,245,842 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2010/05/26 07:53:26 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe
PRC - [2010/05/04 17:06:34 | 000,327,680 | -H-- | M] (DeviceVM, Inc.) -- D:\Program Files\Dell\Reader 2.1\DVMExportService.exe
PRC - [2010/05/04 17:06:34 | 000,147,456 | -H-- | M] (DeviceVM, Inc.) -- D:\Program Files\Dell\Reader 2.1\DellBtrEvent.exe
PRC - [2010/03/29 13:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2010/03/24 01:09:28 | 000,812,448 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2010/03/24 01:09:28 | 000,027,040 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2010/03/12 11:42:02 | 000,462,993 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/03/03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/17 19:34:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010/02/02 09:20:46 | 000,040,960 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
PRC - [2010/02/02 09:20:44 | 005,249,024 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
PRC - [2010/02/02 09:19:10 | 004,539,392 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
PRC - [2010/01/10 13:01:26 | 000,060,928 | ---- | M] () -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
PRC - [2009/12/29 17:35:50 | 000,083,456 | ---- | M] () -- C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
PRC - [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/12/08 10:14:28 | 005,241,448 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
PRC - [2009/11/23 19:17:34 | 000,329,976 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files\QUALCOMM\QDLService2k\QDLService2kDell.exe
PRC - [2009/07/15 21:37:18 | 000,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/05/15 23:44:06 | 000,435,584 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/14 17:43:45 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/10/14 17:43:45 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/10/14 15:00:07 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/10/14 15:00:07 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/10/13 03:28:49 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll
MOD - [2011/10/13 03:28:48 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\cf95add46bfba066f035bd78f6e21d86\IAStorUtil.ni.dll
MOD - [2011/10/13 03:25:34 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011/10/13 03:25:26 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011/10/13 03:25:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011/10/13 03:25:06 | 011,807,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5a95ba97100404e2ab26b5a9ab9ef965\System.Web.ni.dll
MOD - [2011/10/13 03:24:59 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011/10/13 03:24:55 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011/10/13 03:24:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011/10/13 03:24:45 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011/10/13 03:24:32 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/05/20 15:13:28 | 000,533,800 | ---- | M] () -- C:\Program Files\Backblaze\bzbui.exe
MOD - [2010/10/29 19:03:25 | 000,046,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.460.18066__f25c74fcad379103\Status Lib.dll
MOD - [2010/10/29 19:03:25 | 000,014,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.460.18065__4ca2a925deedf37d\StatusInterfaces.dll
MOD - [2010/03/02 13:46:38 | 000,010,752 | ---- | M] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
MOD - [2010/01/19 13:44:30 | 000,249,856 | ---- | M] () -- C:\Windows\System32\wxvault.dll
MOD - [2008/11/12 14:24:40 | 000,004,608 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/05/20 15:13:27 | 000,269,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Backblaze\bzserv.exe -- (bzserv)
SRV - [2011/01/22 21:17:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/27 02:56:40 | 000,660,848 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/08/24 17:51:50 | 000,388,464 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2010/07/29 04:19:24 | 001,358,160 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe -- (tmlisten)
SRV - [2010/07/29 04:13:46 | 001,316,176 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe -- (ntrtscan)
SRV - [2010/07/05 14:51:30 | 000,345,424 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2010/05/26 07:54:32 | 000,245,842 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2010/05/26 07:53:26 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters)
SRV - [2010/05/04 17:06:34 | 000,327,680 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- D:\Program Files\Dell\Reader 2.1\DVMExportService.exe -- (DvmMDES)
SRV - [2010/03/29 13:45:48 | 001,164,648 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2010/03/24 01:09:28 | 000,812,448 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2010/03/24 01:09:28 | 000,027,040 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2010/03/03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/02/03 18:24:20 | 001,032,192 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2010/02/02 09:20:46 | 000,040,960 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2010/01/10 13:01:26 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/12/29 17:35:50 | 000,083,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService)
SRV - [2009/12/08 10:14:28 | 005,241,448 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV - [2009/11/23 19:17:34 | 000,329,976 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files\QUALCOMM\QDLService2k\QDLService2kDell.exe -- (QDLService2kDell) Qualcomm Gobi 2000 Download Service (Dell)
SRV - [2009/07/15 21:37:18 | 000,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/12 14:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/10/29 21:32:18 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/29 21:32:14 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/10/29 21:32:14 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/10/29 21:32:13 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/08/30 22:26:34 | 000,257,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/08/27 02:33:30 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2010/07/08 22:43:52 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HECI.sys -- (HECI) Intel®
DRV - [2010/06/15 15:26:56 | 000,067,664 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tmactmon.sys -- (tmactmon)
DRV - [2010/06/15 15:26:20 | 000,057,424 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/06/15 15:25:42 | 000,177,232 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\DRIVERS\tmcomm.sys -- (tmcomm)
DRV - [2010/05/26 07:54:38 | 000,424,448 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010/05/04 17:06:34 | 000,018,320 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- D:\Program Files\Dell\Reader 2.1\dvmio.sys -- (DVMIO)
DRV - [2010/04/16 23:41:02 | 009,935,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/04/06 04:36:20 | 000,224,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel®
DRV - [2010/03/21 15:25:04 | 000,059,904 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2010/03/21 15:25:04 | 000,048,640 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rimspe86.sys -- (rimspci)
DRV - [2010/03/21 15:25:04 | 000,038,912 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rixdpe86.sys -- (rixdpcie)
DRV - [2010/02/03 01:10:32 | 000,030,880 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2010/02/02 09:18:24 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2010/01/28 11:25:04 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/01/19 13:46:44 | 000,229,888 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2010/01/18 08:56:26 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelern.sys -- (Acceler)
DRV - [2010/01/18 08:56:26 | 000,017,072 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\stdfltn.sys -- (stdflt)
DRV - [2009/12/04 20:39:06 | 000,230,928 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmxpflt.sys -- (TmFilter)
DRV - [2009/12/04 20:38:18 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2009/12/04 20:05:06 | 001,322,680 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\vsapint.sys -- (VSApiNt)
DRV - [2009/12/02 17:56:58 | 000,201,728 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcusbnetdl2k.sys -- (qcusbnetdl2k) Gobi 2000 USB-NDIS miniport(413C-8186)
DRV - [2009/12/02 17:56:58 | 000,106,368 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcusbserdl2k.sys -- (qcusbserdl2k) Gobi 2000 USB Device for Legacy Serial Communication(413C-8186)
DRV - [2009/12/02 17:56:58 | 000,005,248 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcfilterdl2k.sys -- (qcfilterdl2k) Gobi 2000 USB Composite Device Filter Driver(413C-8186)
DRV - [2009/12/01 13:49:51 | 000,295,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009/10/30 18:51:14 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/10/26 16:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/16 17:07:42 | 000,144,576 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/07/15 21:37:40 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/05/28 11:48:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PBADRV.sys -- (PBADRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USREL/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\OfficeScan Client\bho\1007\FirefoxExtension [2010/11/12 13:42:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/04/08 09:59:34 | 000,000,000 | -H-D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2011/10/14 17:41:54 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\OfficeScan Client\bho\1007\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellBtrEvent] D:\Program Files\Dell\Reader 2.1\DellBtrEvent.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Backblaze] C:\Program Files\Backblaze\bzbui.exe ()
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files\Citrix\GoToMeeting\723\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\msutera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\msutera\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: symantec.com ([sspr.symc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: symantec.com ([symlearn.ges] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://reedelsevier...ex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.clear...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = corp.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4358C9B6-9D8C-47C9-A04D-F33B2F98F6C0}: DhcpNameServer = 12.229.246.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75A07F34-CA9E-4F80-A95D-4029B625C862}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\bho\1007\TmIEPlg.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Authentication Packages - (wvauth) -C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/14 15:00:01 | 000,000,000 | ---D | C] -- C:\Users\msutera\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/14 14:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/14 14:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/14 14:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/10/14 14:49:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/10/14 13:49:07 | 000,000,000 | ---D | C] -- C:\Users\msutera\AppData\Roaming\Malwarebytes
[2011/10/14 13:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/14 13:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/14 13:49:00 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/10/14 13:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/14 12:17:59 | 000,000,000 | -H-D | C] -- C:\Users\msutera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore

========== Files - Modified Within 30 Days ==========

[2011/10/14 17:55:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/14 17:50:24 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/14 17:50:24 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/14 17:50:06 | 000,891,002 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/14 17:50:06 | 000,192,048 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/14 17:43:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/14 17:43:26 | 000,000,031 | ---- | M] () -- C:\tmuninst.ini
[2011/10/14 17:43:02 | 2609,246,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/14 14:59:23 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/14 14:49:20 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/10/14 13:49:04 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/14 12:18:00 | 000,000,683 | -H-- | M] () -- C:\Users\msutera\Application Data\Microsoft\Internet Explorer\Quick Launch\System Restore.lnk
[2011/10/14 12:18:00 | 000,000,659 | -H-- | M] () -- C:\Users\msutera\Desktop\System Restore.lnk
[2011/10/14 12:13:01 | 000,014,657 | ---- | M] () -- C:\Windows\cfgall.ini
[2011/10/14 08:12:04 | 000,000,000 | -H-- | M] () -- C:\Users\msutera\AppData\Local\WavXMapDrive.bat
[2011/10/14 08:11:50 | 000,001,413 | -H-- | M] () -- C:\Users\msutera\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/13 20:53:29 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/10/13 03:23:15 | 000,420,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/10/14 14:59:23 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/10/14 14:49:20 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/10/14 13:49:04 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/14 12:18:00 | 000,000,683 | -H-- | C] () -- C:\Users\msutera\Application Data\Microsoft\Internet Explorer\Quick Launch\System Restore.lnk
[2011/10/14 12:18:00 | 000,000,659 | -H-- | C] () -- C:\Users\msutera\Desktop\System Restore.lnk
[2011/10/13 20:53:29 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/01/12 17:02:40 | 000,002,412 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/01/12 15:10:28 | 000,000,000 | -H-- | C] () -- C:\Users\msutera\AppData\Local\WavXMapDrive.bat
[2010/11/12 13:42:51 | 000,014,657 | ---- | C] () -- C:\Windows\cfgall.ini
[2010/10/29 20:37:49 | 001,731,176 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll
[2010/10/29 20:37:49 | 001,657,448 | ---- | C] () -- C:\Windows\System32\nwiz.exe
[2010/10/29 20:37:49 | 001,612,392 | ---- | C] () -- C:\Windows\System32\nView.dll
[2010/10/29 20:37:49 | 001,108,584 | ---- | C] () -- C:\Windows\System32\nvwimg.dll
[2010/10/29 20:37:49 | 000,473,704 | ---- | C] () -- C:\Windows\System32\nvShell.dll
[2010/10/29 20:37:49 | 000,449,128 | ---- | C] () -- C:\Windows\System32\nvAppBar.exe
[2010/10/29 20:37:49 | 000,262,248 | ---- | C] () -- C:\Windows\System32\nViewSetup.exe
[2010/10/29 18:58:40 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/10/29 18:52:25 | 000,308,624 | ---- | C] () -- C:\Windows\System32\brcmbsp.dll
[2010/10/29 18:52:25 | 000,206,216 | ---- | C] () -- C:\Windows\System32\bipbsp.dll
[2010/10/29 18:51:24 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll
[2010/04/17 02:02:42 | 000,040,588 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2010/03/02 13:46:38 | 000,010,752 | ---- | C] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
[2010/02/05 11:08:16 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2010/02/04 12:18:22 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_th.dll
[2010/02/04 12:18:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-HK.dll
[2010/02/04 12:18:20 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_sl.dll
[2010/02/04 12:18:18 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_sk.dll
[2010/02/04 12:18:18 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_hr.dll
[2010/02/04 12:18:12 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_ro.dll
[2010/02/04 12:18:12 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_tr.dll
[2010/02/04 12:18:10 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pt-BR.dll
[2010/02/04 12:18:10 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_hu.dll
[2010/02/04 12:18:08 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_fi.dll
[2010/02/04 12:18:08 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_he.dll
[2010/02/04 12:18:06 | 000,106,496 | ---- | C] () -- C:\Windows\System32\Internationalization_el.dll
[2010/02/04 12:18:06 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_cs.dll
[2010/02/04 12:18:04 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_ar.dll
[2010/02/04 12:18:04 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHT.dll
[2010/02/04 12:18:02 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHS.dll
[2010/02/04 12:18:00 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_sv.dll
[2010/02/04 12:18:00 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_ru.dll
[2010/02/04 12:17:58 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pt.dll
[2010/02/04 12:17:58 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pl.dll
[2010/02/04 12:17:56 | 000,106,496 | ---- | C] () -- C:\Windows\System32\Internationalization_nl.dll
[2010/02/04 12:17:56 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_no.dll
[2010/02/04 12:17:54 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ko.dll
[2010/02/04 12:17:54 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ja.dll
[2010/02/04 12:17:52 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_it.dll
[2010/02/04 12:17:50 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_fr.dll
[2010/02/04 12:17:50 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_es.dll
[2010/02/04 12:17:48 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_de.dll
[2010/02/04 12:17:46 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_da.dll
[2010/01/19 13:44:30 | 000,249,856 | ---- | C] () -- C:\Windows\System32\wxvault.dll
[2009/11/06 16:27:22 | 000,839,680 | ---- | C] () -- C:\Windows\System32\DemoLicense.dll
[2009/08/26 17:25:08 | 000,917,504 | ---- | C] () -- C:\Windows\System32\lmgr10.dll
[2009/07/14 00:33:53 | 000,420,064 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,891,002 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,192,048 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/06 18:11:50 | 000,067,664 | ---- | C] () -- C:\Windows\System32\drivers\tmactmon.sys
[2009/07/06 18:11:46 | 000,057,424 | ---- | C] () -- C:\Windows\System32\drivers\tmevtmgr.sys
[2009/07/06 18:11:12 | 000,177,232 | ---- | C] () -- C:\Windows\System32\drivers\tmcomm.sys
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/03/25 10:46:00 | 000,077,536 | ---- | C] () -- C:\Windows\System32\xltZlib.dll
[2006/06/30 13:58:44 | 000,176,128 | ---- | C] () -- C:\Windows\System32\bioapi_mds300.dll
[2006/06/30 13:58:44 | 000,126,976 | ---- | C] () -- C:\Windows\System32\bioapi100.dll

========== LOP Check ==========

[2011/01/12 15:10:39 | 000,000,000 | -H-D | M] -- C:\Users\msutera\AppData\Roaming\Broadcom
[2011/10/14 08:12:39 | 000,000,000 | -H-D | M] -- C:\Users\msutera\AppData\Roaming\Dropbox
[2011/01/12 15:22:57 | 000,000,000 | -H-D | M] -- C:\Users\msutera\AppData\Roaming\Juniper Networks
[2011/06/22 09:20:45 | 000,000,000 | -H-D | M] -- C:\Users\msutera\AppData\Roaming\Trillian
[2011/01/12 15:10:39 | 000,000,000 | -H-D | M] -- C:\Users\msutera\AppData\Roaming\Wave Systems Corp
[2011/08/24 13:29:04 | 000,000,000 | -H-D | M] -- C:\Users\msutera\AppData\Roaming\webex
[2011/10/14 13:55:52 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP