Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't connect to Internet - Malware-related? [Solved]


  • This topic is locked This topic is locked

#16
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
OTL logfile created on: 6/24/2012 12:04:32 PM - Run 4
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\Bantas\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.04% Memory free
4.23 Gb Paging File | 3.12 Gb Available in Paging File | 73.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.28 Gb Total Space | 42.72 Gb Free Space | 19.40% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.05 Gb Free Space | 60.46% Space Free | Partition Type: NTFS
Drive F: | 3.94 Gb Total Space | 1.23 Gb Free Space | 31.33% Space Free | Partition Type: FAT

Computer Name: BANTAS-LAPTOP | User Name: Bantas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/23 09:38:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bantas\Desktop\OTL.exe
PRC - [2012/06/14 23:21:24 | 000,200,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2012/06/14 23:21:24 | 000,142,952 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2012/02/27 09:44:06 | 001,006,864 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2012/02/27 09:44:06 | 000,133,424 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2011/04/08 08:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/05/27 12:56:26 | 000,389,120 | R--- | M] (Teleca) -- C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
PRC - [2010/04/12 00:35:49 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/03/17 16:22:52 | 001,019,904 | R--- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
PRC - [2010/03/17 16:08:22 | 000,253,952 | R--- | M] (TODO: <Company name>) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
PRC - [2010/03/17 16:08:04 | 000,462,848 | R--- | M] (Teleca AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
PRC - [2010/01/12 10:07:44 | 000,033,792 | ---- | M] (Palm) -- C:\Program Files\Palm, Inc\novacom\x86\novacomd.exe
PRC - [2009/12/11 15:50:34 | 000,557,056 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2009/09/12 23:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 23:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/06/03 10:25:16 | 000,106,496 | R--- | M] (Popwire AB) -- C:\Program Files\Common Files\Teleca Shared\logger.exe
PRC - [2009/04/14 13:14:26 | 000,139,264 | ---- | M] (Teleca Sweden AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/27 09:12:54 | 000,455,112 | ---- | M] (Blockbuster) -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe
PRC - [2009/03/27 09:12:28 | 001,867,720 | ---- | M] (Blockbuster) -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
PRC - [2009/01/27 16:18:12 | 000,425,472 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/01/27 16:05:46 | 000,315,392 | ---- | M] (TiVo Inc.) -- C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
PRC - [2009/01/27 16:03:54 | 000,520,192 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TranscodingService.exe
PRC - [2008/05/02 15:44:42 | 000,130,864 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
PRC - [2008/05/02 15:44:42 | 000,094,000 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2008/05/02 15:44:40 | 000,294,440 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2008/05/02 15:44:40 | 000,188,456 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/08/21 01:48:34 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/06/25 21:17:04 | 000,537,840 | ---- | M] ( ) -- C:\Windows\System32\dlbkcoms.exe
PRC - [2007/06/25 01:17:04 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/06/25 01:17:00 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/05/09 17:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/04/18 00:48:18 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/04/17 23:31:58 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/02/20 14:29:00 | 000,679,936 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\SetPoint.exe
PRC - [2007/02/20 14:01:12 | 001,125,088 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/01/11 20:15:00 | 000,101,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe
PRC - [2006/11/27 10:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/03 18:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/03 18:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/09/08 19:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2006/09/08 19:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 23:21:24 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2012/06/14 23:21:24 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/04/12 00:35:49 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2010/03/31 10:08:50 | 000,240,552 | R--- | M] () -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\fsync.dll
MOD - [2010/03/31 10:08:50 | 000,240,552 | R--- | M] () -- C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\fsync.dll
MOD - [2010/03/17 16:20:30 | 000,139,264 | R--- | M] () -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\tcpsock_object.dll
MOD - [2008/12/22 14:54:24 | 000,425,984 | ---- | M] () -- C:\Program Files\TiVo\Desktop\libmatroska.dll
MOD - [2008/12/22 13:49:50 | 000,188,416 | ---- | M] () -- C:\Program Files\TiVo\Desktop\libebml.dll
MOD - [2007/02/20 14:01:18 | 000,105,184 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2006/11/20 14:29:10 | 000,101,376 | ---- | M] () -- C:\Windows\System32\APOMngr.dll
MOD - [2006/11/13 11:07:34 | 000,066,560 | ---- | M] () -- C:\Windows\System32\CmdRtr.dll
MOD - [2006/11/03 18:25:56 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2003/01/30 06:04:00 | 000,618,496 | ---- | M] () -- C:\Program Files\TiVo\Desktop\StlpMt45.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2012/06/09 23:30:25 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/01/12 10:07:44 | 000,033,792 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files\Palm, Inc\novacom\x86\novacomd.exe -- (NovacomD)
SRV - [2009/07/20 13:57:06 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/03/27 09:12:28 | 001,867,720 | ---- | M] (Blockbuster) [Auto | Running] -- C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe -- (Movielink Core Service)
SRV - [2008/05/02 15:44:40 | 000,188,456 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/21 01:48:34 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2007/06/25 21:17:04 | 000,537,840 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbkcoms.exe -- (dlbk_device)
SRV - [2007/06/25 01:17:00 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mrtRate)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/06/14 23:21:31 | 000,205,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2012/06/14 23:21:31 | 000,092,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2012/06/14 23:21:31 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2012/06/14 23:21:31 | 000,068,368 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/11/19 00:02:10 | 000,052,824 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stdriver32.sys -- (stdriver)
DRV - [2009/06/16 15:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/06/10 00:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2007/10/10 17:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/06/25 01:17:04 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/20 23:10:02 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2007/06/20 23:10:02 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3xx USB Smart Card Reader)
DRV - [2007/04/12 20:02:56 | 000,157,184 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/05 22:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/01/11 20:15:16 | 000,032,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/01/11 20:15:06 | 000,032,272 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006/11/27 03:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 03:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 03:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 08:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 04:51:27 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/08/17 08:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/04/12 19:21:32 | 000,022,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2005/04/12 19:21:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2005/04/12 19:21:28 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2005/04/12 19:21:26 | 000,045,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Bantas\Desktop
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\SearchScopes\{6b0d4c9d-c6eb-4a9a-981c-ac3f9d8373c0}: "URL" = http://search.xfinit...q={searchTerms}
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\SearchScopes\Comcast: "URL" = http://search.xfinit...art_tech_search
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Bantas\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bantas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bantas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bantas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\firefoxextension [2012/06/17 16:42:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2012/06/14 23:43:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/06/17 16:42:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Bantas\AppData\Roaming\Move Networks [2009/11/22 10:37:17 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bantas\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bantas\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bantas\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bantas\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Users\Bantas\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.2.0.1035_0\npToolbarChrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bantas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Bantas\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: TrendMicro Toolbar = C:\Users\Bantas\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.2.0.1035_0\

O1 HOSTS File: ([2012/06/17 18:51:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\System32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LoadMSvcmm] C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\Movielink User.exe (Blockbuster)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\TranscodingService.exe (TiVo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..Trusted Domains: navy.mil ([webmail.east.nmci] https in Trusted sites)
O15 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..Trusted Domains: navy.mil ([webmail.nmci] https in Trusted sites)
O15 - HKU\S-1-5-21-2179227837-3419367426-1334409123-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8A7B05A-A01C-4D07-AC53-6A05B3B89030}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCEAB79D-8543-4FC6-89A2-A09FCCBE1D3B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/24 10:04:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/24 10:01:46 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Bantas\Desktop\erunt_setup.exe
[2012/06/23 10:45:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Bantas\Desktop\OTL.exe
[2012/06/23 10:45:14 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Bantas\Desktop\aswMBR.exe
[2012/06/17 19:11:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/17 18:52:06 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/06/17 18:30:46 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/06/14 23:44:49 | 000,000,000 | ---D | C] -- C:\Users\Bantas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security 2012
[2012/06/14 23:44:02 | 000,092,432 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmtdi.sys
[2012/06/14 23:44:00 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2012/06/14 23:44:00 | 000,081,168 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmactmon.sys
[2012/06/14 23:44:00 | 000,068,368 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmevtmgr.sys
[2012/06/14 20:21:54 | 000,000,000 | ---D | C] -- C:\found.000
[2012/06/10 08:25:58 | 000,000,000 | ---D | C] -- C:\Users\Bantas\Desktop\Afg Trip 2
[2012/06/10 07:39:36 | 000,000,000 | ---D | C] -- C:\Users\Bantas\Desktop\Afg Trip

========== Files - Modified Within 30 Days ==========

[2012/06/24 12:14:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/24 12:09:29 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/24 12:00:53 | 000,150,910 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/06/24 12:00:33 | 000,150,910 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/06/24 12:00:30 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/24 11:54:08 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/24 11:54:08 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/24 11:54:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/24 11:54:02 | 2145,583,104 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/24 11:52:47 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/06/24 11:50:24 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2179227837-3419367426-1334409123-1000UA.job
[2012/06/24 09:58:08 | 000,000,745 | ---- | M] () -- C:\Users\Bantas\Desktop\services.zip
[2012/06/24 09:57:14 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Bantas\Desktop\erunt_setup.exe
[2012/06/23 22:50:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2179227837-3419367426-1334409123-1000Core.job
[2012/06/23 12:27:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/06/23 11:06:10 | 000,000,512 | ---- | M] () -- C:\Users\Bantas\Desktop\MBR.dat
[2012/06/23 10:46:56 | 005,422,282 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/23 10:46:56 | 001,826,670 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/23 09:44:04 | 000,340,609 | ---- | M] () -- C:\Users\Bantas\Desktop\FSS.exe
[2012/06/23 09:43:00 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Bantas\Desktop\aswMBR.exe
[2012/06/23 09:38:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bantas\Desktop\OTL.exe
[2012/06/17 18:51:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/06/14 23:45:05 | 000,001,149 | ---- | M] () -- C:\Users\Bantas\Desktop\Trend Micro Titanium Maximum Security 2012.lnk
[2012/06/14 23:41:54 | 000,000,056 | ---- | M] () -- C:\Windows\System32\SupportTool.exe.bat
[2012/06/14 23:21:31 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2012/06/14 23:21:31 | 000,092,432 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmtdi.sys
[2012/06/14 23:21:31 | 000,081,168 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmactmon.sys
[2012/06/14 23:21:31 | 000,068,368 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmevtmgr.sys
[2012/06/14 03:34:43 | 000,298,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/12 23:53:30 | 000,007,808 | ---- | M] () -- C:\Users\Bantas\AppData\Local\d3d9caps.dat
[2012/06/11 21:55:01 | 000,002,094 | ---- | M] () -- C:\Users\Bantas\Desktop\Google Chrome.lnk
[2012/06/10 08:57:09 | 000,000,121 | ---- | M] () -- C:\Windows\disney.ini
[2012/06/03 21:03:46 | 000,002,609 | ---- | M] () -- C:\Users\Bantas\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk

========== Files Created - No Company Name ==========

[2012/06/24 10:01:46 | 000,000,745 | ---- | C] () -- C:\Users\Bantas\Desktop\services.zip
[2012/06/23 11:06:10 | 000,000,512 | ---- | C] () -- C:\Users\Bantas\Desktop\MBR.dat
[2012/06/23 10:45:16 | 000,340,609 | ---- | C] () -- C:\Users\Bantas\Desktop\FSS.exe
[2012/06/14 23:44:49 | 000,001,149 | ---- | C] () -- C:\Users\Bantas\Desktop\Trend Micro Titanium Maximum Security 2012.lnk
[2011/11/25 13:58:20 | 000,000,056 | ---- | C] () -- C:\Windows\System32\SupportTool.exe.bat
[2011/11/25 13:58:12 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/12/28 23:05:10 | 000,129,320 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/03/11 14:19:41 | 002,780,171 | ---- | C] () -- C:\Users\Bantas\en[1].pdf
[2009/10/25 12:33:23 | 000,150,910 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/25 12:33:23 | 000,150,910 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/03 05:53:14 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/03 19:52:54 | 000,007,808 | ---- | C] () -- C:\Users\Bantas\AppData\Local\d3d9caps.dat
[2008/02/07 21:22:14 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007/12/23 21:20:59 | 000,000,000 | ---- | C] () -- C:\Users\Bantas\AppData\Local\rx_image.Cache
[2007/08/27 13:12:05 | 000,087,622 | ---- | C] () -- C:\Users\Bantas\AppData\Roaming\nvModes.001
[2007/08/27 12:44:45 | 000,087,622 | ---- | C] () -- C:\Users\Bantas\AppData\Roaming\nvModes.dat
[2007/08/26 14:29:39 | 000,104,960 | ---- | C] () -- C:\Users\Bantas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/04/21 20:52:35 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\Audacity
[2010/11/28 18:47:39 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\CanuckSoftware
[2008/04/19 11:47:24 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\Disney Interactive Studios
[2011/02/21 11:42:16 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\EuroTalk
[2010/01/01 20:36:42 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\HandBrake
[2012/05/14 16:45:23 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\ICAClient
[2008/04/19 11:44:34 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\Leadertech
[2008/01/25 00:55:38 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\MusicNet
[2012/04/15 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\NCH Swift Sound
[2010/02/06 19:25:18 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\Recordpad
[2011/11/03 16:09:19 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\Smilebox
[2009/07/26 16:21:35 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\SPORE Creature Creator
[2010/08/06 16:48:35 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\TechWizard
[2011/04/18 22:09:26 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\Teleca
[2009/12/22 23:41:42 | 000,000,000 | ---D | M] -- C:\Users\Bantas\AppData\Roaming\tmp
[2012/06/14 12:25:39 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\ICAClient
[2012/06/14 12:26:03 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Teleca
[2012/06/24 11:52:50 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#17
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Farbar Service Scanner Version: 22-06-2012 01
Ran by Bantas (administrator) on 24-06-2012 at 13:40:05
Running from "C:\Users\Bantas\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 00:38] - [2012-03-30 08:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-06-13 22:22] - [2012-04-23 12:00] - 0133120 ____A (Microsoft Corporation) 75C6A297E364014840B48ECCD7525E30

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#18
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

Click the Start button and type cmd.exe into the search box. Click on the program in the list.
Copy and paste the following commands into the black box and press Enter:

net start Dnscache
net start Dhcp
net start tdx
net start wuauserv

Step 2

Please run Farbar Service Scanner again.

  • Tick "All" options.

    Posted Image
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Things I want to see in your next reply

  • FSS.txt

  • 0

#19
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Done. Not sure if the cmd.exe commands worked the way you wanted. Here is what happened:


Microsoft Windows [Version 6.0.6002]
Copyright © 2006 Microsoft Corporation. All rights reserved.

C:\Users\Bantas>net start Dnscache
System error 5 has occurred.

Access is denied.


C:\Users\Bantas>net start Dhcp
System error 5 has occurred.

Access is denied.


C:\Users\Bantas>net start tdx
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Users\Bantas>net start wuauserv
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Users\Bantas>


I'll paste in the new FSS.txt next...
  • 0

#20
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Farbar Service Scanner Version: 22-06-2012 01
Ran by Bantas (administrator) on 24-06-2012 at 16:37:29
Running from "C:\Users\Bantas\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 00:38] - [2012-03-30 08:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-06-13 22:22] - [2012-04-23 12:00] - 0133120 ____A (Microsoft Corporation) 75C6A297E364014840B48ECCD7525E30

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#21
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

Download Windows Repair (all in one) from this site.

Install the program then let it run.

Posted Image


Go to Step 3 and allow it to run System File Checker.

Posted Image


On the Start Repairs tab click Start.

Posted Image


Select the following items and tick Restart System When Finished then click Start.

Posted Image


Step 2

Please run Farbar Service Scanner again.

  • Tick "All" options.

    Posted Image
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Things I want to see in your next reply

  • FSS.txt

  • 0

#22
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Tweaking.com windows repairs is running. I'm hoping this does the trick. I have been called away on business for the next 3 weeks so if more work is needed, we'll have to postpone until then. Before I leave I'll post the latest FSS.txt file.

Thanks for all of the professional help so far!
  • 0

#23
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Windows repair run complete. Still can't connect to my wireless network. The computer recognizes that networks are avialable. When I click on mine, it says that Windows Cannot Connect. All other wireless devices in my house connect just fine. Same issue as from the beginning.

Next post will be the FSS.txt file. As stated in the previous post, unless there are any ideas tonight, I'll have to reconnect with you in 3 weeks when I am back from my business trip.
  • 0

#24
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Farbar Service Scanner Version: 22-06-2012 01
Ran by Bantas (administrator) on 25-06-2012 at 20:14:07
Running from "C:\Users\Bantas\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-15 21:37] - [2011-04-21 09:58] - 0273408 ____A (Microsoft Corporation)

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-09 00:38] - [2012-03-30 08:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-06-13 22:22] - [2012-04-23 12:00] - 0133120 ____A (Microsoft Corporation) 75C6A297E364014840B48ECCD7525E30

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#25
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

I would like you to check out the AFD service for me.

  • Go to Device Manager by typing Device Manager into the Search box.
  • Under View select Show hidden devices.
  • Click Plug and Play Drivers.
  • Right click Ancillary Fuction Device Driver for Winsock.
  • Select Properties.
  • Select the Driver tab.
  • Is the driver started?
  • If not then select Start.

Step 2

Download Complete Internet Repair to your desktop.

  • Unzip all of the files to their own folder on the desktop.
  • Within the folder double click CIntRep.
  • The program will then run.
  • Tick "All" of the options.
  • Press Go.
  • Let me know if it is able to conduct the repair, there is a log at the bottom.
Posted Image
  • 0

Advertisements


#26
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Hi, not sure if you saw my earlier post, but I am away on business for about 3 weeks and unable to work on the problem laptop. I will do these checks and reply with results as soon as I am back.
  • 0

#27
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Yes I saw your post and posted the instructions for when you get back. I've told my tutor to keep this topic open.
  • 0

#28
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Good afternoon! I'm back and ready to finish this repair thread if you are still available.

First, I went to the Device Manager and enabled "Show Hidden Devices" as you said, but there was nothing listed as "Plug and Play Drivers." However, there is a "Non-Plug and Play Drivers." I looked at the "Properties/Driver" tab for "Ancillary Fuction Device Driver for Winsock," and it does show as "Started" already. Is there something wrong with the laptop since it said, "Non-Plug and Play?"

Second, the link you have listed for "Complete Internet Repair" links to a .jpg picture, not to a file to download. Please resend the link.

Thanks!
  • 0

#29
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Welcome back!

The link is here.
  • 0

#30
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Still unable to connect. I'll put the log in the next post.

As before, the computer recognizes that wireless networks are available. When I click on mine, it says, "Windows cannot connect" and gives two options: (1) Diagnose the problem, and (2) Connect to a different network. When I click on Diagnose, it says, "Windows is not set to automatically connect" and it gives only one option, "View available wireless networks."
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP