ComboFix 14-05-19.01 - Miriam Moody 05/19/2014 9:26.4.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.363 [GMT -4:00]
Running from: c:\documents and settings\Miriam Moody\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2014-04-19 to 2014-05-19 )))))))))))))))))))))))))))))))
.
.
2014-05-17 13:13 . 2014-05-17 13:13 -------- d-----w- c:\documents and settings\Miriam Moody\Application Data\TeamViewer
2014-05-15 16:18 . 2014-05-15 16:18 -------- d-----w- c:\program files\TeamViewer
2014-05-15 16:03 . 2014-05-15 16:29 -------- d-----w- c:\documents and settings\Miriam Moody\Local Settings\Application Data\RcIncidents
2014-05-14 22:40 . 2014-05-14 22:40 -------- d-----w- C:\_OTL
2014-05-14 22:19 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2014-05-14 22:19 . 2001-08-18 02:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2014-05-14 22:19 . 2008-04-14 09:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2014-05-14 22:19 . 2001-08-18 02:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2014-05-14 22:19 . 2001-08-18 02:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2014-05-14 22:18 . 2001-08-18 02:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2014-05-14 22:18 . 2001-08-17 16:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2014-05-14 22:18 . 2008-04-14 02:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2014-05-14 22:18 . 2008-04-14 02:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2014-05-14 22:18 . 2008-04-14 09:42 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2014-05-14 22:17 . 2008-04-14 02:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2014-05-14 22:17 . 2001-08-17 16:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2014-05-14 22:17 . 2001-08-17 17:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2014-05-14 22:17 . 2001-08-18 02:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2014-05-14 22:17 . 2001-08-18 02:36 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2014-05-14 22:15 . 2001-08-17 17:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2014-05-14 22:15 . 2001-08-17 17:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2014-05-14 22:15 . 2001-08-17 17:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2014-05-14 22:15 . 2001-08-17 16:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2014-05-14 22:15 . 2001-08-17 17:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2014-05-14 22:15 . 2008-04-14 12:00 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2014-05-14 22:15 . 2001-08-17 17:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2014-05-14 22:14 . 2001-08-17 17:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2014-05-14 22:14 . 2001-08-17 17:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2014-05-14 22:14 . 2001-08-17 17:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2014-05-14 22:14 . 2001-08-17 17:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2014-05-14 22:14 . 2001-08-17 17:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2014-05-14 22:14 . 2001-08-17 17:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2014-05-14 22:14 . 2001-08-17 17:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2014-05-14 22:13 . 2008-04-14 04:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2014-05-14 22:13 . 2008-04-14 12:00 17152 -c--a-w- c:\windows\system32\dllcache\usbohci.sys
2014-05-14 22:13 . 2008-04-14 02:05 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2014-05-14 22:13 . 2001-08-18 02:36 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2014-05-14 22:13 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2014-05-14 22:13 . 2001-08-18 02:36 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2014-05-14 22:13 . 2001-08-18 02:36 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2014-05-14 22:13 . 2001-08-18 02:36 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2014-05-14 22:13 . 2001-08-17 17:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2014-05-14 22:12 . 2001-08-18 02:36 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2014-05-14 22:12 . 2001-08-18 02:36 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2014-05-14 22:12 . 2001-08-18 02:36 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2014-05-14 22:12 . 2001-08-18 02:36 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2014-05-14 22:12 . 2008-04-14 04:06 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys
2014-05-14 22:12 . 2001-08-17 17:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2014-05-14 22:12 . 2001-08-17 16:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2014-05-14 22:12 . 2001-08-18 02:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2014-05-14 22:11 . 2001-08-17 16:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2014-05-14 22:11 . 2001-08-17 18:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2014-05-14 22:11 . 2001-08-17 16:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2014-05-14 22:11 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2014-05-14 22:11 . 2001-08-17 16:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2014-05-14 22:11 . 2001-08-18 02:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2014-05-14 22:11 . 2008-04-14 09:42 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2014-05-14 22:11 . 2001-08-18 02:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2014-05-14 22:11 . 2001-08-17 18:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2014-05-14 22:11 . 2001-08-17 18:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2014-05-14 22:10 . 2001-08-17 16:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2014-05-14 22:10 . 2001-08-17 16:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2014-05-14 22:10 . 2001-08-17 16:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2014-05-14 22:10 . 2001-08-17 18:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2014-05-14 22:10 . 2008-04-14 12:00 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2014-05-14 22:10 . 2001-08-17 16:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2014-05-14 22:10 . 2001-08-17 16:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2014-05-14 22:10 . 2001-08-17 17:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2014-05-14 22:09 . 2001-08-17 17:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2014-05-14 22:09 . 2001-08-17 16:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2014-05-14 22:09 . 2001-08-17 18:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2014-05-14 22:09 . 2001-08-18 02:36 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2014-05-14 22:09 . 2001-08-17 17:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2014-05-14 22:09 . 2001-08-17 18:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2014-05-14 22:09 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2014-05-14 22:09 . 2001-08-18 02:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2014-05-14 22:08 . 2001-08-18 02:36 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2014-05-14 22:08 . 2001-08-18 02:36 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2014-05-14 22:08 . 2001-08-18 02:36 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2014-05-14 22:08 . 2001-08-18 02:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2014-05-14 22:08 . 2001-08-17 16:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2014-05-14 22:08 . 2001-08-17 17:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2014-05-14 22:08 . 2001-08-17 16:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2014-05-14 22:07 . 2001-08-18 02:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2014-05-14 22:07 . 2001-08-18 02:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2014-05-14 22:07 . 2001-08-17 17:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2014-05-14 22:07 . 2001-08-18 02:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2014-05-14 22:07 . 2001-08-17 17:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2014-05-14 22:07 . 2001-08-17 16:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2014-05-14 22:07 . 2001-08-18 02:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2014-05-14 22:07 . 2001-08-17 16:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2014-05-14 22:07 . 2001-08-17 17:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2014-05-14 22:06 . 2008-04-14 04:10 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2014-05-14 22:06 . 2001-08-17 17:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2014-05-14 22:06 . 2001-08-17 16:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2014-05-14 22:06 . 2001-08-17 18:56 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2014-05-14 22:06 . 2001-08-17 16:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2014-05-14 22:06 . 2001-08-17 16:10 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2014-05-14 22:06 . 2001-08-17 16:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2014-05-14 22:06 . 2001-08-17 17:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2014-05-14 22:06 . 2008-04-14 04:06 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2014-05-14 22:06 . 2008-04-14 04:06 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2014-05-14 22:04 . 2001-08-18 02:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2014-05-14 22:04 . 2001-08-17 16:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
2014-05-14 22:04 . 2001-08-17 18:56 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2014-05-14 22:04 . 2001-08-17 16:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2014-05-14 22:04 . 2001-08-17 18:56 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll
2014-05-14 22:04 . 2001-08-17 16:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2014-05-14 22:04 . 2008-04-14 12:00 3901 -c--a-w- c:\windows\system32\dllcache\siint5.dll
2014-05-14 22:04 . 2001-07-21 18:29 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2014-05-14 22:04 . 2001-07-21 18:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2014-05-14 22:04 . 2001-08-17 16:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2014-05-14 22:03 . 2001-08-18 02:36 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2014-05-14 22:03 . 2001-08-17 16:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2014-05-14 22:03 . 2001-08-17 17:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2014-05-14 22:03 . 2001-08-17 17:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2014-05-14 22:03 . 2008-04-14 04:15 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2014-05-14 22:03 . 2001-08-17 17:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2014-05-14 22:03 . 2001-08-17 17:51 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2014-05-14 22:02 . 2001-08-17 17:51 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2014-05-14 22:02 . 2001-08-17 17:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
2014-05-14 22:02 . 2001-08-17 17:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2014-05-14 22:02 . 2008-04-14 12:00 43904 -c--a-w- c:\windows\system32\dllcache\sbp2port.sys
2014-05-14 22:02 . 2001-08-18 02:36 495616 -c--a-w- c:\windows\system32\dllcache\sblfx.dll
2014-05-14 22:02 . 2001-08-17 16:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 12:49 . 2008-04-14 09:00 3584 ----a-w- c:\windows\system32\riched32.dll
2014-04-29 17:38 . 2010-10-15 17:30 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-28 21:45 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-22 39408]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-17 141336]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-17 141336]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2009-12-11 59936]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PLFSetL"="c:\windows\PLFSetL.exe" [2010-02-12 99712]
"snp2uvc"="c:\windows\system32\csnp2uvc.dll" [2010-02-12 202112]
"snuvcdsm"="c:\windows\snuvcdsm.exe" [2010-02-12 30080]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-05 1692968]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-12 19521056]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-28 3568312]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Documents and Settings\\Miriam Moody\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [11/28/2013 5:45 PM 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [11/28/2013 5:45 PM 180248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11/28/2013 5:45 PM 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11/28/2013 5:45 PM 410784]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [7/22/2010 5:04 AM 17840]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [7/22/2010 5:04 AM 15280]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [7/22/2010 5:04 AM 58800]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [7/22/2010 3:38 AM 61552]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [11/28/2013 5:45 PM 67824]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [7/19/2010 4:11 AM 321104]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [7/22/2010 5:12 AM 260640]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [5/15/2014 12:18 PM 5024576]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [7/22/2010 4:56 AM 243232]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7/22/2010 4:30 AM 1691480]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [7/22/2010 4:31 AM 82384]
S3 ExpressInvoiceService;Express Invoice;c:\program files\NCH Software\ExpressInvoice\expressinvoice.exe [11/1/2013 4:34 PM 1987588]
S3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [5/26/2010 10:41 PM 305520]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [4/25/2014 1:22 PM 27064]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [6/28/2013 6:48 PM 14624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-14 18:40 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-28 02:35]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-28 03:35]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-28 03:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aod255&r=0xph1210k545l0414wu45w4882u238
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254
.
.
**************************************************************************
.
Rootkit scan 2014-05-19 09:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2668)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2014-05-19 09:39:32
ComboFix-quarantined-files.txt 2014-05-19 13:39
ComboFix2.txt 2014-05-09 16:05
ComboFix3.txt 2014-05-09 15:10
ComboFix4.txt 2014-05-09 12:24
.
Pre-Run: 115,443,904,512 bytes free
Post-Run: 115,448,635,392 bytes free
.
- - End Of File - - 50C248BF056548FE41EFBADBFE785EA6
A36C5E4F47E84449FF07ED3517B43A31