Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

rpcnetp.exe, rpcnetp.dll Spyware Issue? [Closed]

Started by Aztec077 , Jan 07 2009 09:16 PM

  • This topic is locked This topic is locked

#1
Aztec077
Posted 07 January 2009 - 09:16 PM

Aztec077

    Member

  • Member
  • PipPip
  • 38 posts
Ok, like the title says, I have this rpcnetp.exe, rpcnetp.dll files that, if I delete they come back when I boot back up later. I did some checking out and there were references to it being part of Computrace Lojack, which I have, so, maybe I just have to deal with it, don't know. I use Comodo Firewall which is usually the one to detect it. But, like I said, comes right back.

Here's my Hijack This Scan Result:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:40:41 PM, on 1/7/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSEdge.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSCore.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\rpcnet.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\System32\alg.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\LockStatusTray.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Bill\Program Files\DNA\btdna.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\CDROMBB\SomBB.exe
C:\Windows\system32\dfrgui.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Windows\system32\defrag.exe
C:\Windows\system32\DfrgNtfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.support.dell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\COMMON~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbisoH.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LockStatusTray] C:\Windows\LockStatusTray.exe
O4 - HKLM\..\Run: [DellRemote] "C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe"
O4 - HKLM\..\Run: [Dell PC TuneUp Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bill\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O13 - Gopher Prefix:
O16 - DPF: Justin.tv Publisher - http://www.justin.tv...v_publisher.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://pccheckup.del...oad/tgctlcm.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://live.amsterda...login-devel.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logme...trl.cab?lmi=100
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Windows\
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Flash Media Server (FMS) (FMS) - Adobe Systems Incorporated. - C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
O23 - Service: Flash Media Administration Server (FMSAdmin) - Adobe Systems Incorporated. - C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: WMPControllerService - Gyration, Inc. - C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe

--
End of file - 15143 bytes


Thanx in advance. :)
  • 0

Advertisements

#2
Jimmy2012
Posted 12 January 2009 - 12:31 AM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello Aztec077,
Sorry about the delay.

Lets get a fresh look at your computer.

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

  • 0

#3
Aztec077
Posted 12 January 2009 - 01:21 AM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Ok, dude. I get a AutoIt Error pop-up, when I run that RSIT program in both regular mode and as administrator. It gets about half way though and then I get this, view the attachment, please. :)
  • 0

#4
Jimmy2012
Posted 12 January 2009 - 07:21 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello Aztec077,
That's no problem, please try this program.



Download OTViewIt to your desktop.
  • Close all windows and open it
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
  • You may need to use two posts to get it all on the forum

  • 0

#5
Aztec077
Posted 12 January 2009 - 09:34 PM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Ok, here's the OTViewIt.txt log:


OTViewIt logfile created on: 1/12/2009 10:24:32 PM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Bill\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173.74 Gb Total Space | 54.40 Gb Free Space | 31.31% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 8.46 Gb Free Space | 84.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 465.76 Gb Total Space | 179.94 Gb Free Space | 38.63% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BILL-PC
Current User Name: Bill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/01/18 22:33:38 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2008/01/18 22:33:16 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2008/01/18 22:33:24 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2007/04/16 22:05:52 | 00,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
[2008/01/18 22:33:40 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2008/12/17 16:38:45 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
[2008/11/12 22:08:15 | 00,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
[2007/11/26 09:22:48 | 00,385,024 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
[2007/02/21 10:28:36 | 00,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[2008/03/20 14:43:00 | 02,281,472 | R--- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
[2008/03/20 14:33:16 | 02,453,504 | R--- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
[2007/04/25 11:18:56 | 00,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
[2008/03/20 14:32:56 | 02,506,752 | R--- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Flash Media Server 3\FMSEdge.exe
[2008/03/20 14:40:18 | 04,968,448 | R--- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Flash Media Server 3\FMSCore.exe
[2008/11/14 17:08:14 | 00,596,336 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
[2008/11/18 14:57:44 | 00,323,928 | ---- | M] () -- C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
[2008/07/26 07:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
[2008/07/26 07:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
[2008/08/30 00:51:48 | 00,106,496 | ---- | M] () -- C:\Program Files\Hide My IP 2008\SecureSrv.exe
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
[2007/11/26 09:46:14 | 00,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
[2008/06/19 20:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
[2007/02/21 10:10:00 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[2008/10/21 16:46:55 | 00,047,104 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
[2008/08/26 15:58:12 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
[2007/09/13 14:45:38 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
[2008/07/26 07:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
[2008/01/18 22:33:10 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2006/12/06 15:52:46 | 00,499,712 | ---- | M] (Gyration, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
[2008/01/18 22:33:34 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2006/12/06 15:51:18 | 00,184,320 | ---- | M] (Gyration, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
[2008/08/30 00:51:48 | 00,106,496 | ---- | M] () -- C:\Program Files\Hide My IP 2008\SecureSrv.exe
[2008/01/18 22:33:40 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
[2008/08/30 00:51:48 | 00,106,496 | ---- | M] () -- C:\Program Files\Hide My IP 2008\SecureSrv.exe
[2008/01/09 14:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
[2007/11/01 17:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
[2008/01/18 22:33:34 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/04/25 11:18:52 | 00,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[2007/05/09 16:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2007/10/26 13:39:04 | 01,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2008/02/19 10:07:40 | 00,192,512 | ---- | M] (Logitech, Inc.) -- C:\Windows\LockStatusTray.exe
[2006/12/08 12:03:08 | 00,126,976 | ---- | M] (Gyration, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
[2008/08/14 16:15:46 | 02,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
[2006/11/02 04:45:37 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
[2008/08/26 15:58:10 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
[2008/05/27 00:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2007/02/28 17:50:50 | 00,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
[2008/09/12 11:45:48 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
[2008/02/16 09:26:24 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
[2008/02/16 09:26:10 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
[2008/02/16 09:26:18 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
[2008/12/17 16:38:43 | 01,797,880 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
[2008/08/14 16:11:48 | 00,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
[2006/10/03 10:37:04 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[2008/01/18 22:33:34 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
[2008/12/19 05:37:41 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Bill\Program Files\DNA\btdna.exe
[2006/11/03 16:55:50 | 00,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[2008/01/18 22:33:40 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
[2008/02/16 09:26:22 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
[2006/11/03 16:55:48 | 01,583,920 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
[2008/01/18 22:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2008/08/14 16:11:14 | 00,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
[2007/10/26 13:39:14 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
[2008/08/30 00:51:48 | 00,106,496 | ---- | M] () -- C:\Program Files\Hide My IP 2008\SecureSrv.exe
[2008/08/30 00:51:48 | 00,106,496 | ---- | M] () -- C:\Program Files\Hide My IP 2008\SecureSrv.exe
[2008/08/30 00:51:48 | 00,106,496 | ---- | M] () -- C:\Program Files\Hide My IP 2008\SecureSrv.exe
[2009/01/12 22:18:28 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

File not found -- -- (AESTFilters [Auto | Stopped])
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/07/27 13:03:11 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
File not found -- -- (CertPropSvc [Unknown | Stopped])
[2008/07/27 13:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/12/17 16:38:45 | 00,618,232 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent [Auto | Running])
[2008/11/12 22:08:15 | 00,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service [Auto | Running])
[2007/11/26 09:22:48 | 00,385,024 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService [Auto | Running])
File not found -- -- (DcomLaunch [Unknown | Running])
[2008/01/18 22:33:08 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2008/01/18 22:34:08 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
[2008/01/18 22:33:10 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2006/11/02 07:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2007/02/21 10:28:36 | 00,643,072 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
[2008/03/20 14:43:00 | 02,281,472 | R--- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe -- (FMS [Auto | Running])
[2008/03/20 14:33:16 | 02,453,504 | R--- | M] (Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe -- (FMSAdmin [Auto | Running])
[2008/06/19 20:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/09/02 19:00:05 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103 [On_Demand | Stopped])
[2008/11/12 09:23:37 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist [On_Demand | Stopped])
[2007/04/25 11:18:56 | 00,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON [Auto | Running])
[2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/11/14 17:08:14 | 00,596,336 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList [Auto | Running])
[2008/11/14 17:08:14 | 00,596,336 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService [Auto | Running])
[2008/11/18 14:57:44 | 00,323,928 | ---- | M] () -- C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe -- (IOLO_SRV [Auto | Running])
[2008/07/26 07:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
[2008/07/26 07:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
[2008/07/26 07:27:42 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher [Auto | Stopped])
[2008/01/09 14:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
[2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
[2007/11/07 08:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
[2007/08/15 11:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
[2007/07/24 11:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
[2007/12/05 09:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
[2008/09/08 00:24:55 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2007/11/26 09:46:14 | 00,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service [Auto | Running])
[2008/06/19 20:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetMsmqActivator [Disabled | Stopped])
[2008/06/19 20:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetPipeActivator [Auto | Running])
[2008/06/19 20:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpActivator [Auto | Running])
[2008/06/19 20:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [On_Demand | Running])
[2007/02/21 10:10:00 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
[2008/10/21 16:46:55 | 00,047,104 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe -- (rpcnet [Auto | Running])
[2008/01/18 22:36:20 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- -- (Schedule [Unknown | Running])
File not found -- -- (SCPolicySvc [Unknown | Stopped])
[2008/01/18 22:33:24 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 04:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2008/08/26 15:58:12 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter [Auto | Running])
[2007/09/13 14:45:38 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe -- (STacSV [Auto | Running])
File not found -- -- (stllssvr [On_Demand | Stopped])
[2008/01/18 22:33:34 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
[2008/01/18 22:33:34 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Running])
[2006/12/06 15:52:46 | 00,499,712 | ---- | M] (Gyration, Inc.) -- C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe -- (WMPControllerService [Auto | Running])
[2008/01/18 22:33:40 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
[2008/05/27 00:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
File not found -- -- (0156381231792800mcinstcleanup [Auto | Stopped])

========== Driver Services ==========

[2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2007/02/21 14:49:47 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2006/11/02 04:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2007/02/21 14:49:48 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2006/11/02 03:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2006/11/02 03:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
[2007/02/26 13:52:22 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x [On_Demand | Running])
[2008/01/18 20:28:28 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])
[2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2008/07/28 13:08:55 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum [On_Demand | Running])
[2006/11/02 03:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2008/01/18 20:53:46 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan [On_Demand | Running])
[2008/07/28 13:08:55 | 00,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2008/07/28 13:08:54 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Running])
[2006/11/06 16:37:16 | 00,078,128 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio [On_Demand | Running])
[2006/11/06 14:13:50 | 00,080,176 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt [On_Demand | Running])
[2006/11/06 14:13:52 | 00,016,560 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid [On_Demand | Running])
[2006/11/02 03:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
[2008/01/18 22:43:00 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [Unknown | Running])
[2008/12/17 16:38:47 | 00,099,344 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard [System | Running])
[2008/12/17 16:38:47 | 00,025,104 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp [System | Running])
[2007/02/21 14:49:47 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2006/11/02 04:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2006/11/02 03:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2008/01/18 20:28:22 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2008/08/01 20:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2008/01/18 22:42:12 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2007/09/20 13:12:34 | 00,012,800 | ---- | M] (EldoS Corporation) -- C:\Windows\System32\drivers\elrawdsk.sys -- (ElRawDisk [System | Running])
[2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2008/01/18 20:28:02 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])
[2008/01/18 22:42:32 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2008/01/18 20:30:24 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2006/11/02 04:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2008/08/06 10:18:17 | 00,085,969 | ---- | M] (GMER) -- C:\Windows\System32\drivers\gmer.sys -- (gmer [On_Demand | Stopped])
[2006/11/02 02:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
[2008/01/18 19:30:50 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 03:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 03:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2007/04/25 11:17:36 | 00,277,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor [Boot | Running])
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2008/01/02 15:48:28 | 02,016,256 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx [On_Demand | Running])
[2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
[2008/12/17 16:38:47 | 00,072,720 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys -- (Inspect [On_Demand | Running])
[2007/06/06 22:21:32 | 00,111,616 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService [On_Demand | Running])
[2006/11/02 03:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2008/01/18 22:42:36 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2008/01/18 20:49:18 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2008/01/18 20:55:04 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2008/02/28 14:31:08 | 00,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\lmimirr.sys -- (lmimirr [On_Demand | Running])
[2008/05/28 11:33:14 | 00,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP [Disabled | Stopped])
[2008/03/07 12:39:50 | 00,045,848 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver [Auto | Running])
[2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2008/01/18 20:30:38 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2007/10/11 20:59:12 | 01,920,920 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt [On_Demand | Stopped])
[2008/07/26 07:25:02 | 00,025,624 | ---- | M] () -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
[2008/07/26 14:25:48 | 00,627,864 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS [On_Demand | Running])
[2008/07/26 14:26:22 | 00,041,752 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])

[2008/07/26 14:26:44 | 04,658,584 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC [On_Demand | Running])
[2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2007/11/22 05:44:08 | 00,079,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
[2007/11/22 05:44:08 | 00,201,320 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk [System | Running])
[2007/11/22 05:44:04 | 00,033,832 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
[2007/12/02 11:51:42 | 00,040,488 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
[2008/01/18 20:52:20 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2007/07/13 05:21:12 | 00,125,728 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP [System | Running])
[2006/11/02 04:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2008/01/18 20:54:48 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2008/08/26 20:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2008/01/18 20:28:38 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2007/02/21 14:49:47 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Boot | Running])
[2006/11/02 04:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2008/01/18 22:41:16 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2008/01/18 22:42:30 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/05/19 21:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2007/09/26 07:12:00 | 02,251,776 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
[2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2008/01/18 20:55:52 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2007/01/06 00:59:34 | 00,086,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2006/11/02 04:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
[2007/06/01 12:57:18 | 00,178,176 | ---- | M] (Novatel Wireless Inc) -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI [On_Demand | Running])
[2007/10/10 16:03:00 | 00,235,648 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev [On_Demand | Stopped])
[2007/03/05 09:45:04 | 00,007,424 | ---- | M] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx [On_Demand | Stopped])
[2007/05/30 15:50:54 | 00,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50 [On_Demand | Stopped])
[2006/11/02 04:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2008/04/04 20:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2007/03/07 18:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
[2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
[2008/01/18 20:56:08 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2008/01/18 20:56:44 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])
[2008/01/18 21:01:10 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2008/01/18 20:53:40 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Running])
[2006/11/14 23:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])
[2006/11/14 18:42:46 | 00,043,520 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])
[2006/11/14 16:35:20 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])
[2008/01/18 20:55:04 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2008/05/28 09:33:36 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [System | Running])
[2008/05/28 09:33:38 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
[2008/05/28 09:33:36 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2006/11/02 04:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2008/01/18 20:32:58 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/01/18 20:49:18 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2006/11/02 03:51:38 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])
[2006/11/02 03:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2006/11/02 03:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2006/11/02 04:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2008/01/18 20:55:28 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2008/01/18 22:41:32 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2008/01/18 20:29:16 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2008/01/18 20:29:14 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2007/09/13 14:46:06 | 00,330,240 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA [On_Demand | Running])
[2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2007/10/26 13:39:08 | 00,193,456 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2008/10/17 01:43:08 | 00,404,992 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\t3.sys -- (t3 [On_Demand | Running])
[2008/01/18 20:56:08 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2008/10/09 23:21:28 | 00,050,704 | ---- | M] (UPEK Inc.) -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb [On_Demand | Stopped])
[2008/01/18 20:56:00 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2008/01/18 21:01:16 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2008/01/18 20:55:42 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2008/01/18 20:55:52 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2006/11/02 04:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
[2006/11/02 04:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2008/01/18 20:53:42 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2008/01/18 20:53:24 | 00,073,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Running])
[2006/11/02 03:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])
[2008/01/18 20:53:40 | 00,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Stopped])
[2006/11/02 03:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2006/11/02 03:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2007/02/21 14:49:47 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2008/01/18 22:42:20 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2008/01/18 22:43:04 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 03:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2006/11/02 04:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/01/18 22:43:28 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2008/01/18 20:32:48 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])
[2008/01/18 20:56:50 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.yahoo.com/
"Default_Search_URL"=http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=http://www.msn.com/
"Search Page"=http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.yahoo.com/

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomSearch"=http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
"SearchAssistant"=http://www.google.com/ie

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}" (HKLM) -- C:\Program Files\isoHunt\tbisoH.dll (Conduit Ltd.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.support.dell.com/
"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Start Page"=http://www.support.dell.com/
"StartPageCache"=

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (1102 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4efb-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{19C8E43B-07B3-49CB-BFFC-6777B593E6F8} (HKLM) -- C:\Program Files\Common Files\fluxDVD\Download Manager\XEBDLHelper.dll (Protect Software GmbH)
{377C180E-6F0E-4D4C-980F-F45BD3D40CF4} (HKLM) -- c:\Program Files\McAfee\MSK\mcapbho.dll ()
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (HKLM) -- C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (HKLM) -- C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}" (HKLM) -- C:\Program Files\isoHunt\tbisoH.dll (Conduit Ltd.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-C39E-35F1D2A32EC8}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A6E4A4EB-D169-4E99-8988-250FCBAFE767}" (HKLM) -- C:\Program Files\isoHunt\tbisoH.dll (Conduit Ltd.)

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-C39E-35F1D2A32EC8}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A6E4A4EB-D169-4E99-8988-250FCBAFE767}" (HKLM) -- C:\Program Files\isoHunt\tbisoH.dll (Conduit Ltd.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h ()
"Dell PC TuneUp Startup"="C:\Program Files\iolo\Common\Lib\ioloLManager.exe" ()
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s (Creative Technology Ltd.)
"DellRemote"="C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe" (Gyration, Inc.)
"dellsupportcenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe (Intel Corporation)
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
"IgfxTray"=C:\Windows\system32\igfxtray.exe (Intel Corporation)
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (Macrovision Corporation)
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (Macrovision Corporation)
"LockStatusTray"=C:\Windows\LockStatusTray.exe (Logitech, Inc.)
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide ()
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
"Persistence"=C:\Windows\system32\igfxpers.exe (Intel Corporation)
"SPIRunE"=Rundll32 SPIRunE.dll,RunDLLEntry (Creative Technology Ltd.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r (Creative Technology Ltd)
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" ()
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
"YMailAdvisor"="C:\Program Files\Yahoo!\Common\YMailAdvisor.exe" File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="C:\Users\Bill\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DelayShred"=c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! ()

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DelayShred"=c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! ()

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="C:\Users\Bill\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)

========== (O4) RunOnce Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SMRequiresRestart"= File not found

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoInstrumentation"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0
"DisableCAD"=1
"HideShutdownScripts"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"MaxRec
  • 0

#6
Aztec077
Posted 12 January 2009 - 09:35 PM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
And, here is the Extras.Txt log:


OTViewIt Extras logfile created on: 1/12/2009 10:24:32 PM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Bill\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173.74 Gb Total Space | 54.40 Gb Free Space | 31.31% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 8.46 Gb Free Space | 84.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 465.76 Gb Total Space | 179.94 Gb Free Space | 38.63% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BILL-PC
Current User Name: Bill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
"VistaSp1"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications"=0
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/12/16 15:16:10 | 00,637,232 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000007 [Bluetooth Namespace] -- C:\Windows\System32\wshbth.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000008 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
Protocol_Catalog9\Catalog_Entries\000000000001 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000002 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000003 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000004 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000005 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000006 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000007 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000008 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000009 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000010 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000011 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000012 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000013 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000014 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000015 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000016 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000017 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000018 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000019 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000020 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000021 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000022 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000023 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000024 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000025 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000026 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000027 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000028 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000029 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000030 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000031 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000032 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000033 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000034 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000035 -- C:\Windows\System32\securenet.dll ()
Protocol_Catalog9\Catalog_Entries\000000000036 -- C:\Windows\System32\securenet.dll ()

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/03/06 16:37:36 | 00,106,496 | ---- | M] (Belarc, Inc.) C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (belarc:{6318E0AB-2E93-11D1-B8ED-00608CC9A71F} (HKLM) [VoilaXctl Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/09/22 12:33:46 | 00,035,976 | ---- | M] (Logitech Inc.) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (bwfile-8876480:{9462A756-7B47-47BC-8C80-C34B9B80B32B} (HKLM) [BackWeb GA Pluggable Protocol])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}"=Bonjour
"{125EB8DD-8316-4559-9951-E969929381BD}"=Dell Premium Remote Control
"{141154CC-B23D-40E0-8242-1A747CA9B482}"=Sid Meier's Railroads!
"{144A1586-E16C-448D-910D-E12ACD65DD98}"=Keyboard Lock Status
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}"=Company of Heroes - FAKEMSI
"{199E6632-EB28-4F73-AECB-3E192EB92D18}"=Company of Heroes - FAKEMSI
"{238DCFCD-70B3-46B2-B90B-2CDCC69A3D03}"=Zoo Tycoon 2 - Zookeeper Collection
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}"=Company of Heroes - FAKEMSI
"{25E81740-CA17-489E-A8B6-54319A1C4D41}}_is1"=Dell PC TuneUp
"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}"=MobileMe Control Panel
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}"=Java™ 6 Update 11
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}"=Acrobat.com
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Roxio Update Manager
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}"=Company of Heroes - FAKEMSI
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}"=Sonic Activation Module
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}"=Logitech QuickCam
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}"=Mega Manager
"{4160A344-5848-4332-919F-0CB063822AA3}"=Dell Mobile Broadband Card Utility
"{42929F0F-CE14-47AF-9FC7-FF297A603021}"=Dell Resource CD
"{4CCE77B1-36E1-4A25-91BD-350A0B7C11DE}"=Chronotron Pro
"{50193078-F553-4EBA-AA77-64C9FAA12F98}"=Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}"=Company of Heroes - FAKEMSI
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}"=mWMI
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}"=Company of Heroes - FAKEMSI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{6A6DCB18-3ECB-46DC-894B-5EFE08C0BD9B}"=Mega Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{7F0C4457-8E64-491B-8D7B-991504365D1E}"=QuickSet
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}"=Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}"=Company of Heroes - FAKEMSI
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}"=mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}"=mHelp
"{8E7D7400-4F4F-409D-8F8A-43BF1DAC575A}"=TouchChip USB Driver 2.6
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}"=Logitech Desktop Messenger
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}"=Intel® Matrix Storage Manager
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}"=RollerCoaster Tycoon 3 Platinum
"{97E5205F-EA4F-438F-B211-F1846419F1C1}"=Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}"=Company of Heroes - FAKEMSI
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}"=mDriver
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}"=WIDCOMM Bluetooth Software 6.0.1.3100
"{A2289997-10A3-48F2-AA03-99180D761661}"=Fingerprint Reader Suite 5.6
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}"=Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}"=SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}"=Microsoft Visual C++ 2005 Redistributable
"{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}"=TSP_CODEC
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{BA801B94-C28D-46EE-B806-E1E021A3D519}"=Company of Heroes - FAKEMSI
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}"=Creative MediaSource 5
"{C99C0593-3B48-41D9-B42F-6E035B320449}"=Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}"=SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}"=Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}"=Broadcom Gigabit Integrated Controller
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}"=Windows Resource Kit Tools - SubInAcl.exe
"{D4D244D1-05E0-4D24-86A2-B2433C435671}"=Company of Heroes - FAKEMSI
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}"=Dell Support Center (Support Software)
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}"=Uniblue RegistryBooster 2009
"{E987DE3D-0030-42B7-940B-7F802FF05547}"=Playboy The Mansion - Private Party
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}"=Impulse
"{EAF636A9-F664-4703-A659-85A894DA264F}"=Company of Heroes - FAKEMSI
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}"=mMHouse
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}"=mCore
"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime
"7-Zip"=7-Zip 4.62
"AC3Filter"=AC3Filter (remove only)
"AdaptX_NSIS"=Adapt-X Plug-in for Winamp/WMP 9 (remove only)
"Adobe AIR"=Adobe AIR
"Adobe Flash Media Server 3.0.1_is1"=Adobe Flash Media Server 3.0.1
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player 11
"Advanced Audio FX Engine"=Advanced Audio FX Engine
"Advanced Video FX Engine"=Advanced Video FX Engine
"ALchemy"=Creative ALchemy
"Audacity_is1"=Audacity 1.2.6
"AudioCS"=Creative Audio Console
"Belarc Advisor"=Belarc Advisor 7.2
"Camfrog 5.1"=Camfrog Video Chat 5.1
"COMODO Internet Security"=COMODO Internet Security
"Company of Heroes"=Company of Heroes
"Creative OEM002"=Laptop Integrated Webcam Driver (1.04.01.1011)
"Creative Software AutoUpdate"=Creative Software AutoUpdate
"Dell Webcam Center"=Dell Webcam Center
"Dell Webcam Manager"=Dell Webcam Manager
"Diamond Mind Baseball version 9c"=Diamond Mind Baseball version 9c
"DTV4PC_is1"=DTV4PC 1.6.3
"FoxyTunesForFirefox"=FoxyTunes for Firefox
"Galactic Civilizations II"=Galactic Civilizations II
"GalCiv II - Dark Avatar"=GalCiv II - Dark Avatar
"GalCiv II - Twilight of the Arnor"=GalCiv II - Twilight of the Arnor
"Google Desktop"=Google Desktop
"GoToAssist"=GoToAssist 8.0.0.514
"Graboid Video"=Graboid Video 1.2
"HDMI"=Intel® Graphics Media Accelerator Driver
"Hide My IP 2008_is1"=Hide My IP 2008
"HijackThis"=HijackThis 2.0.2
"Impulse"=Impulse
"InstallShield_{238DCFCD-70B3-46B2-B90B-2CDCC69A3D03}"=Zoo Tycoon 2 - Zookeeper Collection
"isoHunt Toolbar"=isoHunt Toolbar
"LimeWire"=LimeWire 4.18.8
"lvdrivers_11.50"=Logitech QuickCam Driver Package
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1"=Microsoft .NET Framework 3.5 SP1
"Mozilla ActiveX Control v1.7.12"=Mozilla ActiveX Control v1.7.12
"Mozilla Firefox (3.0.5)"=Mozilla Firefox (3.0.5)
"MSC"=McAfee SecurityCenter
"Playboy - The Mansion"=Playboy - The Mansion
"ProInst"=Intel® PROSet/Wireless Software
"Spdifer"=Spdifer (remove only)
"Strat-O-Matic CD-ROM Ver13.0"=Strat-O-Matic CD-ROM Ver13.0
"Strat-O-Matic Football Version 7.0i"=Strat-O-Matic Football Version 7.0i
"SynTPDeinstKey"=Dell Touchpad
"System Tweaker_is1"=Uniblue System Tweaker
"Take Command 2nd Manassas Patch 3_is1"=Take Command 2nd Manassas Patch 3
"Take Command 2nd Manassas_is1"=Take Command 2nd Manassas
"ToolBox"=NCH Toolbox
"Uniblue RegistryBooster 2009"=Uniblue RegistryBooster 2009
"VST Bridge_is1"=VST Bridge 1.1
"Winamp"=Winamp
"Yahoo! Companion"=Yahoo! Toolbar
"Yahoo! Extras"=Yahoo! Browser Services
"Yahoo! Mail"=Yahoo! Internet Mail
"Yahoo! Mail Advisor"=Yahoo! Mail Advisor
"Yahoo! Messenger"=Yahoo! Messenger
"YInstHelper"=Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent"=BitTorrent
"BitTorrent DNA"=DNA

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent"=BitTorrent
"BitTorrent DNA"=DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/21/2008 10:53:34 PM | Computer Name = Bill-PC | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: The system cannot find the file specified.
(0x80070002)

Error - 12/21/2008 10:54:23 PM | Computer Name = Bill-PC | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)

Error - 12/21/2008 10:54:23 PM | Computer Name = Bill-PC | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)

Error - 12/21/2008 10:55:09 PM | Computer Name = Bill-PC | Source = Application Error | ID = 1000
Description = Faulting application btdna.exe, version 2.2.2.13666, time stamp 0x4939824b,
faulting module WINHTTP.dll, version 6.0.6001.18000, time stamp 0x4791a7b1, exception
code 0xc0000005, fault offset 0x0001e46b, process id 0x3a0, application start time
0x01c963e0a1953b0c.

Error - 12/22/2008 10:45:18 AM | Computer Name = Bill-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\McAfee\VirusScan\McShield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 4656 (0x1230) Thread address : 0x76F79A94 Thread message : Build VSCORE.14.0.0.349
/ 5300.2777 Object being scanned = \Device\HarddiskVolume5\Users\Bill\Downloads\COH_EN_171_2101_Patch.exe

by C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 4(0)(0) 4(0)(0)

7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 12/22/2008 11:08:04 AM | Computer Name = Bill-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe_BITS, version 6.0.6001.18000, time
stamp 0x47918b89, faulting module WINHTTP.dll, version 6.0.6001.18000, time stamp
0x4791a7b1, exception code 0xc0000005, fault offset 0x0001e46b, process id 0x4b8,
application start time 0x01c96446d4a7a6a5.

Error - 12/22/2008 2:11:32 PM | Computer Name = Bill-PC | Source = Application Error | ID = 1000
Description = Faulting application btdna.exe, version 2.2.2.13666, time stamp 0x4939824b,
faulting module WINHTTP.dll, version 6.0.6001.18000, time stamp 0x4791a7b1, exception
code 0xc0000005, fault offset 0x0001e46b, process id 0x1598, application start time
0x01c964609efcac1b.

Error - 12/23/2008 3:32:29 PM | Computer Name = Bill-PC | Source = Application Error | ID = 1000
Description = Faulting application btdna.exe, version 2.2.2.13666, time stamp 0x4939824b,
faulting module WINHTTP.dll, version 6.0.6001.18000, time stamp 0x4791a7b1, exception
code 0xc0000005, fault offset 0x0001e46b, process id 0x1148, application start time
0x01c9653505e83179.

Error - 12/23/2008 4:59:58 PM | Computer Name = Bill-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 8.1.0.421, time stamp
0x46d76392, faulting module OLEAUT32.dll, version 6.0.6001.18000, time stamp 0x4791a74f,
exception code 0xc0000005, fault offset 0x000138f2, process id 0x1524, application
start time 0x01c965415dee9019.

Error - 12/24/2008 10:46:32 AM | Computer Name = Bill-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\McAfee\VirusScan\McShield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 4068 (0xfe4) Thread address : 0x77DC9A94 Thread message : Build VSCORE.14.0.0.349
/ 5300.2777 Object being scanned = \Device\HarddiskVolume5\Users\Bill\Downloads\COH_EN_171_2101_Patch.exe

by C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 4(0)(0) 4(0)(0)

7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

[ System Events ]
Error - 1/12/2009 11:55:21 AM | Computer Name = Bill-PC | Source = DCOM | ID = 10010
Description =

Error - 1/12/2009 12:37:23 PM | Computer Name = Bill-PC | Source = HTTP | ID = 15016
Description =

Error - 1/12/2009 12:38:29 PM | Computer Name = Bill-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/12/2009 12:38:29 PM | Computer Name = Bill-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/12/2009 12:38:56 PM | Computer Name = Bill-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 1/12/2009 12:38:56 PM | Computer Name = Bill-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 1/12/2009 12:39:35 PM | Computer Name = Bill-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.

Error - 1/12/2009 4:33:34 PM | Computer Name = Bill-PC | Source = DCOM | ID = 10005
Description =

Error - 1/12/2009 4:33:34 PM | Computer Name = Bill-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/12/2009 4:33:34 PM | Computer Name = Bill-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

#7
Jimmy2012
Posted 12 January 2009 - 11:59 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello Aztec077,

Your OTViewIt.txt got cutoff, please re-post it in your next reply. Please only post the text below this line.

========== (O6 & O7) Current Version Policies ==========
  • 0

#8
Aztec077
Posted 13 January 2009 - 12:42 AM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoInstrumentation"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0
"DisableCAD"=1
"HideShutdownScripts"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"MaxRecentDocs"=50

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"NoDispBackgroundPage"=0
"NoDispScrSavPage"=0
"NoDispCPL"=0
"NoDispAppearancePage"=0
"DisableTaskMgr"=0

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"MaxRecentDocs"=50

[HKEY_USERS\S-1-5-21-52528071-2283225664-2918329161-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"NoDispBackgroundPage"=0
"NoDispScrSavPage"=0
"NoDispCPL"=0
"NoDispAppearancePage"=0
"DisableTaskMgr"=0

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre6\bin\ssv.dll [2008/11/10 05:43:31 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}: Button: Yahoo! Services -- %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [2007/12/12 17:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 -- %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2006/10/26 18:28:50 | 00,005,601 | ---- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-12650 -- %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2006/10/26 18:28:50 | 00,005,601 | ---- | M] ()

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.micro...d...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{01113300-3E00-11D2-8470-0060089874ED}: http://pccheckup.del...oad/tgctlcm.cab -- Support.com Configuration Class
{85D1F3B2-2A21-11D7-97B9-0010DC2A6243}: http://live.amsterda...login-devel.cab -- Reg Error: Key does not exist or could not be opened.
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_11
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.ma...t/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/...indows-i586.cab -- Java Plug-in 1.6.0_11
{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9}: https://secure.logme...trl.cab?lmi=100 -- Reg Error: Key does not exist or could not be opened.
Justin.tv Publisher: http://www.justin.tv...v_publisher.CAB -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{10D5B6D3-B09A-4A75-A82E-1960C2EF6D9A} (Servers: | Description: Intel® Wireless WiFi Link 4965AGN)
{49FF857B-EB72-499E-AB9C-2EA862C25E52} (Servers: | Description: Broadcom NetLink ™ Fast Ethernet)
{EE60E499-35D6-45B6-A59E-51E25C20D33B} (Servers: | Description: )

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\Windows\system32\guard32.dll
>[2008/09/02 19:00:06 | 00,113,664 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
>File not found --
>File not found --
>File not found --
>File not found --
>File not found --
>[2008/12/17 16:38:47 | 00,147,192 | ---- | M] () -- C:\Windows\System32\guard32.dll

========== (O20) HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"GinaDLL"=vrlogon.dll
>[2007/04/16 22:06:24 | 00,549,888 | ---- | M] (UPEK Inc.) -- C:\Windows\System32\vrlogon.dll


========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
GoToAssist: "DllName" = Reg Error: Value DLLName does not exist or could not be read. -- File not found
igfxcui: "DllName" = igfxdev.dll -- C:\Windows\System32\igfxdev.dll (Intel Corporation)
psfus: "DllName" = C:\Windows\system32\psqlpwd.dll -- C:\Windows\System32\psqlpwd.dll (UPEK Inc.)

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll
>[2008/01/18 22:34:00 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/18 22:36:44 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 16:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d0961ce-5cd8-11dd-9b25-806e6f6e6963}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d0961ce-5cd8-11dd-9b25-806e6f6e6963}\Shell\AutoRun\command]
""=E:\autorun.exe -- File not found


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d0961ce-5cd8-11dd-9b25-806e6f6e6963}\Shell\directx\command]
""=E:\DirectX9\dxsetup.exe -- File not found


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d0961ce-5cd8-11dd-9b25-806e6f6e6963}\Shell\setup\command]
""=E:\setup.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/01/12 22:18:28 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTViewIt.exe
[2009/01/12 11:45:04 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Apple
[2009/01/12 02:17:47 | 00,165,187 | ---- | C] () -- C:\Users\Bill\Desktop\RSIT Error Messege.jpg
[2009/01/12 02:06:05 | 00,000,000 | ---D | C] -- C:\rsit
[2009/01/12 02:04:02 | 00,781,851 | ---- | C] () -- C:\Users\Bill\Desktop\RSIT.exe
[2009/01/11 16:15:33 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Apple Computer
[2009/01/07 21:57:13 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/01/07 21:34:43 | 00,001,834 | ---- | C] () -- C:\Users\Bill\Desktop\HijackThis.lnk
[2009/01/07 11:34:52 | 00,002,031 | ---- | C] () -- C:\Users\Public\Desktop\GalCiv II - Twilight of the Arnor.lnk
[2009/01/07 06:41:53 | 00,002,017 | ---- | C] () -- C:\Users\Public\Desktop\GalCiv II - Dark Avatar.lnk
[2009/01/07 04:01:39 | 00,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Galactic Civilizations II.lnk
[2009/01/06 22:40:32 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Stardock
[2009/01/06 22:13:13 | 00,000,000 | ---D | C] -- C:\Program Files\Stardock Games
[2009/01/06 15:25:16 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Stardock
[2009/01/06 06:48:46 | 04,136,651 | -H-- | C] () -- C:\Users\Bill\AppData\Local\IconCache.db
[2009/01/06 06:46:51 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2009/01/06 06:46:41 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2009/01/06 05:21:14 | 37,476,55680 | -HS- | C] () -- C:\hiberfil.sys
[2009/01/06 03:37:30 | 00,000,874 | ---- | C] () -- C:\Users\Bill\Desktop\System Tweaker.lnk
[2008/12/30 12:13:39 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2008/12/30 06:14:15 | 00,000,930 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2008/12/30 05:29:45 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\System Tweaker
[2008/12/30 04:35:26 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2008/12/29 21:46:18 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Uniblue
[2008/12/29 11:22:51 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Digital Asphyxia
[2008/12/29 11:15:10 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/12/29 06:13:18 | 00,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs
[2008/12/27 15:48:11 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/12/22 11:46:07 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/12/20 22:28:24 | 00,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Graboid Inc
[2008/12/20 13:40:38 | 00,000,000 | ---D | C] -- C:\Users\Bill\Documents\Yahoo! Mail SSL DL
@Alternate Data Stream - 76 bytes -> C:\Users\Bill\Documents\Yahoo! Mail SSL DL:Roxio EMC Stream
[2008/12/19 05:38:29 | 00,000,788 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2008/12/19 05:38:14 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2008/12/18 02:27:39 | 00,000,908 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2008/12/17 16:38:51 | 00,147,192 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2008/12/17 16:38:51 | 00,099,344 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2008/12/17 16:38:51 | 00,072,720 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2008/12/17 16:38:51 | 00,025,104 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2008/12/17 16:09:53 | 03,578,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2008/12/17 16:07:42 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2008/12/17 16:04:40 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2008/12/17 16:04:38 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2008/12/17 16:04:29 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2008/12/17 16:04:29 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2008/12/17 16:04:28 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2008/12/17 16:04:28 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2008/12/17 16:04:25 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2008/12/17 16:04:22 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2008/12/17 16:04:13 | 11,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[2008/12/17 16:04:01 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
[2008/12/17 16:03:58 | 02,868,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2008/12/17 16:03:58 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2008/12/17 16:03:55 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2008/12/17 16:03:55 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2008/12/17 16:03:52 | 02,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2008/12/17 12:28:42 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2008/12/17 12:25:57 | 00,379,392 | ---- | C] () -- C:\Users\Bill\Documents\subinacl.msi
[2008/12/17 12:20:01 | 00,001,310 | ---- | C] () -- C:\Windows\System32\reset.cmd

========== Files - Modified Within 30 Days ==========

[4 C:\Windows\System32\*.tmp files]
[1 C:\Windows\*.tmp files]
[2009/01/12 22:18:28 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTViewIt.exe
[2009/01/12 21:37:23 | 00,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/01/12 21:37:23 | 00,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/01/12 17:22:04 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C8BCEDC4-D232-4E76-9B88-21662FB03321}.job
[2009/01/12 15:06:08 | 02,621,656 | ---- | M] () -- C:\Users\Bill\Documents\BA Playlist.m3u
[2009/01/12 14:11:25 | 00,000,338 | ---- | M] () -- C:\Windows\tasks\McDefragTaskD.job
[2009/01/12 11:44:32 | 00,783,252 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/01/12 11:44:32 | 00,662,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/01/12 11:44:32 | 00,124,606 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/01/12 11:37:55 | 00,047,104 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2009/01/12 11:37:22 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/01/12 11:37:14 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/01/12 11:37:03 | 37,476,55680 | -HS- | M] () -- C:\hiberfil.sys
[2009/01/12 11:36:51 | 00,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2009/01/12 10:55:58 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/01/12 10:55:15 | 04,136,651 | -H-- | M] () -- C:\Users\Bill\AppData\Local\IconCache.db
[2009/01/12 10:54:48 | 00,000,338 | ---- | M] () -- C:\Windows\tasks\McDefragTaskF.job
[2009/01/12 03:30:00 | 00,000,400 | ---- | M] () -- C:\Windows\tasks\ErrorSmart Scheduled Scan.job
[2009/01/12 03:00:33 | 00,000,356 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2009/01/12 02:17:47 | 00,165,187 | ---- | M] () -- C:\Users\Bill\Desktop\RSIT Error Messege.jpg
[2009/01/12 02:04:09 | 00,781,851 | ---- | M] () -- C:\Users\Bill\Desktop\RSIT.exe
[2009/01/12 02:00:02 | 00,000,338 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2009/01/07 21:34:43 | 00,001,834 | ---- | M] () -- C:\Users\Bill\Desktop\HijackThis.lnk
[2009/01/07 11:34:52 | 00,002,031 | ---- | M] () -- C:\Users\Public\Desktop\GalCiv II - Twilight of the Arnor.lnk
[2009/01/07 06:41:53 | 00,002,017 | ---- | M] () -- C:\Users\Public\Desktop\GalCiv II - Dark Avatar.lnk
[2009/01/07 04:01:39 | 00,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Galactic Civilizations II.lnk
[2009/01/06 04:10:10 | 00,180,736 | ---- | M] () -- C:\Users\Bill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/06 03:37:30 | 00,000,874 | ---- | M] () -- C:\Users\Bill\Desktop\System Tweaker.lnk
[2008/12/30 13:36:10 | 00,052,776 | ---- | M] () -- C:\Users\Bill\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/12/30 13:32:56 | 00,238,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2008/12/30 06:14:15 | 00,000,930 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2008/12/27 15:48:11 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2008/12/19 05:38:29 | 00,000,788 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2008/12/18 02:27:39 | 00,000,908 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2008/12/17 16:38:47 | 00,147,192 | ---- | M] () -- C:\Windows\System32\guard32.dll
[2008/12/17 16:38:47 | 00,099,344 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2008/12/17 16:38:47 | 00,072,720 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2008/12/17 16:38:47 | 00,025,104 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2008/12/17 12:26:27 | 00,379,392 | ---- | M] () -- C:\Users\Bill\Documents\subinacl.msi
[2008/12/17 12:23:23 | 00,001,310 | ---- | M] () -- C:\Windows\System32\reset.cmd
< End of report >
  • 0

#9
Jimmy2012
Posted 13 January 2009 - 10:20 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello Aztec077,

Please post a new HijackThis log.
  • 0

#10
Aztec077
Posted 13 January 2009 - 11:25 PM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24:47 AM, on 1/14/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSEdge.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSCore.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\rpcnet.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\System32\alg.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\LockStatusTray.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Users\Bill\Program Files\DNA\btdna.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\3B Software\DTV4PC\WTV.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\CDROMBB\SomBB.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.support.dell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\COMMON~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbisoH.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LockStatusTray] C:\Windows\LockStatusTray.exe
O4 - HKLM\..\Run: [DellRemote] "C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe"
O4 - HKLM\..\Run: [Dell PC TuneUp Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bill\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O13 - Gopher Prefix:
O16 - DPF: Justin.tv Publisher - http://www.justin.tv...v_publisher.CAB
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://live.amsterda...login-devel.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logme...trl.cab?lmi=100
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Windows\
O23 - Service: McAfee Application Installer Cleanup (0156381231792800) (0156381231792800mcinstcleanup) - Unknown owner - C:\Windows\TEMP\015638~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Flash Media Server (FMS) (FMS) - Adobe Systems Incorporated. - C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
O23 - Service: Flash Media Administration Server (FMSAdmin) - Adobe Systems Incorporated. - C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: WMPControllerService - Gyration, Inc. - C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe

--
End of file - 16319 bytes
  • 0

Advertisements

#11
Jimmy2012
Posted 14 January 2009 - 09:36 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello Aztec077,


Please reopen HijackThis and click on Do a system scan only. And put a check next to the following line.

O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://live.amsterda...login-devel.cab

Once you have the check in that line please make sure all open windows are closed (keep HijackThis open) and click Fix checked on HijackThis. A box will open up asking if you want to fix the selected item, please click Yes. After you have fixed that line you can close HijackThis.


Please download the OTMoveIt3 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Processes
explorer.exe

:Files
C:\Windows\System32\drivers\lvuvc.hs

:Commands
[purity]
[start explorer]
[Reboot]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. And post a new HijackThis log.
  • 0

#12
Aztec077
Posted 14 January 2009 - 10:20 PM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Windows\System32\drivers\lvuvc.hs moved successfully.
========== COMMANDS ==========
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01142009_230549
  • 0

#13
Aztec077
Posted 14 January 2009 - 10:22 PM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:01 PM, on 1/14/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSEdge.exe
C:\Program Files\Adobe\Flash Media Server 3\FMSCore.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\rpcnet.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPControllerServer.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hide My IP 2008\SecureSrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\System32\alg.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\LockStatusTray.exe
C:\dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Bill\Program Files\DNA\btdna.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\WerFault.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.support.dell.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\COMMON~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbisoH.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LockStatusTray] C:\Windows\LockStatusTray.exe
O4 - HKLM\..\Run: [DellRemote] "C:\Dell\Utilities\Dell Premium Remote Control\WMPRemoteTray.exe"
O4 - HKLM\..\Run: [Dell PC TuneUp Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bill\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\users\bill\appdata\local\temp\TEMPOR~1\Content.SH! c:\users\bill\appdata\local\temp\TEMPOR~1.SH! c:\users\bill\appdata\local\temp\History\History.SH! c:\users\bill\appdata\local\temp\History.SH! c:\users\bill\appdata\local\temp\Cookies.SH! c:\users\bill\appdata\local\temp\{D6390~1.SH! (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\securenet.dll
O13 - Gopher Prefix:
O16 - DPF: Justin.tv Publisher - http://www.justin.tv...v_publisher.CAB
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logme...trl.cab?lmi=100
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: GoToAssist - C:\Windows\
O23 - Service: McAfee Application Installer Cleanup (0156381231792800) (0156381231792800mcinstcleanup) - Unknown owner - C:\Windows\TEMP\015638~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Flash Media Server (FMS) (FMS) - Adobe Systems Incorporated. - C:\Program Files\Adobe\Flash Media Server 3\FMSMaster.exe
O23 - Service: Flash Media Administration Server (FMSAdmin) - Adobe Systems Incorporated. - C:\Program Files\Adobe\Flash Media Server 3\FMSAdmin.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\Dell\PC TuneUp\IoloSGCtrl.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: WMPControllerService - Gyration, Inc. - C:\dell\Utilities\Dell Premium Remote Control\WMPControllerService.exe

--
End of file - 16281 bytes
  • 0

#14
Jimmy2012
Posted 15 January 2009 - 10:27 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello Aztec077,

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






Please do an online scan with Kaspersky WebScanner
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.
~~~~~~~~~~~~~~
In your next reply please have these logs.
The Malwarebytes log
And the Kaspersky log
  • 0

#15
Aztec077
Posted 15 January 2009 - 11:55 PM

Aztec077

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Malwarebytes' Anti-Malware 1.33
Database version: 1656
Windows 6.0.6001 Service Pack 1

1/16/2009 12:53:36 AM
mbam-log-2009-01-16 (00-53-36).txt

Scan type: Quick Scan
Objects scanned: 54677
Time elapsed: 7 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP