Help - Page 3
Page 3 of 3 FirstFirst 123
Results 31 to 45 of 87

Thread: Help

Hybrid View

  1. August 2nd, 2010, 11:31 AM #1
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    It looks better

    What are the current issues?

    Uninstall Combofix:
    Go Start > Run [Vista users, go Start>"Start search"]
    Type in:
    Combofix /Uninstall
    Note the space between the "Combofix" and the "/Uninstall"
    Click OK (Vista users - press Enter).
    Restart computer.

    =============================================================

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:



    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    /md5start
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
    My Home Page
    Reply With Quote Reply With Quote
  2. August 2nd, 2010, 12:56 PM #2
    charliewon
    charliewon is offline Virtual Med Student
    Join Date
    Jun 2009
    Posts
    97
    Broni
    Still have all the same issues on computer
    No task bar
    No start
    Internet will not start
    Cannot drag anything on desktop

    OTL Log

    OTL logfile created on: 02/08/2010 17:35:14 - Run 1
    OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\User\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
    Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 38.23 Gb Total Space | 2.11 Gb Free Space | 5.53% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    Drive E: | 1.88 Gb Total Space | 1.88 Gb Free Space | 99.62% Space Free | Partition Type: FAT
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: FAMILY
    Current User Name: User
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/08/02 17:29:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
    PRC - [2010/07/01 12:07:20 | 001,361,128 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
    PRC - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    PRC - [2010/06/10 07:36:33 | 002,245,576 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe
    PRC - [2010/05/19 15:37:06 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
    PRC - [2010/01/28 12:34:40 | 001,800,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    PRC - [2009/06/25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    PRC - [2009/03/13 13:13:12 | 000,572,928 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    PRC - [2002/08/29 13:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/08/02 17:29:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
    MOD - [2010/06/07 18:07:08 | 000,541,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
    MOD - [2002/08/29 13:00:00 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSIMTF.dll
    MOD - [2002/08/29 13:00:00 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
    SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2010/07/01 12:07:18 | 000,840,936 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
    SRV - [2010/01/28 12:34:37 | 000,723,632 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV - [2009/06/02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2007/12/17 22:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
    SRV - [2007/01/11 22:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
    SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LVCM.sys -- (QCMerced)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2010/07/01 12:07:30 | 000,166,632 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
    DRV - [2010/07/01 12:07:30 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys -- (RapportKELL)
    DRV - [2010/02/13 10:56:04 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
    DRV - [2010/01/28 12:34:57 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
    DRV - [2010/01/28 12:34:56 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
    DRV - [2009/10/27 16:46:30 | 000,132,424 | ---- | M] (COMODO Security Solutions Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\cfrmd.sys -- (CFRMD)
    DRV - [2009/06/17 12:27:56 | 000,038,160 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2009/05/26 11:05:56 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2009/05/26 11:05:54 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2009/05/26 11:05:52 | 000,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2009/03/19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
    DRV - [2009/03/19 14:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
    DRV - [2009/02/09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
    DRV - [2009/02/09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
    Reply With Quote Reply With Quote
  3. August 2nd, 2010, 12:57 PM #3
    charliewon
    charliewon is offline Virtual Med Student
    Join Date
    Jun 2009
    Posts
    97
    Part Two

    DRV - [2009/02/09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
    DRV - [2009/02/09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
    DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
    DRV - [2008/05/06 07:01:28 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
    DRV - [2008/04/14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2008/04/13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
    DRV - [2008/02/25 13:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
    DRV - [2008/01/18 22:52:52 | 000,077,696 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
    DRV - [2005/08/02 17:35:00 | 003,198,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
    DRV - [2004/11/03 14:14:26 | 000,267,136 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis7012.sys -- (SiS7012) Service for AC'97 Sample Driver (WDM)
    DRV - [2002/08/29 13:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ql1280.sys -- (ql1280)
    DRV - [2002/08/29 13:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ql12160.sys -- (ql12160)
    DRV - [2002/08/29 13:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ql1080.sys -- (ql1080)
    DRV - [2002/08/29 13:00:00 | 000,038,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
    DRV - [2002/08/29 13:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ultra.sys -- (ultra)
    DRV - [2002/08/29 13:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\symc8xx.sys -- (symc8xx)
    DRV - [2002/08/29 13:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\sym_u3.sys -- (sym_u3)
    DRV - [2002/08/29 13:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\sym_hi.sys -- (sym_hi)
    DRV - [2002/08/29 13:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\asc.sys -- (asc)
    DRV - [2002/08/29 13:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\sparrow.sys -- (Sparrow)
    DRV - [2002/08/29 13:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\mraid35x.sys -- (mraid35x)
    DRV - [2002/08/29 13:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\symc810.sys -- (symc810)
    DRV - [2002/08/29 13:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\asc3550.sys -- (asc3550)
    DRV - [2002/08/29 13:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cmdide.sys -- (CmdIde)
    DRV - [2002/08/29 13:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\aliide.sys -- (AliIde)
    DRV - [2001/08/18 05:58:02 | 000,026,112 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
    DRV - [2001/07/12 15:54:20 | 000,584,304 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2001/07/12 15:52:38 | 000,427,167 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\k56nt.sys -- (K56)
    DRV - [2001/07/12 15:52:10 | 000,310,739 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fallback.sys -- (Fallback)
    DRV - [2001/07/12 15:49:32 | 000,077,426 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\basic2.sys -- (basic2)
    DRV - [2001/07/12 15:49:10 | 000,534,605 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v124nt.sys -- (V124)
    DRV - [2001/07/03 19:42:30 | 000,017,776 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cnxtdiag.sys -- (Cnxtdiag)
    DRV - [2001/06/14 20:37:38 | 000,127,405 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fsksnt.sys -- (Fsks)
    DRV - [2001/06/14 20:36:52 | 000,216,987 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\faxnt.sys -- (SoftFax)
    DRV - [2001/06/14 20:35:50 | 000,056,639 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tonesnt.sys -- (Tones)
    DRV - [2001/06/14 20:33:04 | 000,067,622 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rksample.sys -- (Rksample)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/08/02 08:54:13 | 000,000,000 | ---D | M]

    [2009/02/27 16:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
    [2009/02/27 16:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\[email protected]
    [2009/08/30 20:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\extensions
    [2009/08/30 20:30:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

    O1 HOSTS File: ([2010/08/02 12:54:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
    O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
    O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 1
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: //@signup.mar@/ ([]money in My Computer)
    O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
    O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
    Reply With Quote Reply With Quote
  4. August 2nd, 2010, 12:58 PM #4
    charliewon
    charliewon is offline Virtual Med Student
    Join Date
    Jun 2009
    Posts
    97
    Part Three

    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_14)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
    O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2003/03/27 08:40:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found

    Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
    Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
    Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
    Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
    Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
    Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
    Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: VIDC.I420 - lvcodec2.dll File not found
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
    Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
    Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
    Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
    Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
    Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
    Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
    Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
    Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
    Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
    Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
    Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
    Unable to start service RpcSs!

    ========== Files/Folders - Created Within 90 Days ==========

    [2102/01/04 03:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
    [2102/01/04 02:10:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
    [2102/01/03 14:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2102/01/02 02:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
    [2102/01/02 02:33:46 | 000,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2102/01/02 02:33:45 | 000,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2102/01/02 02:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2102/01/02 02:33:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2102/01/01 15:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    [2102/01/01 15:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
    [2102/01/01 15:40:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2102/01/01 15:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
    [2010/08/02 17:29:14 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
    [2010/07/25 11:44:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2010/07/19 15:05:14 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
    [2010/07/19 15:05:05 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\sparrow.sys
    [2010/07/19 15:05:05 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
    [2010/07/19 15:04:52 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
    [2010/07/19 15:04:52 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
    [2010/07/19 15:04:52 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
    [2010/07/19 15:04:45 | 000,272,896 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
    [2010/07/19 15:04:02 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\drivers\mraid35x.sys
    [2010/07/19 15:04:02 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
    [2010/07/19 15:01:54 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
    [2010/07/19 15:01:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
    [2010/07/19 15:01:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
    [2010/07/19 13:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts
    [2010/07/18 15:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [2010/07/18 15:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
    [2010/06/28 10:02:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
    [2010/06/25 17:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Gran Diccionario Oxford
    [2010/06/24 18:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Atomic Alarm Clock
    [2010/06/19 11:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\WorldUnlock Codes Calculator
    [2010/06/03 06:53:36 | 000,453,164 | ---- | C] ( ) -- C:\Documents and Settings\User\Desktop\btv.exe
    [2010/05/22 17:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    [2010/05/22 11:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
    [2010/05/22 11:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
    [2006/12/12 11:59:08 | 000,184,320 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.MSXML2.dll
    [1 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ]

    ========== Files - Modified Within 90 Days ==========

    [2010/08/02 17:33:48 | 000,000,302 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to New Text Document.lnk
    [2010/08/02 17:29:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
    [2010/08/02 17:26:44 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\User\Application Data\AtomicAlarmClock.ini
    [2010/08/02 17:23:13 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2010/08/02 17:21:43 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\User\ntuser.dat
    [2010/08/02 17:19:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/08/02 17:19:16 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
    [2010/08/02 13:39:32 | 000,000,180 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
    [2010/08/02 12:54:41 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
    [2010/08/02 12:54:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2010/08/02 12:48:09 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
    [2010/07/30 14:35:11 | 000,001,230 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/07/27 04:45:35 | 000,294,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2010/07/25 14:13:13 | 000,089,261 | ---- | M] () -- C:\ComboFix.zip
    [2010/07/25 11:44:10 | 000,000,264 | RHS- | M] () -- C:\boot.ini
    [2010/07/25 08:40:05 | 000,000,267 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to ComboFix.zip.lnk
    [2010/07/19 16:12:51 | 000,000,018 | ---- | M] () -- C:\SYSREST
    [2010/07/19 06:38:34 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
    [2010/07/17 18:58:10 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2010/07/13 03:34:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\FOXIT_PDF
    [2010/07/12 18:37:23 | 000,044,780 | ---- | M] () -- C:\Documents and Settings\User\Application Data\wklnhst.dat
    [2010/07/06 19:50:11 | 000,353,396 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Scooter Insurance.xps
    [2010/07/05 15:19:05 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to Internet.lnk
    [2010/06/24 21:38:18 | 000,017,659 | ---- | M] (TopLang Software) -- C:\WINDOWS\System32\drivers\InetLock.sys
    [2010/06/24 18:33:53 | 000,000,163 | ---- | M] () -- C:\WINDOWS\wininit.ini
    [2010/06/22 18:26:00 | 002,801,748 | ---- | M] () -- C:\Documents and Settings\User\Desktop\British TV.exe
    [2010/05/31 15:35:36 | 000,153,600 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/05/25 07:13:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2010/05/15 11:20:38 | 000,075,088 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2010/05/09 02:05:25 | 000,095,172 | ---- | M] () -- C:\Documents and Settings\User\Desktop\_=Demonoid.com=_-TV_UFO_Series_(1970)_1348087.9036.torrent
    [1 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/08/02 17:33:48 | 000,000,302 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to New Text Document.lnk
    [2010/07/26 18:02:11 | 1341,706,240 | -HS- | C] () -- C:\hiberfil.sys
    [2010/07/25 14:13:13 | 000,089,261 | ---- | C] () -- C:\ComboFix.zip
    [2010/07/25 11:44:10 | 000,000,193 | ---- | C] () -- C:\Boot.bak
    [2010/07/25 11:44:07 | 000,260,272 | ---- | C] () -- C:\cmldr
    [2010/07/25 08:40:05 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to ComboFix.zip.lnk
    [2010/07/19 16:12:51 | 000,000,018 | ---- | C] () -- C:\SYSREST
    [2010/07/19 15:05:46 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
    [2010/07/19 15:05:46 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
    [2010/07/19 15:05:44 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
    [2010/07/19 15:05:39 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
    [2010/07/19 15:05:35 | 000,032,674 | ---- | C] () -- C:\WINDOWS\System32\winhelp.hlp
    [2010/07/19 15:05:35 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
    [2010/07/19 15:05:33 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
    [2010/07/19 15:05:32 | 001,325,568 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
    [2010/07/19 15:05:32 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
    [2010/07/19 15:05:31 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
    [2010/07/19 15:05:31 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
    [2010/07/19 15:05:31 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
    [2010/07/19 15:05:31 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
    [2010/07/19 15:05:30 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
    [2010/07/19 15:05:30 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
    [2010/07/19 15:05:30 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
    [2010/07/19 15:05:30 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
    [2010/07/19 15:05:20 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
    [2010/07/19 15:05:20 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
    [2010/07/19 15:05:18 | 000,089,588 | ---- | C] () -- C:\WINDOWS\System32\unicode.nls
    [2010/07/19 15:05:16 | 000,262,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
    [2010/07/19 15:05:16 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
    [2010/07/19 15:05:11 | 000,352,020 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
    [2010/07/19 15:05:11 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
    [2010/07/19 15:05:10 | 000,379,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
    [2010/07/19 15:05:10 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
    [2010/07/19 15:05:10 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
    [2010/07/19 15:05:08 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
    [2010/07/19 15:05:08 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
    [2010/07/19 15:05:07 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
    [2010/07/19 15:05:06 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
    [2010/07/19 15:05:00 | 000,262,148 | ---- | C] () -- C:\WINDOWS\System32\sortkey.nls
    [2010/07/19 15:05:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
    [2010/07/19 15:05:00 | 000,021,116 | ---- | C] () -- C:\WINDOWS\System32\sorttbls.nls
    [2010/07/19 15:04:58 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
    [2010/07/19 15:04:56 | 000,011,753 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
    [2010/07/19 15:04:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
    [2010/07/19 15:04:56 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
    [2010/07/19 15:04:55 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
    [2010/07/19 15:04:55 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
    [2010/07/19 15:04:54 | 000,218,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
    [2010/07/19 15:04:52 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
    [2010/07/19 15:04:52 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
    [2010/07/19 15:04:51 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
    [2010/07/19 15:04:49 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
    Reply With Quote Reply With Quote
  6. August 2nd, 2010, 12:59 PM #5
    charliewon
    charliewon is offline Virtual Med Student
    Join Date
    Jun 2009
    Posts
    97
    Part Four

    [2010/07/19 15:04:49 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\redir.exe
    [2010/07/19 15:04:48 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
    [2010/07/19 15:04:47 | 001,142,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
    [2010/07/19 15:04:46 | 000,734,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
    [2010/07/19 15:04:46 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
    [2010/07/19 15:04:46 | 000,357,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
    [2010/07/19 15:04:46 | 000,266,752 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
    [2010/07/19 15:04:46 | 000,184,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
    [2010/07/19 15:04:46 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
    [2010/07/19 15:04:46 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
    [2010/07/19 15:04:46 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
    [2010/07/19 15:04:39 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2010/07/19 15:04:39 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
    [2010/07/19 15:04:39 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2010/07/19 15:04:38 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
    [2010/07/19 15:04:35 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
    [2010/07/19 15:04:35 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
    [2010/07/19 15:04:35 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
    [2010/07/19 15:04:35 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2010/07/19 15:04:35 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
    [2010/07/19 15:04:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2010/07/19 15:04:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
    [2010/07/19 15:04:29 | 000,004,294 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
    [2010/07/19 15:04:29 | 000,004,294 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
    [2010/07/19 15:04:26 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
    [2010/07/19 15:04:26 | 000,035,632 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio411.sys
    [2010/07/19 15:04:26 | 000,035,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio412.sys
    [2010/07/19 15:04:26 | 000,034,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio804.sys
    [2010/07/19 15:04:26 | 000,034,528 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio404.sys
    [2010/07/19 15:04:26 | 000,033,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntio.sys
    [2010/07/19 15:04:26 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
    [2010/07/19 15:04:26 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
    [2010/07/19 15:04:25 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
    [2010/07/19 15:04:25 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
    [2010/07/19 15:04:25 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
    [2010/07/19 15:04:25 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
    [2010/07/19 15:04:25 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
    [2010/07/19 15:04:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
    [2010/07/19 15:04:24 | 000,342,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
    [2010/07/19 15:04:23 | 002,049,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
    [2010/07/19 15:04:23 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
    [2010/07/19 15:04:23 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
    [2010/07/19 15:04:23 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
    [2010/07/19 15:04:23 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
    [2010/07/19 15:04:23 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
    [2010/07/19 15:04:23 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
    [2010/07/19 15:04:23 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
    [2010/07/19 15:04:23 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
    [2010/07/19 15:04:23 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2010/07/19 15:04:23 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
    [2010/07/19 15:04:22 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
    [2010/07/19 15:04:18 | 000,102,446 | ---- | C] () -- C:\WINDOWS\System32\net.hlp
    [2010/07/19 15:04:18 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
    [2010/07/19 15:04:13 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
    [2010/07/19 15:04:09 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
    [2010/07/19 15:04:09 | 000,010,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
    [2010/07/19 15:04:08 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
    [2010/07/19 15:04:08 | 000,182,198 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
    [2010/07/19 15:04:05 | 000,842,268 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
    [2010/07/19 15:04:05 | 000,842,268 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
    [2010/07/19 15:04:05 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
    [2010/07/19 15:04:05 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
    [2010/07/19 15:04:04 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
    [2010/07/19 15:04:04 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
    [2010/07/19 15:04:02 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
    [2010/07/19 15:03:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2010/07/19 15:03:58 | 000,305,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\micross.ttf
    [2010/07/19 15:03:58 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2010/07/19 15:03:56 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
    [2010/07/19 15:03:56 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
    [2010/07/19 15:03:54 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
    [2010/07/19 15:03:54 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
    [2010/07/19 15:03:53 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
    [2010/07/19 15:03:53 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
    [2010/07/19 15:03:53 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\l_intl.nls
    [2010/07/19 15:03:53 | 000,000,168 | ---- | C] () -- C:\WINDOWS\System32\l_except.nls
    [2010/07/19 15:03:52 | 000,209,010 | ---- | C] () -- C:\WINDOWS\System32\locale.nls
    [2010/07/19 15:03:52 | 000,001,131 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
    [2010/07/19 15:03:06 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
    [2010/07/19 15:03:05 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
    [2010/07/19 15:03:05 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
    [2010/07/19 15:03:04 | 000,014,710 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
    [2010/07/19 15:03:04 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
    [2010/07/19 15:03:04 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
    [2010/07/19 15:03:01 | 000,766,934 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
    [2010/07/19 15:03:00 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
    [2010/07/19 15:02:59 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
    [2010/07/19 15:02:58 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
    [2010/07/19 15:02:57 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
    [2010/07/19 15:02:55 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
    [2010/07/19 15:02:55 | 000,019,694 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
    [2010/07/19 15:02:53 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
    [2010/07/19 15:02:53 | 000,024,772 | ---- | C] () -- C:\WINDOWS\System32\geo.nls
    [2010/07/19 15:02:53 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
    [2010/07/19 15:02:52 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
    [2010/07/19 15:02:52 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
    [2010/07/19 15:02:52 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
    [2010/07/19 15:02:51 | 000,031,405 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
    [2010/07/19 15:02:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
    [2010/07/19 15:02:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
    [2010/07/19 15:02:50 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
    [2010/07/19 15:02:49 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
    [2010/07/19 15:02:49 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
    [2010/07/19 15:02:49 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
    [2010/07/19 15:02:48 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
    [2010/07/19 15:02:48 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
    [2010/07/19 15:02:47 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
    [2010/07/19 15:02:47 | 000,069,886 | ---- | C] () -- C:\WINDOWS\System32\edit.com
    [2010/07/19 15:02:47 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
    [2010/07/19 15:02:47 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
    [2010/07/19 15:02:47 | 000,010,790 | ---- | C] () -- C:\WINDOWS\System32\edit.hlp
    [2010/07/19 15:02:46 | 000,498,205 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
    [2010/07/19 15:02:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2010/07/19 15:02:45 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
    [2010/07/19 15:02:45 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
    [2010/07/19 15:02:11 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
    [2010/07/19 15:02:11 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dosx.exe
    [2010/07/19 15:02:10 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
    [2010/07/19 15:02:09 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
    [2010/07/19 15:02:08 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\dllcache\devenum.dll
    [2010/07/19 15:02:08 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
    [2010/07/19 15:02:08 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
    [2010/07/19 15:02:08 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
    [2010/07/19 15:02:08 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
    [2010/07/19 15:02:07 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
    [2010/07/19 15:02:06 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_950.nls
    [2010/07/19 15:02:06 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_949.nls
    [2010/07/19 15:02:06 | 000,196,642 | ---- | C] () -- C:\WINDOWS\System32\c_936.nls
    [2010/07/19 15:02:06 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_932.nls
    [2010/07/19 15:02:06 | 000,139,810 | ---- | C] () -- C:\WINDOWS\System32\c_20261.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_874.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_865.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_863.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_861.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_860.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_850.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_775.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
    [2010/07/19 15:02:06 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_437.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_500.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28605.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28598.nls
    [2010/07/19 15:02:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
    Reply With Quote Reply With Quote
  7. August 2nd, 2010, 06:55 PM #6
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Before I review your logs, let try couple of fixes to see, if we can repair some of your problems.

    Taskbar missing: http://www.kellys-korner-xp.com/taskbarplus!.htm
    Copy/paste/drag: http://discussions.virtualdr.com/sho...89#post1245589

    Internet....

    Make sure, your computer is set to obtain IP address automatically.
    1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
    2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
    3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
    4. For a wired network connection, right-click Local Area Connection, and then select Properties.
    For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
    5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol (TCP/IP), make sure it is checked, and then click Properties
    6. Click Obtain an IP Address Automatically, and then click OK.

    If that doesn't work...
    Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
    Reconnect everything.
    Restart computer.

    If that doesn't work, bypass router, and connect computer straight to the modem.

    If that doesn't work...
    Go Start>Run (Start search in Vista), type in:
    cmd
    Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

    In Command Prompt window, type in following commands, and hit Enter after each one:
    ipconfig /flushdns
    ipconfig /registerdns
    ipconfig /release
    ipconfig /renew
    net stop "dns client"
    net start "dns client"


    Restart computer.

    If that doesn't work...
    Go Start>Run (Start search in Vista), type in:
    cmd
    Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

    At Command Prompt, type in:
    netsh int ip reset reset.log
    Hit Enter.
    Type in:
    netsh winsock reset catalog
    Hit Enter.

    Restart computer.


    If that doesn't work...
    Download, install, and run WinSockFix: http://www.softpedia.com/get/Tweak/N...nSockFix.shtml (doesn't work in Vista)
    Restart computer, and check again.

    If that doesn't work...
    Download Dial-A-Fix (DAF) (doesn't work in Vista):
    http://wiki.lunarsoft.net/wiki/Dial-...C_and_articles

    Have XP CD available in case DAF needs a file. Likely not!

    Check all boxes on the screen (clear any restrictions if it shows any)
    Then click GO!

    When the entire page is finished click the HammerHead at bottom to go to the second DAF page.

    Here, one at a time, do the below:

    Reinstall BITS
    Reinstall Windows Firewall
    Repair Permissions
    Reset networking

    Watch for any File not found or other errors and make note as this may lead to the fix!

    Restart computer.
    My Home Page
    Reply With Quote Reply With Quote
  8. August 8th, 2010, 05:53 AM #7
    charliewon
    charliewon is offline Virtual Med Student
    Join Date
    Jun 2009
    Posts
    97
    Broni
    Sorry been away so have not been able to post
    I first tried the fix for the missing toolbar but all i got was
    Run time error '-2147217387 (80041015)': Automation Error
    Have not tried the copy paste drag fix as of yet
    Regarding the internet i have tried all the fixes twice but none have worked
    The internet did start up once but when i clicked back on the internet icon again it did not start

    When i tried ipconfig /renew i got unable to contact DHCP Server reuest has timed out
    When i start the infected computer up every time i receive the message
    The procedure entry point SHREG GET VALUEW could not be located in the Dynamic link libary SHLWAPI.dll.
    I tried running dial afix but it gets half way through and stops
    Also got errors such as
    the procedure entry point decodepointer could not be located in the dynamic library KERNEL32.dll
    Reply With Quote Reply With Quote
  9. August 8th, 2010, 06:09 AM #8
    charliewon
    charliewon is offline Virtual Med Student
    Join Date
    Jun 2009
    Posts
    97
    Also got this error
    Error 127: C:\WINDOWS\system32\qmgr.dll is not unregisterable or the file is corrupted. Your version of qmgr.dll is: 6.2.2600.1106.
    Reply With Quote Reply With Quote
  11. August 8th, 2010, 11:26 AM #9
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Go Start>Run ("Start Search" in Vista/7), type in:
    sfc /scannow
    Click OK (hold CTRL, and SHIFT, hit Enter in Vista/7).
    Have Windows CD/DVD handy (with Vista/7, most likely, you won't need it).
    If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista/7 case).
    My Home Page
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules