Solve : Troubling Virus?

1.	Solve : Troubling Virus?
Answer» I forgot to mention that the Security check indicates that you have Panda Antivirus Pro 2012 and Norton 360 running at the same time on your computer. One of these AV's will have to be disabled/uninstalled. ******************************************* Re-running ComboFix to remove infections: Close any open browsers. Close/disable all anti virus and anti malware programs so they do not INTERFERE with the running of ComboFix. Open notepad and copy/paste the text in the quotebox below into it: Quote KillAll:: File:: C:\found.005 C:\found.004 C:\found.003 C:\found.002 C:\found.001 DirLook:: C:\40d9b26e2a8b3f767a C:\ef60c58cdd1f56bf95401cfaf20940ef Firefox:: Trusted Zone: internet Trusted Zone: mcafee.com Save this as CFScript.txt, in the same location as ComboFix.exe Referring to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt Please post the contents of the log in your next reply. ***************************************************** Please go to Jotti's malware scan** (If more than one file needs scanned they must be done separately and links posted for each one) * Copy the file path in the below Code box: Code: [Select]c:\windows\system32\x64 c:\windows\system32\igxpun.exe c:\windows\system32\Drivers\utkwnty5.sys * At the upload site, click once inside the window next to Browse. * Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window. * Next click Submit file * Your file will possibly be entered into a queue which normally takes less than a minute to clear. * This will perform a scan across multiple different virus scanning ENGINES. * Important: Wait for all of the scanning engines to complete. * Once the scan is finished, Copy and then Paste the link in the address bar into your next reply. Sorry it took so long to get back to you I've had more problems with my laptop. I checked the files with jotti and found out that I only have 1 of the files......c:\windows\system32\igxpun.exe the others do not exist on my computer. ComboFix 11-07-15.01 - Feutz 07/15/2011 11:58:26.3.2 - x86 NETWORK Running from: c:\users\Feutz\Desktop\ComboFix.exe Command switches used :: c:\users\Feutz\Desktop\CFScript.txt . FILE :: "C:\found.001" "C:\found.002" "C:\found.003" "C:\found.004" "C:\found.005" . . ((((((((((((((((((((((((( Files Created from 2011-06-15 to 2011-07-15 ))))))))))))))))))))))))))))))) . . 2011-07-15 19:12 . 2011-07-15 19:15--------d-----w-c:\users\Feutz\AppData\Local\temp 2011-07-15 19:12 . 2011-07-15 19:12--------d-----w-c:\users\Robin\AppData\Local\temp 2011-07-15 19:12 . 2011-07-15 19:12--------d-----w-c:\users\Default\AppData\Local\temp 2011-07-15 16:44 . 2011-07-15 16:44--------d-----w-C:\found.007 2011-07-15 16:35 . 2011-07-15 16:35--------d-----w-c:\users\Robin\AppData\Local\Panda Security 2011-07-15 16:35 . 2011-07-15 16:35--------d-----w-c:\users\Robin\AppData\Roaming\SUPERAntiSpyware.com 2011-07-15 05:18 . 2011-07-15 05:18--------d-----w-C:\found.006 2011-07-15 04:41 . 2011-07-15 04:55--------d-----w-c:\windows\$regcmp$ 2011-07-12 12:51 . 2011-07-12 12:51404640----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-12 06:42 . 2011-06-20 15:577074640----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2AE3AC5-D19D-420D-820B-E39A120A10E8}\mpengine.dll 2011-07-09 22:14 . 2011-07-10 17:49--------d-----w-c:\users\Feutz\AppData\Local\Conduit 2011-07-09 16:37 . 2011-07-09 16:37--------d-----w-C:\found.005 2011-07-09 16:30 . 2011-07-09 16:30--------d-----w-C:\40d9b26e2a8b3f767a 2011-07-09 03:07 . 2011-07-15 01:58183180----a-w-c:\windows\system32\drivers\APPFCONT.DAT 2011-07-09 03:07 . 2010-09-09 23:23193864----a-w-c:\windows\system32\drivers\idsflt.sys 2011-07-09 03:07 . 2009-09-25 21:5446856----a-w-c:\windows\system32\drivers\wnmflt.sys 2011-07-09 03:07 . 2009-09-25 21:5453256----a-w-c:\windows\system32\drivers\dsaflt.sys 2011-07-09 03:06 . 2011-01-31 23:4183528----a-w-c:\windows\system32\drivers\APPFLT.SYS 2011-07-09 03:06 . 2009-09-25 21:5422024----a-w-c:\windows\system32\drivers\fnetmon.sys 2011-07-09 03:06 . 2009-09-25 21:54159112----a-w-c:\windows\system32\drivers\NETFLTDI.SYS 2011-07-07 10:00 . 2011-07-07 10:00--------d-----w-C:\ef60c58cdd1f56bf95401cfaf20940ef 2011-07-07 00:18 . 2011-07-07 00:18--------d-----w-C:\78584a5e440f81cc72 2011-07-05 10:00 . 2011-07-05 10:00--------d-----w-C:\760eb5305c2b3efcab91dcc17084bd 2011-07-04 23:18 . 2011-07-04 23:18--------d-----w-C:\found.004 2011-07-04 22:45 . 2011-07-04 22:45--------d-----w-c:\windows\system32\x64 2011-07-04 22:45 . 2008-02-12 03:13920088----a-w-c:\windows\system32\igxpun.exe 2011-07-03 18:51 . 2011-07-03 18:51--------d-----w-c:\users\Feutz\AppData\Local\Panda Security 2011-07-03 18:45 . 2010-06-23 01:1326696----a-w-c:\windows\system32\drivers\pavboot.sys 2011-07-03 18:45 . 2007-03-16 02:3854832----a-w-c:\windows\system32\pavcpl.cpl 2011-07-03 18:45 . 2003-10-23 01:23446464----a-w-c:\windows\system32\HHActiveX.dll 2011-07-03 18:45 . 2010-06-22 00:02193344----a-w-c:\windows\system32\TpUtil.dll 2011-07-03 18:45 . 2010-06-22 00:01520000----a-w-c:\windows\system32\PavSHook.dll 2011-07-03 18:45 . 2010-06-22 00:0187360----a-w-c:\windows\system32\PavLspHook.dll 2011-07-03 18:45 . 2010-06-22 00:0155616----a-w-c:\windows\system32\pavipc.dll 2011-07-03 18:45 . 2007-02-08 17:53107568----a-w-c:\windows\system32\SYSTOOLS.DLL 2011-07-03 18:44 . 2011-07-03 18:45--------d-----w-c:\program files\Panda Security 2011-07-03 18:44 . 2011-07-03 18:44--------d-----w-c:\windows\system32\PAV 2011-07-03 18:44 . 2011-07-03 18:44--------d-----w-c:\users\Feutz\AppData\Roaming\Panda Security 2011-07-03 18:44 . 2011-07-03 18:44--------d-----w-c:\programdata\Panda Security 2011-07-03 18:44 . 2010-09-01 18:09201032----a-w-c:\windows\system32\drivers\neti1644.sys 2011-07-03 18:44 . 2010-05-21 20:5054344----a-w-c:\windows\system32\drivers\amm8660.sys 2011-07-03 18:44 . 2010-03-24 19:5555552----a-w-c:\windows\system32\avldr.dll 2011-07-01 20:05 . 2011-07-01 20:05388096----a-r-c:\users\Feutz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-01 01:28 . 2011-07-01 01:28--------d-----w-c:\users\Feutz\AppData\Roaming\SUPERAntiSpyware.com 2011-07-01 01:28 . 2011-07-01 01:28--------d-----w-c:\programdata\SUPERAntiSpyware.com 2011-07-01 01:28 . 2011-07-01 01:28--------d-----w-c:\program files\SUPERAntiSpyware 2011-06-30 13:03 . 2011-06-30 13:03--------d-----w-C:\d6aaef27f533ca95ed452bdd47deb9 2011-06-30 04:59 . 2011-06-30 04:59--------d-----w-C:\60dd7279dace78af16 2011-06-29 14:05 . 2011-06-29 14:05--------d-----w-C:\6bd801315f181fe169cd3798 2011-06-29 13:14 . 2011-06-29 13:14--------d-----w-C:\058d8e97ce6d35b88fe00fef6563 2011-06-29 00:42 . 2011-06-29 00:43--------d-----w-C:\SMCLPAV 2011-06-28 12:54 . 2005-04-04 06:02753664----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2011-06-28 12:54 . 2005-04-04 06:0269714----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2011-06-28 12:54 . 2005-04-04 06:01274432----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2011-06-28 12:54 . 2005-04-04 06:00184320----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2011-06-28 12:54 . 2005-04-04 05:595632----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2011-06-28 12:54 . 2011-06-28 12:54200836----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2011-06-28 12:54 . 2011-06-28 12:54331908----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2011-06-26 17:25 . 2011-07-05 05:12--------d-----w-c:\users\Feutz\AppData\Roaming\QuickScan 2011-06-26 17:22 . 2011-06-26 17:22--------d-----w-c:\users\Feutz\AppData\Local\Mozilla 2011-06-26 14:44 . 2011-06-26 14:44--------d-----w-C:\a8b79eb2bb60353fc6 2011-06-25 16:25 . 2011-06-25 16:32--------d-----w-c:\users\Feutz\AppData\Local\ElevatedDiagnostics 2011-06-20 17:40 . 2011-06-20 17:40472808----a-w-c:\windows\system32\deployJava1.dll 2011-06-19 20:15 . 2011-06-19 20:15--------d-----w-c:\program files\BeerSmith2 2011-06-19 16:28 . 2011-06-19 16:28--------d-----w-C:\5cee7e0f1b01fbec51c15a1462 2011-06-19 14:16 . 2011-06-20 17:41--------d-----w-c:\program files\Common Files\Java 2011-06-19 14:16 . 2011-06-19 14:16--------d-----w-C:\4756e36812682c0f88ddac0bd9665fb6 2011-06-19 13:54 . 2011-06-19 13:54--------d-----w-C:\found.003 2011-06-19 01:08 . 2011-06-19 01:08--------d-----w-C:\found.002 2011-06-17 01:28 . 2011-06-17 01:28--------d-----w-C:\found.001 2011-06-17 00:52 . 2011-04-14 14:5975264----a-w-c:\windows\system32\drivers\dfsc.sys 2011-06-17 00:52 . 2011-04-21 13:58273408----a-w-c:\windows\system32\drivers\afd.sys 2011-06-17 00:52 . 2011-04-29 13:25146432----a-w-c:\windows\system32\drivers\srv2.sys 2011-06-17 00:52 . 2011-04-29 13:25102400----a-w-c:\windows\system32\drivers\srvnet.sys 2011-06-17 00:37 . 2011-06-17 00:37--------d-----w-c:\users\Robin\AppData\Roaming\AVG10 2011-06-16 02:54 . 2011-06-16 02:59--------d-----w-c:\users\Feutz\AppData\Roaming\AVG 2011-06-16 02:08 . 2010-12-20 16:35563712----a-w-c:\windows\system32\oleaut32.dll 2011-06-16 02:08 . 2011-05-02 17:16739328----a-w-c:\windows\system32\inetcomm.dll 2011-06-16 02:08 . 2011-04-29 13:24214016----a-w-c:\windows\system32\drivers\mrxsmb10.sys 2011-06-16 02:08 . 2011-04-29 13:2479872----a-w-c:\windows\system32\drivers\mrxsmb20.sys 2011-06-16 02:08 . 2011-04-29 13:24106496----a-w-c:\windows\system32\drivers\mrxsmb.sys 2011-06-16 02:08 . 2011-05-02 12:022409784----a-w-c:\program files\Windows Mail\OESpamFilter.dat 2011-06-16 01:03 . 2011-06-16 01:03--------d-----w-C:\$AVG 2011-06-16 00:29 . 2011-06-16 00:29--------d--h--w-c:\programdata\Common Files 2011-06-16 00:27 . 2011-06-30 00:21--------d-----w-c:\programdata\AVG10 2011-06-16 00:16 . 2011-07-01 00:28--------d-----w-c:\program files\AVG 2011-06-16 00:11 . 2011-06-30 00:21--------d-----w-c:\programdata\MFAData . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-02 12:52 . 2011-06-02 12:52161792----a-w-c:\windows\system32\msls31.dll 2011-06-02 12:52 . 2011-06-02 12:521126912----a-w-c:\windows\system32\wininet.dll 2011-06-02 12:52 . 2011-06-02 12:5286528----a-w-c:\windows\system32\iesysprep.dll 2011-06-02 12:52 . 2011-06-02 12:5276800----a-w-c:\windows\system32\SetIEInstalledDate.exe 2011-06-02 12:52 . 2011-06-02 12:5274752----a-w-c:\windows\system32\RegisterIEPKEYs.exe 2011-06-02 12:52 . 2011-06-02 12:5263488----a-w-c:\windows\system32\tdc.ocx 2011-06-02 12:52 . 2011-06-02 12:5248640----a-w-c:\windows\system32\mshtmler.dll 2011-06-02 12:52 . 2011-06-02 12:52367104----a-w-c:\windows\system32\html.iec 2011-06-02 12:52 . 2011-06-02 12:5274752----a-w-c:\windows\system32\iesetup.dll 2011-06-02 12:52 . 2011-06-02 12:5223552----a-w-c:\windows\system32\licmgr10.dll 2011-06-02 12:52 . 2011-06-02 12:52152064----a-w-c:\windows\system32\wextract.exe 2011-06-02 12:52 . 2011-06-02 12:52150528----a-w-c:\windows\system32\iexpress.exe 2011-06-02 12:52 . 2011-06-02 12:521427456----a-w-c:\windows\system32\inetcpl.cpl 2011-06-02 12:52 . 2011-06-02 12:52420864----a-w-c:\windows\system32\vbscript.dll 2011-06-02 12:52 . 2011-06-02 12:5235840----a-w-c:\windows\system32\imgutil.dll 2011-06-02 12:52 . 2011-06-02 12:522382848----a-w-c:\windows\system32\mshtml.tlb 2011-06-02 12:52 . 2011-06-02 12:521797632----a-w-c:\windows\system32\jscript9.dll 2011-06-02 12:52 . 2011-06-02 12:52142848----a-w-c:\windows\system32\ieUnatt.exe 2011-06-02 12:52 . 2011-06-02 12:5211776----a-w-c:\windows\system32\mshta.exe 2011-06-02 12:52 . 2011-06-02 12:52101888----a-w-c:\windows\system32\admparse.dll 2011-06-02 12:52 . 2011-06-02 12:52110592----a-w-c:\windows\system32\IEAdvpack.dll 2011-05-29 16:11 . 2011-03-30 00:0339984----a-w-c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-25 02:14 . 2010-06-27 01:40222080------w-c:\windows\system32\MpSigStub.exe 2011-04-14 16:26 . 2011-06-26 17:22142296----a-w-c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\40d9b26e2a8b3f767a ---- . 2011-07-09 16:30 . 2011-07-09 16:300---ha-w-c:\40d9b26e2a8b3f767a\$shtdwn$.req 2011-03-25 16:08 . 2011-03-25 16:0836514----a-w-c:\40d9b26e2a8b3f767a\1044\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837222----a-w-c:\40d9b26e2a8b3f767a\1045\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836738----a-w-c:\40d9b26e2a8b3f767a\1046\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837656----a-w-c:\40d9b26e2a8b3f767a\1049\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836020----a-w-c:\40d9b26e2a8b3f767a\1053\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836274----a-w-c:\40d9b26e2a8b3f767a\1055\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0827922----a-w-c:\40d9b26e2a8b3f767a\2052\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837404----a-w-c:\40d9b26e2a8b3f767a\2070\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837314----a-w-c:\40d9b26e2a8b3f767a\3082\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0827950----a-w-c:\40d9b26e2a8b3f767a\1028\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836822----a-w-c:\40d9b26e2a8b3f767a\1029\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836050----a-w-c:\40d9b26e2a8b3f767a\1030\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0838050----a-w-c:\40d9b26e2a8b3f767a\1031\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0838958----a-w-c:\40d9b26e2a8b3f767a\1032\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836030----a-w-c:\40d9b26e2a8b3f767a\1035\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837832----a-w-c:\40d9b26e2a8b3f767a\1036\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0832912----a-w-c:\40d9b26e2a8b3f767a\1037\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837822----a-w-c:\40d9b26e2a8b3f767a\1038\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0837192----a-w-c:\40d9b26e2a8b3f767a\1040\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0831108----a-w-c:\40d9b26e2a8b3f767a\1041\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0830194----a-w-c:\40d9b26e2a8b3f767a\1042\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0836962----a-w-c:\40d9b26e2a8b3f767a\1043\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0827950----a-w-c:\40d9b26e2a8b3f767a\3076\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0834086----a-w-c:\40d9b26e2a8b3f767a\1025\LocalizedData.xml 2011-03-25 16:08 . 2011-03-25 16:0865160----a-w-c:\40d9b26e2a8b3f767a\ParameterInfo.xml 2011-03-25 16:03 . 2011-03-25 16:035079552----a-w-c:\40d9b26e2a8b3f767a\NDP40-KB2478663.msp 2011-03-25 15:34 . 2011-03-25 15:343628----a-w-c:\40d9b26e2a8b3f767a\header.bmp 2011-03-25 15:34 . 2011-03-25 15:34196662----a-w-c:\40d9b26e2a8b3f767a\SplashScreen.bmp 2011-03-25 15:34 . 2011-03-25 15:3413606----a-w-c:\40d9b26e2a8b3f767a\Strings.xml 2011-03-25 15:34 . 2011-03-25 15:3436180----a-w-c:\40d9b26e2a8b3f767a\UiInfo.xml 2011-03-25 15:34 . 2011-03-25 15:34104072----a-w-c:\40d9b26e2a8b3f767a\watermark.bmp 2011-03-25 15:34 . 2011-03-25 15:34123035----a-w-c:\40d9b26e2a8b3f767a\1025\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34128333----a-w-c:\40d9b26e2a8b3f767a\1028\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34101146----a-w-c:\40d9b26e2a8b3f767a\1029\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34109464----a-w-c:\40d9b26e2a8b3f767a\1030\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:3491719----a-w-c:\40d9b26e2a8b3f767a\1031\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34102048----a-w-c:\40d9b26e2a8b3f767a\1032\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34138595----a-w-c:\40d9b26e2a8b3f767a\1033\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34111176----a-w-c:\40d9b26e2a8b3f767a\1035\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34133172----a-w-c:\40d9b26e2a8b3f767a\1036\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34125351----a-w-c:\40d9b26e2a8b3f767a\1037\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34110879----a-w-c:\40d9b26e2a8b3f767a\1038\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34124974----a-w-c:\40d9b26e2a8b3f767a\1040\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34111958----a-w-c:\40d9b26e2a8b3f767a\1041\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:3435285----a-w-c:\40d9b26e2a8b3f767a\1043\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:3436083----a-w-c:\40d9b26e2a8b3f767a\1044\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34126541----a-w-c:\40d9b26e2a8b3f767a\1045\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34109574----a-w-c:\40d9b26e2a8b3f767a\1046\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:3449319----a-w-c:\40d9b26e2a8b3f767a\1049\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34125073----a-w-c:\40d9b26e2a8b3f767a\1053\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34112947----a-w-c:\40d9b26e2a8b3f767a\1055\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34110754----a-w-c:\40d9b26e2a8b3f767a\2052\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34125196----a-w-c:\40d9b26e2a8b3f767a\2070\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:342060----a-w-c:\40d9b26e2a8b3f767a\3076\eula.rtf 2011-03-25 15:34 . 2011-03-25 15:34108174----a-w-c:\40d9b26e2a8b3f767a\3082\eula.rtf 2011-03-23 20:12 . 2011-03-23 20:1235802----a-w-c:\40d9b26e2a8b3f767a\1033\LocalizedData.xml 2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\2070\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\3082\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4813656----a-w-c:\40d9b26e2a8b3f767a\2052\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1049\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817240----a-w-c:\40d9b26e2a8b3f767a\1053\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817240----a-w-c:\40d9b26e2a8b3f767a\1055\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1045\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1046\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4814680----a-w-c:\40d9b26e2a8b3f767a\1042\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818776----a-w-c:\40d9b26e2a8b3f767a\1043\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817240----a-w-c:\40d9b26e2a8b3f767a\1044\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1038\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1040\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4815192----a-w-c:\40d9b26e2a8b3f767a\1041\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1036\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4816216----a-w-c:\40d9b26e2a8b3f767a\1037\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818776----a-w-c:\40d9b26e2a8b3f767a\1032\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4816728----a-w-c:\40d9b26e2a8b3f767a\1033\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1035\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1031\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1030\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4813656----a-w-c:\40d9b26e2a8b3f767a\1028\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1029\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:4813656----a-w-c:\40d9b26e2a8b3f767a\3076\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:48295248----a-w-c:\40d9b26e2a8b3f767a\SetupUi.dll 2011-03-22 18:48 . 2011-03-22 18:4816728----a-w-c:\40d9b26e2a8b3f767a\1025\SetupResources.dll 2011-03-22 18:48 . 2011-03-22 18:48809304----a-w-c:\40d9b26e2a8b3f767a\SetupEngine.dll 2011-03-22 18:48 . 2011-03-22 18:4878152----a-w-c:\40d9b26e2a8b3f767a\Setup.exe 2011-03-22 18:35 . 2011-03-22 18:3516118----a-w-c:\40d9b26e2a8b3f767a\DHtmlHeader.html 2011-03-22 18:35 . 2011-03-22 18:3530120----a-w-c:\40d9b26e2a8b3f767a\SetupUi.xsd 2011-03-22 18:35 . 2011-03-22 18:35144416----a-w-c:\40d9b26e2a8b3f767a\sqmapi.dll 2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\Print.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate1.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate2.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate3.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate4.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate5.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate6.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate7.ico 2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate8.ico 2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\Save.ico 2011-03-22 18:31 . 2011-03-22 18:3136710----a-w-c:\40d9b26e2a8b3f767a\Graphics\Setup.ico 2011-03-22 18:31 . 2011-03-22 18:3110134----a-w-c:\40d9b26e2a8b3f767a\Graphics\stop.ico 2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\SysReqMet.ico 2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\SysReqNotMet.ico 2011-03-22 18:31 . 2011-03-22 18:3110134----a-w-c:\40d9b26e2a8b3f767a\Graphics\warn.ico . ---- Directory of C:\ef60c58cdd1f56bf95401cfaf20940ef ---- . 2011-07-07 10:00 . 2011-07-07 10:00788---ha-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\$shtdwn$.req 2011-04-13 19:05 . 2011-04-13 19:0537404----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2070\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0537314----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3082\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536962----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1043\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536514----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1044\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0537222----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1045\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536738----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1046\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0537656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1049\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536020----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1053\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536274----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1055\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0527922----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2052\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0538958----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1032\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536030----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1035\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0537832----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1036\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0532912----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1037\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0537822----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1038\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0537192----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1040\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0531108----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1041\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0530194----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1042\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0534086----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1025\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0527950----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1028\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536822----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1029\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0536050----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1030\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0538050----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1031\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:0527950----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3076\LocalizedData.xml 2011-04-13 19:05 . 2011-04-13 19:053628----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\header.bmp 2011-04-13 19:05 . 2011-04-13 19:0567018----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\ParameterInfo.xml 2011-04-13 19:05 . 2011-04-13 19:05196662----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SplashScreen.bmp 2011-04-13 19:05 . 2011-04-13 19:0513606----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Strings.xml 2011-04-13 19:05 . 2011-04-13 19:0536180----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\UiInfo.xml 2011-04-13 19:05 . 2011-04-13 19:05104072----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\watermark.bmp 2011-04-13 19:05 . 2011-04-13 19:05123035----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1025\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05128333----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1028\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05101146----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1029\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05109464----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1030\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:0591719----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1031\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05102048----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1032\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05138595----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1033\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05111176----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1035\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05133172----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1036\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05125351----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1037\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05110879----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1038\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05124974----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1040\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05111958----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1041\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05149503----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1042\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:0535285----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1043\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:0536083----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1044\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05126541----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1045\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05109574----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1046\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:0549319----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1049\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05125073----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1053\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05112947----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1055\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05110754----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2052\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05125196----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2070\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:052060----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3076\eula.rtf 2011-04-13 19:05 . 2011-04-13 19:05108174----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3082\eula.rtf 2011-04-13 18:37 . 2011-04-13 18:3719201024----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\NDP40-KB2518870.msp 2011-04-13 13:12 . 2011-04-13 13:1235802----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1033\LocalizedData.xml 2011-04-12 21:38 . 2011-04-12 21:3815192----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1041\SetupResources.dll 2011-04-12 21:22 . 2011-04-12 21:2216728----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1025\SetupResources.dll 2011-04-12 21:08 . 2011-04-12 21:0813656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2052\SetupResources.dll 2011-04-12 20:50 . 2011-04-12 20:5013656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1028\SetupResources.dll 2011-04-12 20:50 . 2011-04-12 20:5013656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3076\SetupResources.dll 2011-04-12 20:36 . 2011-04-12 20:3617752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1029\SetupResources.dll 2011-04-12 20:16 . 2011-04-12 20:1617752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1030\SetupResources.dll 2011-04-12 20:01 . 2011-04-12 20:0118264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1031\SetupResources.dll 2011-04-12 19:42 . 2011-04-12 19:4218776----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1032\SetupResources.dll 2011-04-12 19:24 . 2011-04-12 19:2418264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3082\SetupResources.dll 2011-04-12 19:08 . 2011-04-12 19:0817752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1035\SetupResources.dll 2011-04-12 18:51 . 2011-04-12 18:5118264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1036\SetupResources.dll 2011-04-12 18:36 . 2011-04-12 18:3616216----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1037\SetupResources.dll 2011-04-12 18:20 . 2011-04-12 18:2018264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1038\SetupResources.dll 2011-04-12 18:06 . 2011-04-12 18:0617752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1040\SetupResources.dll 2011-04-12 17:49 . 2011-04-12 17:4914680----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1042\SetupResources.dll 2011-04-12 17:31 . 2011-04-12 17:3118776----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1043\SetupResources.dll 2011-04-12 17:17 . 2011-04-12 17:1717240----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1044\SetupResources.dll 2011-04-12 17:03 . 2011-04-12 17:0317752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1045\SetupResources.dll 2011-04-12 16:43 . 2011-04-12 16:4317752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1046\SetupResources.dll 2011-04-12 16:23 . 2011-04-12 16:2318264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2070\SetupResources.dll 2011-04-12 16:00 . 2011-04-12 16:0018264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1049\SetupResources.dll 2011-04-12 15:44 . 2011-04-12 15:4417240----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1053\SetupResources.dll 2011-04-12 15:23 . 2011-04-12 15:2316728----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1033\SetupResources.dll 2011-04-12 15:23 . 2011-04-12 15:2317240----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1055\SetupResources.dll 2011-04-12 15:23 . 2011-04-12 15:23809304----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SetupEngine.dll 2011-04-12 15:23 . 2011-04-12 15:23295248----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SetupUi.dll 2011-04-12 15:23 . 2011-04-12 15:2378152----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Setup.exe 2011-04-12 15:16 . 2011-04-12 15:1616118----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\DHtmlHeader.html 2011-04-12 15:16 . 2011-04-12 15:1630120----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SetupUi.xsd 2011-04-12 15:16 . 2011-04-12 15:16144416----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\sqmapi.dll 2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Print.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate1.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate2.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate3.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate4.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate5.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate6.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate7.ico 2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate8.ico 2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Save.ico 2011-04-12 13:11 . 2011-04-12 13:1136710----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Setup.ico 2011-04-12 13:11 . 2011-04-12 13:1110134----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\stop.ico 2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\SysReqMet.ico 2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\SysReqNotMet.ico 2011-04-12 13:11 . 2011-04-12 13:1110134----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\warn.ico . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2008-07-04 430080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows MEDIA Player\WMPNSCFG.exe" [2008-01-21 202240] "Registry Repair Wizard Scheduler"="c:\program files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" [2011-04-26 1540480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-30 4911104] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-26 413696] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704] "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608] "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 52168] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" [2011-04-13 1000768] "SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" [2011-02-02 70464] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2010-03-24 19:5555552----a-w-c:\windows\System32\avldr.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" . [HKLM\~\startupfolder\C:^Users^Feutz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Feutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-01 15:32421160----a-w-c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-08-10 12:15421888----a-w-c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-11-21 01:151826816----a-w-c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng] 2008-01-30 00:38583048----a-w-c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-02-06 23:25202256----a-w-c:\program files\Common Files\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2010-08-24 09:38247144----a-w-c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Persistence"=c:\windows\system32\igfxpers.exe "IgfxTray"=c:\windows\system32\igfxtray.exe "SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R0 30587362;30587362 Boot Guard Driver;c:\windows\system32\DRIVERS\30587362.sys R1 30587361;30587361;c:\windows\system32\DRIVERS\30587361.sys R1 setup_9.0.0.722_17.06.2011_02-59drv;setup_9.0.0.722_17.06.2011_02-59drv;c:\windows\system32\DRIVERS\3058736.sys R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys R3 SVRPEDRV;SVRPEDRV;c:\windows\System32\sysprep\UP_date\PEDrv.sys R3 utkwnty5;AVZ Kernel Driver;c:\windows\system32\Drivers\utkwnty5.sys S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2010-06-23 26696] S1 APPFLT;App FILTER Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2011-01-31 83528] S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2009-09-25 53256] S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2009-09-25 22024] S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2010-09-09 193864] S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2009-09-25 21:54 159112] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656] S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2010-05-21 54344] S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960] S2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe [2010-08-16 28992] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008] S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976] S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168] S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\DRIVERS\neti1644.sys [2010-09-01 201032] S3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonationREG_MULTI_SZ FontCache . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = .local; uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: internet Trusted Zone: mcafee.com TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\Feutz\AppData\Roaming\Mozilla\Firefox\Profiles\6ut3ou0q.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) . . . *********************************************************************** scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: . ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4017210073-3623525190-2501994021-1000\Software\SecuROM\License information] "datasecu"=hex:c4,80,29,ed,05,d0,45,d9,29,7e,6a,37,9e,64,ce,c2,e9,37,98,c4,c1, 7a,60,54,48,c8,de,53,bb,04,84,f3,48,bf,48,d0,5c,7b,fb,b9,8f,53,3c,c9,29,d9,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . [HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1] "value"="?\07\06\09\16\10\02?" . [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . ------------------------ Other Running Processes ------------------------ . c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\program files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe c:\windows\system32\WLANExt.exe c:\windows\system32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe c:\program files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe c:\program files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe c:\program files\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE c:\toshiba\IVP\ISM\pinger.exe c:\program files\Panda Security\Panda Antivirus Pro 2012\Firewall\PSHOST.EXE c:\program files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\toshiba\IVP\swupdate\swupdtmr.exe c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe c:\windows\system32\TODDSrv.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\vssvc.exe c:\windows\system32\msiexec.exe c:\windows\system32\wermgr.exe . ************************************************************************ . Completion time: 2011-07-15 12:35:38 - machine was rebooted ComboFix-quarantined-files.txt 2011-07-15 19:35 ComboFix2.txt 2011-07-10 16:39 . Pre-Run: 64,561,160,192 bytes free Post-Run: 64,469,340,160 bytes free . - - End Of File - - 85ABDEECE7410EEEB37B7FDE0D3D8A5DQuote Sorry it took so long to get back to you I've had more problems with my laptop What sort of problems? Quote I checked the files with jotti and found out that I only have 1 of the files......c:\windows\system32\igxpun.exe And what did Jotti report about this file? ***************************************************** Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance. Registry Repair Wizard There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry. For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great. Further reading: XP Fixes Myth #1: Registry Cleaners ****************************************************** Re-running ComboFix to remove infections: Close any open browsers. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Open notepad and copy/paste the text in the quotebox below into it: Quote KillAll:: DDS:: Trusted Zone: internet Trusted Zone: mcafee.com File:: C:\found.007 C:\found.006 C:\found.005 C:\found.004 C:\found.003 C:\found.002 C:\found.001 Save this as CFScript.txt, in the same location as ComboFix.exe Referring to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt Please post the contents of the log in your next reply. *************************************************** I need these files checked. Please show me the results by including the link in your reply. Please go to Jotti's malware scan** (If more than one file needs scanned they must be done separately and links posted for each one) * Copy the file path in the below Code box: Code: [Select]c:\windows\system32\DRIVERS\30587361.sys c:\windows\system32\DRIVERS\3058736.sys * At the upload site, click once inside the window next to Browse. * Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window. * Next click Submit file * Your file will possibly be entered into a queue which normally takes less than a minute to clear. * This will perform a scan across multiple different virus scanning engines. * Important: Wait for all of the scanning engines to complete. * Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.

Answer»

I forgot to mention that the Security check indicates that you have Panda Antivirus Pro 2012 and Norton 360 running at the same time on your computer. One of these AV's will have to be disabled/uninstalled.
*********************************************
Re-running ComboFix to remove infections:

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not INTERFERE with the running of ComboFix.
Open notepad and copy/paste the text in the quotebox below into it:
Quote
KillAll::

File::
C:\found.005
C:\found.004
C:\found.003
C:\found.002
C:\found.001

DirLook::
C:\40d9b26e2a8b3f767a
C:\ef60c58cdd1f56bf95401cfaf20940ef

Firefox::
Trusted Zone: internet
Trusted Zone: mcafee.com
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
Please post the contents of the log in your next reply.

*********************************************************
Please go to Jotti's malware scan
(If more than one file needs scanned they must be done separately and links posted for each one)

* Copy the file path in the below Code box:

Code: [Select]c:\windows\system32\x64
c:\windows\system32\igxpun.exe
c:\windows\system32\Drivers\utkwnty5.sys
* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning ENGINES.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
Sorry it took so long to get back to you I've had more problems with my laptop.

I checked the files with jotti and found out that I only have 1 of the files......c:\windows\system32\igxpun.exe
the others do not exist on my computer.

ComboFix 11-07-15.01 - Feutz 07/15/2011 11:58:26.3.2 - x86 NETWORK
Running from: c:\users\Feutz\Desktop\ComboFix.exe
Command switches used :: c:\users\Feutz\Desktop\CFScript.txt
.
FILE ::
"C:\found.001"
"C:\found.002"
"C:\found.003"
"C:\found.004"
"C:\found.005"
.
.
((((((((((((((((((((((((( Files Created from 2011-06-15 to 2011-07-15 )))))))))))))))))))))))))))))))
.
.
2011-07-15 19:12 . 2011-07-15 19:15--------d-----w-c:\users\Feutz\AppData\Local\temp
2011-07-15 19:12 . 2011-07-15 19:12--------d-----w-c:\users\Robin\AppData\Local\temp
2011-07-15 19:12 . 2011-07-15 19:12--------d-----w-c:\users\Default\AppData\Local\temp
2011-07-15 16:44 . 2011-07-15 16:44--------d-----w-C:\found.007
2011-07-15 16:35 . 2011-07-15 16:35--------d-----w-c:\users\Robin\AppData\Local\Panda Security
2011-07-15 16:35 . 2011-07-15 16:35--------d-----w-c:\users\Robin\AppData\Roaming\SUPERAntiSpyware.com
2011-07-15 05:18 . 2011-07-15 05:18--------d-----w-C:\found.006
2011-07-15 04:41 . 2011-07-15 04:55--------d-----w-c:\windows\$regcmp$
2011-07-12 12:51 . 2011-07-12 12:51404640----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-12 06:42 . 2011-06-20 15:577074640----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2AE3AC5-D19D-420D-820B-E39A120A10E8}\mpengine.dll
2011-07-09 22:14 . 2011-07-10 17:49--------d-----w-c:\users\Feutz\AppData\Local\Conduit
2011-07-09 16:37 . 2011-07-09 16:37--------d-----w-C:\found.005
2011-07-09 16:30 . 2011-07-09 16:30--------d-----w-C:\40d9b26e2a8b3f767a
2011-07-09 03:07 . 2011-07-15 01:58183180----a-w-c:\windows\system32\drivers\APPFCONT.DAT
2011-07-09 03:07 . 2010-09-09 23:23193864----a-w-c:\windows\system32\drivers\idsflt.sys
2011-07-09 03:07 . 2009-09-25 21:5446856----a-w-c:\windows\system32\drivers\wnmflt.sys
2011-07-09 03:07 . 2009-09-25 21:5453256----a-w-c:\windows\system32\drivers\dsaflt.sys
2011-07-09 03:06 . 2011-01-31 23:4183528----a-w-c:\windows\system32\drivers\APPFLT.SYS
2011-07-09 03:06 . 2009-09-25 21:5422024----a-w-c:\windows\system32\drivers\fnetmon.sys
2011-07-09 03:06 . 2009-09-25 21:54159112----a-w-c:\windows\system32\drivers\NETFLTDI.SYS
2011-07-07 10:00 . 2011-07-07 10:00--------d-----w-C:\ef60c58cdd1f56bf95401cfaf20940ef
2011-07-07 00:18 . 2011-07-07 00:18--------d-----w-C:\78584a5e440f81cc72
2011-07-05 10:00 . 2011-07-05 10:00--------d-----w-C:\760eb5305c2b3efcab91dcc17084bd
2011-07-04 23:18 . 2011-07-04 23:18--------d-----w-C:\found.004
2011-07-04 22:45 . 2011-07-04 22:45--------d-----w-c:\windows\system32\x64
2011-07-04 22:45 . 2008-02-12 03:13920088----a-w-c:\windows\system32\igxpun.exe
2011-07-03 18:51 . 2011-07-03 18:51--------d-----w-c:\users\Feutz\AppData\Local\Panda Security
2011-07-03 18:45 . 2010-06-23 01:1326696----a-w-c:\windows\system32\drivers\pavboot.sys
2011-07-03 18:45 . 2007-03-16 02:3854832----a-w-c:\windows\system32\pavcpl.cpl
2011-07-03 18:45 . 2003-10-23 01:23446464----a-w-c:\windows\system32\HHActiveX.dll
2011-07-03 18:45 . 2010-06-22 00:02193344----a-w-c:\windows\system32\TpUtil.dll
2011-07-03 18:45 . 2010-06-22 00:01520000----a-w-c:\windows\system32\PavSHook.dll
2011-07-03 18:45 . 2010-06-22 00:0187360----a-w-c:\windows\system32\PavLspHook.dll
2011-07-03 18:45 . 2010-06-22 00:0155616----a-w-c:\windows\system32\pavipc.dll
2011-07-03 18:45 . 2007-02-08 17:53107568----a-w-c:\windows\system32\SYSTOOLS.DLL
2011-07-03 18:44 . 2011-07-03 18:45--------d-----w-c:\program files\Panda Security
2011-07-03 18:44 . 2011-07-03 18:44--------d-----w-c:\windows\system32\PAV
2011-07-03 18:44 . 2011-07-03 18:44--------d-----w-c:\users\Feutz\AppData\Roaming\Panda Security
2011-07-03 18:44 . 2011-07-03 18:44--------d-----w-c:\programdata\Panda Security
2011-07-03 18:44 . 2010-09-01 18:09201032----a-w-c:\windows\system32\drivers\neti1644.sys
2011-07-03 18:44 . 2010-05-21 20:5054344----a-w-c:\windows\system32\drivers\amm8660.sys
2011-07-03 18:44 . 2010-03-24 19:5555552----a-w-c:\windows\system32\avldr.dll
2011-07-01 20:05 . 2011-07-01 20:05388096----a-r-c:\users\Feutz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-01 01:28 . 2011-07-01 01:28--------d-----w-c:\users\Feutz\AppData\Roaming\SUPERAntiSpyware.com
2011-07-01 01:28 . 2011-07-01 01:28--------d-----w-c:\programdata\SUPERAntiSpyware.com
2011-07-01 01:28 . 2011-07-01 01:28--------d-----w-c:\program files\SUPERAntiSpyware
2011-06-30 13:03 . 2011-06-30 13:03--------d-----w-C:\d6aaef27f533ca95ed452bdd47deb9
2011-06-30 04:59 . 2011-06-30 04:59--------d-----w-C:\60dd7279dace78af16
2011-06-29 14:05 . 2011-06-29 14:05--------d-----w-C:\6bd801315f181fe169cd3798
2011-06-29 13:14 . 2011-06-29 13:14--------d-----w-C:\058d8e97ce6d35b88fe00fef6563
2011-06-29 00:42 . 2011-06-29 00:43--------d-----w-C:\SMCLPAV
2011-06-28 12:54 . 2005-04-04 06:02753664----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-06-28 12:54 . 2005-04-04 06:0269714----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-06-28 12:54 . 2005-04-04 06:01274432----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-06-28 12:54 . 2005-04-04 06:00184320----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-06-28 12:54 . 2005-04-04 05:595632----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-06-28 12:54 . 2011-06-28 12:54200836----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-06-28 12:54 . 2011-06-28 12:54331908----a-w-c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-06-26 17:25 . 2011-07-05 05:12--------d-----w-c:\users\Feutz\AppData\Roaming\QuickScan
2011-06-26 17:22 . 2011-06-26 17:22--------d-----w-c:\users\Feutz\AppData\Local\Mozilla
2011-06-26 14:44 . 2011-06-26 14:44--------d-----w-C:\a8b79eb2bb60353fc6
2011-06-25 16:25 . 2011-06-25 16:32--------d-----w-c:\users\Feutz\AppData\Local\ElevatedDiagnostics
2011-06-20 17:40 . 2011-06-20 17:40472808----a-w-c:\windows\system32\deployJava1.dll
2011-06-19 20:15 . 2011-06-19 20:15--------d-----w-c:\program files\BeerSmith2
2011-06-19 16:28 . 2011-06-19 16:28--------d-----w-C:\5cee7e0f1b01fbec51c15a1462
2011-06-19 14:16 . 2011-06-20 17:41--------d-----w-c:\program files\Common Files\Java
2011-06-19 14:16 . 2011-06-19 14:16--------d-----w-C:\4756e36812682c0f88ddac0bd9665fb6
2011-06-19 13:54 . 2011-06-19 13:54--------d-----w-C:\found.003
2011-06-19 01:08 . 2011-06-19 01:08--------d-----w-C:\found.002
2011-06-17 01:28 . 2011-06-17 01:28--------d-----w-C:\found.001
2011-06-17 00:52 . 2011-04-14 14:5975264----a-w-c:\windows\system32\drivers\dfsc.sys
2011-06-17 00:52 . 2011-04-21 13:58273408----a-w-c:\windows\system32\drivers\afd.sys
2011-06-17 00:52 . 2011-04-29 13:25146432----a-w-c:\windows\system32\drivers\srv2.sys
2011-06-17 00:52 . 2011-04-29 13:25102400----a-w-c:\windows\system32\drivers\srvnet.sys
2011-06-17 00:37 . 2011-06-17 00:37--------d-----w-c:\users\Robin\AppData\Roaming\AVG10
2011-06-16 02:54 . 2011-06-16 02:59--------d-----w-c:\users\Feutz\AppData\Roaming\AVG
2011-06-16 02:08 . 2010-12-20 16:35563712----a-w-c:\windows\system32\oleaut32.dll
2011-06-16 02:08 . 2011-05-02 17:16739328----a-w-c:\windows\system32\inetcomm.dll
2011-06-16 02:08 . 2011-04-29 13:24214016----a-w-c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 02:08 . 2011-04-29 13:2479872----a-w-c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 02:08 . 2011-04-29 13:24106496----a-w-c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 02:08 . 2011-05-02 12:022409784----a-w-c:\program files\Windows Mail\OESpamFilter.dat
2011-06-16 01:03 . 2011-06-16 01:03--------d-----w-C:\$AVG
2011-06-16 00:29 . 2011-06-16 00:29--------d--h--w-c:\programdata\Common Files
2011-06-16 00:27 . 2011-06-30 00:21--------d-----w-c:\programdata\AVG10
2011-06-16 00:16 . 2011-07-01 00:28--------d-----w-c:\program files\AVG
2011-06-16 00:11 . 2011-06-30 00:21--------d-----w-c:\programdata\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 12:52 . 2011-06-02 12:52161792----a-w-c:\windows\system32\msls31.dll
2011-06-02 12:52 . 2011-06-02 12:521126912----a-w-c:\windows\system32\wininet.dll
2011-06-02 12:52 . 2011-06-02 12:5286528----a-w-c:\windows\system32\iesysprep.dll
2011-06-02 12:52 . 2011-06-02 12:5276800----a-w-c:\windows\system32\SetIEInstalledDate.exe
2011-06-02 12:52 . 2011-06-02 12:5274752----a-w-c:\windows\system32\RegisterIEPKEYs.exe
2011-06-02 12:52 . 2011-06-02 12:5263488----a-w-c:\windows\system32\tdc.ocx
2011-06-02 12:52 . 2011-06-02 12:5248640----a-w-c:\windows\system32\mshtmler.dll
2011-06-02 12:52 . 2011-06-02 12:52367104----a-w-c:\windows\system32\html.iec
2011-06-02 12:52 . 2011-06-02 12:5274752----a-w-c:\windows\system32\iesetup.dll
2011-06-02 12:52 . 2011-06-02 12:5223552----a-w-c:\windows\system32\licmgr10.dll
2011-06-02 12:52 . 2011-06-02 12:52152064----a-w-c:\windows\system32\wextract.exe
2011-06-02 12:52 . 2011-06-02 12:52150528----a-w-c:\windows\system32\iexpress.exe
2011-06-02 12:52 . 2011-06-02 12:521427456----a-w-c:\windows\system32\inetcpl.cpl
2011-06-02 12:52 . 2011-06-02 12:52420864----a-w-c:\windows\system32\vbscript.dll
2011-06-02 12:52 . 2011-06-02 12:5235840----a-w-c:\windows\system32\imgutil.dll
2011-06-02 12:52 . 2011-06-02 12:522382848----a-w-c:\windows\system32\mshtml.tlb
2011-06-02 12:52 . 2011-06-02 12:521797632----a-w-c:\windows\system32\jscript9.dll
2011-06-02 12:52 . 2011-06-02 12:52142848----a-w-c:\windows\system32\ieUnatt.exe
2011-06-02 12:52 . 2011-06-02 12:5211776----a-w-c:\windows\system32\mshta.exe
2011-06-02 12:52 . 2011-06-02 12:52101888----a-w-c:\windows\system32\admparse.dll
2011-06-02 12:52 . 2011-06-02 12:52110592----a-w-c:\windows\system32\IEAdvpack.dll
2011-05-29 16:11 . 2011-03-30 00:0339984----a-w-c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-25 02:14 . 2010-06-27 01:40222080------w-c:\windows\system32\MpSigStub.exe
2011-04-14 16:26 . 2011-06-26 17:22142296----a-w-c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\40d9b26e2a8b3f767a ----
.
2011-07-09 16:30 . 2011-07-09 16:300---ha-w-c:\40d9b26e2a8b3f767a\$shtdwn$.req
2011-03-25 16:08 . 2011-03-25 16:0836514----a-w-c:\40d9b26e2a8b3f767a\1044\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837222----a-w-c:\40d9b26e2a8b3f767a\1045\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836738----a-w-c:\40d9b26e2a8b3f767a\1046\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837656----a-w-c:\40d9b26e2a8b3f767a\1049\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836020----a-w-c:\40d9b26e2a8b3f767a\1053\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836274----a-w-c:\40d9b26e2a8b3f767a\1055\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0827922----a-w-c:\40d9b26e2a8b3f767a\2052\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837404----a-w-c:\40d9b26e2a8b3f767a\2070\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837314----a-w-c:\40d9b26e2a8b3f767a\3082\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0827950----a-w-c:\40d9b26e2a8b3f767a\1028\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836822----a-w-c:\40d9b26e2a8b3f767a\1029\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836050----a-w-c:\40d9b26e2a8b3f767a\1030\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0838050----a-w-c:\40d9b26e2a8b3f767a\1031\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0838958----a-w-c:\40d9b26e2a8b3f767a\1032\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836030----a-w-c:\40d9b26e2a8b3f767a\1035\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837832----a-w-c:\40d9b26e2a8b3f767a\1036\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0832912----a-w-c:\40d9b26e2a8b3f767a\1037\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837822----a-w-c:\40d9b26e2a8b3f767a\1038\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0837192----a-w-c:\40d9b26e2a8b3f767a\1040\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0831108----a-w-c:\40d9b26e2a8b3f767a\1041\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0830194----a-w-c:\40d9b26e2a8b3f767a\1042\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0836962----a-w-c:\40d9b26e2a8b3f767a\1043\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0827950----a-w-c:\40d9b26e2a8b3f767a\3076\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0834086----a-w-c:\40d9b26e2a8b3f767a\1025\LocalizedData.xml
2011-03-25 16:08 . 2011-03-25 16:0865160----a-w-c:\40d9b26e2a8b3f767a\ParameterInfo.xml
2011-03-25 16:03 . 2011-03-25 16:035079552----a-w-c:\40d9b26e2a8b3f767a\NDP40-KB2478663.msp
2011-03-25 15:34 . 2011-03-25 15:343628----a-w-c:\40d9b26e2a8b3f767a\header.bmp
2011-03-25 15:34 . 2011-03-25 15:34196662----a-w-c:\40d9b26e2a8b3f767a\SplashScreen.bmp
2011-03-25 15:34 . 2011-03-25 15:3413606----a-w-c:\40d9b26e2a8b3f767a\Strings.xml
2011-03-25 15:34 . 2011-03-25 15:3436180----a-w-c:\40d9b26e2a8b3f767a\UiInfo.xml
2011-03-25 15:34 . 2011-03-25 15:34104072----a-w-c:\40d9b26e2a8b3f767a\watermark.bmp
2011-03-25 15:34 . 2011-03-25 15:34123035----a-w-c:\40d9b26e2a8b3f767a\1025\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34128333----a-w-c:\40d9b26e2a8b3f767a\1028\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34101146----a-w-c:\40d9b26e2a8b3f767a\1029\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34109464----a-w-c:\40d9b26e2a8b3f767a\1030\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:3491719----a-w-c:\40d9b26e2a8b3f767a\1031\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34102048----a-w-c:\40d9b26e2a8b3f767a\1032\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34138595----a-w-c:\40d9b26e2a8b3f767a\1033\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34111176----a-w-c:\40d9b26e2a8b3f767a\1035\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34133172----a-w-c:\40d9b26e2a8b3f767a\1036\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34125351----a-w-c:\40d9b26e2a8b3f767a\1037\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34110879----a-w-c:\40d9b26e2a8b3f767a\1038\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34124974----a-w-c:\40d9b26e2a8b3f767a\1040\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34111958----a-w-c:\40d9b26e2a8b3f767a\1041\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:3435285----a-w-c:\40d9b26e2a8b3f767a\1043\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:3436083----a-w-c:\40d9b26e2a8b3f767a\1044\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34126541----a-w-c:\40d9b26e2a8b3f767a\1045\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34109574----a-w-c:\40d9b26e2a8b3f767a\1046\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:3449319----a-w-c:\40d9b26e2a8b3f767a\1049\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34125073----a-w-c:\40d9b26e2a8b3f767a\1053\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34112947----a-w-c:\40d9b26e2a8b3f767a\1055\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34110754----a-w-c:\40d9b26e2a8b3f767a\2052\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34125196----a-w-c:\40d9b26e2a8b3f767a\2070\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:342060----a-w-c:\40d9b26e2a8b3f767a\3076\eula.rtf
2011-03-25 15:34 . 2011-03-25 15:34108174----a-w-c:\40d9b26e2a8b3f767a\3082\eula.rtf
2011-03-23 20:12 . 2011-03-23 20:1235802----a-w-c:\40d9b26e2a8b3f767a\1033\LocalizedData.xml
2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\2070\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\3082\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4813656----a-w-c:\40d9b26e2a8b3f767a\2052\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1049\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817240----a-w-c:\40d9b26e2a8b3f767a\1053\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817240----a-w-c:\40d9b26e2a8b3f767a\1055\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1045\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1046\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4814680----a-w-c:\40d9b26e2a8b3f767a\1042\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818776----a-w-c:\40d9b26e2a8b3f767a\1043\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817240----a-w-c:\40d9b26e2a8b3f767a\1044\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1038\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1040\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4815192----a-w-c:\40d9b26e2a8b3f767a\1041\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1036\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4816216----a-w-c:\40d9b26e2a8b3f767a\1037\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818776----a-w-c:\40d9b26e2a8b3f767a\1032\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4816728----a-w-c:\40d9b26e2a8b3f767a\1033\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1035\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4818264----a-w-c:\40d9b26e2a8b3f767a\1031\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1030\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4813656----a-w-c:\40d9b26e2a8b3f767a\1028\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4817752----a-w-c:\40d9b26e2a8b3f767a\1029\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:4813656----a-w-c:\40d9b26e2a8b3f767a\3076\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:48295248----a-w-c:\40d9b26e2a8b3f767a\SetupUi.dll
2011-03-22 18:48 . 2011-03-22 18:4816728----a-w-c:\40d9b26e2a8b3f767a\1025\SetupResources.dll
2011-03-22 18:48 . 2011-03-22 18:48809304----a-w-c:\40d9b26e2a8b3f767a\SetupEngine.dll
2011-03-22 18:48 . 2011-03-22 18:4878152----a-w-c:\40d9b26e2a8b3f767a\Setup.exe
2011-03-22 18:35 . 2011-03-22 18:3516118----a-w-c:\40d9b26e2a8b3f767a\DHtmlHeader.html
2011-03-22 18:35 . 2011-03-22 18:3530120----a-w-c:\40d9b26e2a8b3f767a\SetupUi.xsd
2011-03-22 18:35 . 2011-03-22 18:35144416----a-w-c:\40d9b26e2a8b3f767a\sqmapi.dll
2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\Print.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate1.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate2.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate3.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate4.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate5.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate6.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate7.ico
2011-03-22 18:31 . 2011-03-22 18:31894----a-w-c:\40d9b26e2a8b3f767a\Graphics\Rotate8.ico
2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\Save.ico
2011-03-22 18:31 . 2011-03-22 18:3136710----a-w-c:\40d9b26e2a8b3f767a\Graphics\Setup.ico
2011-03-22 18:31 . 2011-03-22 18:3110134----a-w-c:\40d9b26e2a8b3f767a\Graphics\stop.ico
2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\SysReqMet.ico
2011-03-22 18:31 . 2011-03-22 18:311150----a-w-c:\40d9b26e2a8b3f767a\Graphics\SysReqNotMet.ico
2011-03-22 18:31 . 2011-03-22 18:3110134----a-w-c:\40d9b26e2a8b3f767a\Graphics\warn.ico
.
---- Directory of C:\ef60c58cdd1f56bf95401cfaf20940ef ----
.
2011-07-07 10:00 . 2011-07-07 10:00788---ha-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\$shtdwn$.req
2011-04-13 19:05 . 2011-04-13 19:0537404----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2070\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0537314----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3082\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536962----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1043\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536514----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1044\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0537222----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1045\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536738----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1046\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0537656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1049\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536020----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1053\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536274----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1055\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0527922----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2052\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0538958----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1032\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536030----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1035\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0537832----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1036\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0532912----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1037\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0537822----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1038\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0537192----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1040\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0531108----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1041\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0530194----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1042\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0534086----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1025\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0527950----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1028\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536822----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1029\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0536050----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1030\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0538050----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1031\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:0527950----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3076\LocalizedData.xml
2011-04-13 19:05 . 2011-04-13 19:053628----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\header.bmp
2011-04-13 19:05 . 2011-04-13 19:0567018----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\ParameterInfo.xml
2011-04-13 19:05 . 2011-04-13 19:05196662----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SplashScreen.bmp
2011-04-13 19:05 . 2011-04-13 19:0513606----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Strings.xml
2011-04-13 19:05 . 2011-04-13 19:0536180----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\UiInfo.xml
2011-04-13 19:05 . 2011-04-13 19:05104072----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\watermark.bmp
2011-04-13 19:05 . 2011-04-13 19:05123035----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1025\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05128333----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1028\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05101146----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1029\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05109464----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1030\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:0591719----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1031\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05102048----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1032\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05138595----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1033\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05111176----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1035\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05133172----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1036\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05125351----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1037\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05110879----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1038\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05124974----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1040\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05111958----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1041\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05149503----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1042\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:0535285----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1043\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:0536083----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1044\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05126541----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1045\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05109574----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1046\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:0549319----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1049\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05125073----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1053\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05112947----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1055\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05110754----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2052\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05125196----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2070\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:052060----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3076\eula.rtf
2011-04-13 19:05 . 2011-04-13 19:05108174----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3082\eula.rtf
2011-04-13 18:37 . 2011-04-13 18:3719201024----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\NDP40-KB2518870.msp
2011-04-13 13:12 . 2011-04-13 13:1235802----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1033\LocalizedData.xml
2011-04-12 21:38 . 2011-04-12 21:3815192----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1041\SetupResources.dll
2011-04-12 21:22 . 2011-04-12 21:2216728----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1025\SetupResources.dll
2011-04-12 21:08 . 2011-04-12 21:0813656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2052\SetupResources.dll
2011-04-12 20:50 . 2011-04-12 20:5013656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1028\SetupResources.dll
2011-04-12 20:50 . 2011-04-12 20:5013656----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3076\SetupResources.dll
2011-04-12 20:36 . 2011-04-12 20:3617752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1029\SetupResources.dll
2011-04-12 20:16 . 2011-04-12 20:1617752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1030\SetupResources.dll
2011-04-12 20:01 . 2011-04-12 20:0118264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1031\SetupResources.dll
2011-04-12 19:42 . 2011-04-12 19:4218776----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1032\SetupResources.dll
2011-04-12 19:24 . 2011-04-12 19:2418264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\3082\SetupResources.dll
2011-04-12 19:08 . 2011-04-12 19:0817752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1035\SetupResources.dll
2011-04-12 18:51 . 2011-04-12 18:5118264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1036\SetupResources.dll
2011-04-12 18:36 . 2011-04-12 18:3616216----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1037\SetupResources.dll
2011-04-12 18:20 . 2011-04-12 18:2018264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1038\SetupResources.dll
2011-04-12 18:06 . 2011-04-12 18:0617752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1040\SetupResources.dll
2011-04-12 17:49 . 2011-04-12 17:4914680----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1042\SetupResources.dll
2011-04-12 17:31 . 2011-04-12 17:3118776----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1043\SetupResources.dll
2011-04-12 17:17 . 2011-04-12 17:1717240----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1044\SetupResources.dll
2011-04-12 17:03 . 2011-04-12 17:0317752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1045\SetupResources.dll
2011-04-12 16:43 . 2011-04-12 16:4317752----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1046\SetupResources.dll
2011-04-12 16:23 . 2011-04-12 16:2318264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\2070\SetupResources.dll
2011-04-12 16:00 . 2011-04-12 16:0018264----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1049\SetupResources.dll
2011-04-12 15:44 . 2011-04-12 15:4417240----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1053\SetupResources.dll
2011-04-12 15:23 . 2011-04-12 15:2316728----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1033\SetupResources.dll
2011-04-12 15:23 . 2011-04-12 15:2317240----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\1055\SetupResources.dll
2011-04-12 15:23 . 2011-04-12 15:23809304----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SetupEngine.dll
2011-04-12 15:23 . 2011-04-12 15:23295248----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SetupUi.dll
2011-04-12 15:23 . 2011-04-12 15:2378152----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Setup.exe
2011-04-12 15:16 . 2011-04-12 15:1616118----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\DHtmlHeader.html
2011-04-12 15:16 . 2011-04-12 15:1630120----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\SetupUi.xsd
2011-04-12 15:16 . 2011-04-12 15:16144416----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\sqmapi.dll
2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Print.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate1.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate2.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate3.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate4.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate5.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate6.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate7.ico
2011-04-12 13:11 . 2011-04-12 13:11894----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Rotate8.ico
2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Save.ico
2011-04-12 13:11 . 2011-04-12 13:1136710----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\Setup.ico
2011-04-12 13:11 . 2011-04-12 13:1110134----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\stop.ico
2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\SysReqMet.ico
2011-04-12 13:11 . 2011-04-12 13:111150----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\SysReqNotMet.ico
2011-04-12 13:11 . 2011-04-12 13:1110134----a-w-c:\ef60c58cdd1f56bf95401cfaf20940ef\Graphics\warn.ico
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2008-07-04 430080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows MEDIA Player\WMPNSCFG.exe" [2008-01-21 202240]
"Registry Repair Wizard Scheduler"="c:\program files\SmartPCTools\Registry Repair Wizard\RCHelper.exe" [2011-04-26 1540480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-30 4911104]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-26 413696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 52168]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE" [2011-04-13 1000768]
"SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2012\Inicio.exe" [2011-02-02 70464]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2010-03-24 19:5555552----a-w-c:\windows\System32\avldr.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Feutz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Feutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 15:32421160----a-w-c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 12:15421888----a-w-c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-21 01:151826816----a-w-c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-30 00:38583048----a-w-c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-02-06 23:25202256----a-w-c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38247144----a-w-c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Persistence"=c:\windows\system32\igfxpers.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R0 30587362;30587362 Boot Guard Driver;c:\windows\system32\DRIVERS\30587362.sys

R1 30587361;30587361;c:\windows\system32\DRIVERS\30587361.sys

R1 setup_9.0.0.722_17.06.2011_02-59drv;setup_9.0.0.722_17.06.2011_02-59drv;c:\windows\system32\DRIVERS\3058736.sys

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys

R3 SVRPEDRV;SVRPEDRV;c:\windows\System32\sysprep\UP_date\PEDrv.sys

R3 utkwnty5;AVZ Kernel Driver;c:\windows\system32\Drivers\utkwnty5.sys

S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2010-06-23 26696]
S1 APPFLT;App FILTER Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2011-01-31 83528]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2009-09-25 53256]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2009-09-25 22024]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2010-09-09 193864]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2009-09-25 21:54 159112]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2010-05-21 54344]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe [2010-08-16 28992]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\DRIVERS\neti1644.sys [2010-09-01 201032]
S3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys

S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys

.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonationREG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local;
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Feutz\AppData\Roaming\Mozilla\Firefox\Profiles\6ut3ou0q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4017210073-3623525190-2501994021-1000\Software\SecuROM\License information*]
"datasecu"=hex:c4,80,29,ed,05,d0,45,d9,29,7e,6a,37,9e,64,ce,c2,e9,37,98,c4,c1,
7a,60,54,48,c8,de,53,bb,04,84,f3,48,bf,48,d0,5c,7b,fb,b9,8f,53,3c,c9,29,d9,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\07\06\09\16\10\02?"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\TPSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE
c:\toshiba\IVP\ISM\pinger.exe
c:\program files\Panda Security\Panda Antivirus Pro 2012\Firewall\PSHOST.EXE
c:\program files\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\toshiba\IVP\swupdate\swupdtmr.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\vssvc.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wermgr.exe
.
**************************************************************************
.
Completion time: 2011-07-15 12:35:38 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-15 19:35
ComboFix2.txt 2011-07-10 16:39
.
Pre-Run: 64,561,160,192 bytes free
Post-Run: 64,469,340,160 bytes free
.
- - End Of File - - 85ABDEECE7410EEEB37B7FDE0D3D8A5DQuote

Sorry it took so long to get back to you I've had more problems with my laptop

What sort of problems?

Quote

I checked the files with jotti and found out that I only have 1 of the files......c:\windows\system32\igxpun.exe

And what did Jotti report about this file?

*********************************************************
Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.
Registry Repair Wizard
There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: XP Fixes Myth #1: Registry Cleaners
**********************************************************
Re-running ComboFix to remove infections:

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open notepad and copy/paste the text in the quotebox below into it:
Quote
KillAll::
DDS::
Trusted Zone: internet
Trusted Zone: mcafee.com

File::
C:\found.007
C:\found.006
C:\found.005
C:\found.004
C:\found.003
C:\found.002
C:\found.001
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
Please post the contents of the log in your next reply.

*******************************************************
I need these files checked. Please show me the results by including the link in your reply.

Please go to Jotti's malware scan
(If more than one file needs scanned they must be done separately and links posted for each one)

* Copy the file path in the below Code box:

Code: [Select]c:\windows\system32\DRIVERS\30587361.sys
c:\windows\system32\DRIVERS\3058736.sys
* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.

Solve : Troubling Virus?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment