« previous next »
Pages: [1]

Author Topic: PC problem (maybe due to usb virus)  (Read 1109 times)

Offline treasurechest

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
PC problem (maybe due to usb virus)
« on: February 16, 2011, 09:15:13 AM »
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:14:55 PM, on 2/16/2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
D:\Windows\system32\taskhost.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
D:\Program Files\Epson Software\Event Manager\EEventManager.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
D:\Windows\System32\spool\drivers\w32x86\3\E_FATIGGI.EXE
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
D:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Sun Broadband Wireless\Sun Broadband Wireless.exe
D:\Users\cj\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: XfireXO - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [D3DOverrider] "D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverriderWrapper.exe" /s
O4 - HKLM\..\Run: [BCSSync] "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [VolPanel] "D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] D:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [RunDLLEntry] D:\Windows\system32\RunDLL32.exe D:\Windows\system32\AmbRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [NokiaMServer] D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [EEventManager] "D:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [NokiaOviSuite2] D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [EPSON TX121 Series] D:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGGI.EXE /FU "D:\Windows\TEMP\E_S5C90.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: cssrs.exe
O4 - Startup: OpenOffice.org 3.2.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0BC0CED5-EF5F-4D19-A3AA-E87837B92A4E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E62D2DE-F096-498A-AF8B-34BAA9BD0D3A}: NameServer = 202.126.40.5 222.127.143.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{E39683B5-27CD-4DF9-AF3B-0DCC2B357DA7}: NameServer = 202.126.40.5 222.127.143.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{0BC0CED5-EF5F-4D19-A3AA-E87837B92A4E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{0BC0CED5-EF5F-4D19-A3AA-E87837B92A4E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - D:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: AODService - Unknown owner - D:\Program Files\AMD\OverDrive\AODAssist.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - D:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Dolby Digital Live Pack Licensing Service - Unknown owner - D:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe (file missing)
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - D:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\Blaze Media Pro\NMSAccess32.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 9309 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
PC problem (maybe due to usb virus)
« Reply #1 on: February 16, 2011, 07:42:24 PM »
Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.
    Right click on OTL.exe and choose to "Run as Administrator"
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline treasurechest

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
PC problem (maybe due to usb virus)
« Reply #2 on: February 16, 2011, 08:10:12 PM »
Quote
OTL logfile created on: 2/17/2011 9:07:40 AM - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = D:\Users\cj\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 70.20 Mb Free Space | 70.21% Space Free | Partition Type: NTFS
Drive D: | 446.12 Gb Total Space | 233.91 Gb Free Space | 52.43% Space Free | Partition Type: NTFS
Drive E: | 5.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 19.53 Gb Total Space | 19.44 Gb Free Space | 99.55% Space Free | Partition Type: NTFS
Drive H: | 21.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: CJ-PC | User Name: cj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/02/17 09:04:40 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Users\cj\Downloads\OTL.exe
PRC - [2011/01/31 12:16:40 | 000,703,360 | ---- | M] (Nokia) -- D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/12/12 03:24:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/12 03:24:01 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/12/04 13:45:18 | 000,086,016 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\Sun Broadband Wireless.exe
PRC - [2010/11/23 17:49:24 | 001,540,096 | ---- | M] (Nokia) -- D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/11/16 14:48:32 | 000,152,576 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010/10/16 12:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/03 16:15:44 | 009,726,568 | ---- | M] (Realtek Semiconductor) -- D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2010/09/03 16:15:44 | 001,493,608 | ---- | M] (Realtek Semiconductor) -- D:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/22 14:41:30 | 000,142,848 | -HS- | M] () -- D:\Users\cj\AppData\Roaming\cssrs.exe
PRC - [2010/07/22 14:41:30 | 000,142,848 | ---- | M] () -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/05/21 14:14:34 | 007,987,720 | ---- | M] (ASRock Incorporation) -- D:\Program Files\ASRock Utility\IES\AsrIes.exe
PRC - [2010/05/21 00:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 00:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/05/11 10:16:34 | 000,140,288 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2010/04/01 17:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/12 05:40:54 | 000,136,544 | ---- | M] () -- D:\Program Files\AMD\OverDrive\AODAssist.exe
PRC - [2010/02/12 16:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2010/01/21 17:22:06 | 020,752,736 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office14\EXCEL.EXE
PRC - [2010/01/21 17:20:50 | 002,162,024 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office14\POWERPNT.EXE
PRC - [2010/01/15 20:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- D:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/09/14 23:00:00 | 000,200,704 | ---- | M] (SEIKO EPSON CORPORATION) -- D:\Windows\System32\spool\drivers\w32x86\3\E_FATIGGI.EXE
PRC - [2009/08/22 19:25:00 | 000,102,400 | ---- | M] () -- D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverrider.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2009/07/07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- D:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/01/12 20:15:52 | 000,071,096 | ---- | M] () -- D:\Program Files\Blaze Media Pro\NMSAccess32.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/02/17 09:04:40 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Users\cj\Downloads\OTL.exe
MOD - [2009/08/22 19:25:00 | 000,032,768 | ---- | M] () -- D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverriderHooks.dll
MOD - [2009/07/14 09:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sspicli.dll
MOD - [2009/07/14 09:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sechost.dll
MOD - [2009/07/14 09:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\samcli.dll
MOD - [2009/07/14 09:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\profapi.dll
MOD - [2009/07/14 09:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\netutils.dll
MOD - [2009/07/14 09:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 09:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 09:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\devobj.dll
MOD - [2009/07/14 09:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 09:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (Creative Dolby Digital Live Pack Licensing Service)
SRV - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/24 22:57:12 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/11/24 22:56:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/11/19 20:22:57 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/12 05:40:54 | 000,136,544 | ---- | M] () [Auto | Running] -- D:\Program Files\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/02/12 16:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/01/15 20:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/07/14 09:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 09:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 09:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 09:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 09:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 09:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 09:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 09:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 09:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 09:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 09:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 09:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 09:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 09:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 09:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 09:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 09:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/01/12 20:15:52 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files\Blaze Media Pro\NMSAccess32.exe -- (NMSAccess)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] --  -- (IesDrv)
DRV - [2020/04/15 13:04:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/10/17 02:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/09/29 09:14:30 | 000,228,352 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/09/08 04:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/09/03 16:16:18 | 003,185,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/08/31 11:04:18 | 000,012,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\MSI Afterburner\RTCore32.sys -- (RTCore32)
DRV - [2010/08/16 18:41:54 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/03/18 20:50:12 | 000,189,528 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2010/03/18 20:50:04 | 000,162,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2010/03/18 20:49:56 | 000,798,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2010/03/18 20:45:42 | 000,092,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/03/18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTERFXFX.SYS -- (CTERFXFX.SYS)
DRV - [2010/03/18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV - [2010/03/18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTSBLFX.SYS -- (CTSBLFX.SYS)
DRV - [2010/03/18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV - [2010/03/18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTAUDFX.SYS -- (CTAUDFX.SYS)
DRV - [2010/03/18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV - [2010/03/18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\COMMONFX.SYS -- (COMMONFX.SYS)
DRV - [2010/03/18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\COMMONFX.sys -- (COMMONFX)
DRV - [2010/03/12 05:35:48 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- D:\Program Files\AMD\OverDrive\i386\AODDriver.sys -- (AODDriver)
DRV - [2009/07/30 19:58:26 | 000,187,392 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009/07/14 09:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 09:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 09:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 09:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 09:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 09:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 09:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 09:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 09:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 09:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 09:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 09:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 09:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 09:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 09:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 09:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 09:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 09:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 09:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 09:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 09:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 09:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 09:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 09:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 09:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 09:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 09:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 09:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 09:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 09:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 09:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 09:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 09:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 09:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 09:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 08:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 08:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 08:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 07:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 07:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 07:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 07:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 07:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 07:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 07:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 07:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 07:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 07:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 07:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 07:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- D:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 07:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 07:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 07:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/14 06:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 06:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/14 06:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/14 06:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/14 06:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/14 06:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/14 06:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/14 06:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/14 06:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/05/05 00:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2008/09/26 18:04:22 | 000,113,152 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2008/09/26 18:04:10 | 000,101,760 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ph
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 F3 52 93 E1 12 D6 01  [binary data]
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: D:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/02/06 17:02:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/12/12 03:24:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/12/12 03:24:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: D:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/02/06 17:02:05 | 000,000,000 | ---D | M]
 
[2010/06/18 00:31:57 | 000,000,000 | ---D | M] (No name found) -- D:\Users\cj\AppData\Roaming\Mozilla\Extensions
[2010/11/16 22:08:28 | 000,000,000 | ---D | M] (No name found) -- D:\Users\cj\AppData\Roaming\Mozilla\Firefox\Profiles\2o0hglwt.default\extensions
[2010/11/16 22:08:28 | 000,000,000 | ---D | M] (XfireXO) -- D:\Users\cj\AppData\Roaming\Mozilla\Firefox\Profiles\2o0hglwt.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/11/11 11:17:24 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2010/11/07 17:09:31 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/11 11:17:24 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/06 17:02:05 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- D:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2009/06/11 05:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [D3DOverrider] D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [EEventManager] D:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NokiaMServer] D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RunDLLEntry] D:\Windows\System32\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [UpdReg] D:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ASRockIES]  File not found
O4 - HKCU..\Run: [ASRockOCTuner]  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON TX121 Series] D:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGI.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Messenger (Yahoo!)] D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NokiaOviSuite2] D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cssrs.exe ()
O4 - Startup: D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/28 10:11:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/08/24 11:45:20 | 000,000,054 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/07 23:41:52 | 000,000,047 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0af94a5e-1a7b-11e0-97e5-001e101f63cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0af94a5e-1a7b-11e0-97e5-001e101f63cf}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0af94a62-1a7b-11e0-97e5-001e101f63cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0af94a62-1a7b-11e0-97e5-001e101f63cf}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{10c62bce-0ed0-11e0-a2c4-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{10c62bce-0ed0-11e0-a2c4-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1f2e7816-159b-11e0-a01c-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{1f2e7816-159b-11e0-a01c-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2281b9af-045c-11e0-a13a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2281b9af-045c-11e0-a13a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010/09/04 11:34:49 | 000,227,256 | R--- | M] (2K Sports)
O33 - MountPoints2\{2db2d533-04b1-11e0-9b92-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2db2d533-04b1-11e0-9b92-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{574a955c-343a-11e0-9b3d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{574a955c-343a-11e0-9b3d-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{903214cd-0465-11e0-a225-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{903214cd-0465-11e0-a225-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{903214d4-0465-11e0-a225-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{903214d4-0465-11e0-a225-00252266111b}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{984b3179-ffaa-11df-aeb0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{984b3179-ffaa-11df-aeb0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{984b318a-ffaa-11df-aeb0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{984b318a-ffaa-11df-aeb0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{99280d34-045c-11e0-bbd5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99280d34-045c-11e0-bbd5-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c881-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c881-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c888-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c888-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c8a1-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c8a1-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c8a6-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c8a6-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c8c0-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c8c0-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e45c37ed-1260-11e0-ac35-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e45c37ed-1260-11e0-ac35-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2020/05/15 12:09:38 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\ATI
[2020/05/15 12:09:38 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\ATI
[2020/05/15 12:09:38 | 000,000,000 | ---D | C] -- D:\ProgramData\ATI
[2020/04/16 04:10:00 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2020/04/16 03:11:20 | 000,000,000 | ---D | C] -- D:\Windows\Prefetch
[2020/04/15 19:36:34 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2020/04/15 13:52:01 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Macromedia
[2020/04/15 13:50:53 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Adobe
[2020/04/15 13:45:39 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\2K Sports
[2020/04/15 13:43:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_40.dll
[2020/04/15 13:43:09 | 004,178,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_41.dll
[2020/04/15 13:43:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_40.dll
[2020/04/15 13:43:09 | 001,846,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_41.dll
[2020/04/15 13:43:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_4.dll
[2020/04/15 13:43:09 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_41.dll
[2020/04/15 13:43:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_40.dll
[2020/04/15 13:43:09 | 000,235,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_4.dll
[2020/04/15 13:43:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_6.dll
[2020/04/15 13:43:07 | 003,851,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_39.dll
[2020/04/15 13:43:07 | 001,493,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_39.dll
[2020/04/15 13:43:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_38.dll
[2020/04/15 13:43:07 | 000,507,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_1.dll
[2020/04/15 13:43:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_39.dll
[2020/04/15 13:43:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_38.dll
[2020/04/15 13:43:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_1.dll
[2020/04/15 13:43:07 | 000,065,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_0.dll
[2020/04/15 13:43:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_4.dll
[2020/04/15 13:43:06 | 003,850,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_38.dll
[2020/04/15 13:43:06 | 003,786,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_37.dll
[2020/04/15 13:43:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_37.dll
[2020/04/15 13:43:06 | 000,479,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_0.dll
[2020/04/15 13:43:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_37.dll
[2020/04/15 13:43:06 | 000,267,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_10.dll
[2020/04/15 13:43:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_0.dll
[2020/04/15 13:43:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_3.dll
[2020/04/15 13:43:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_36.dll
[2020/04/15 13:43:05 | 003,727,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_35.dll
[2020/04/15 13:43:05 | 001,374,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_36.dll
[2020/04/15 13:43:05 | 001,358,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_35.dll
[2020/04/15 13:43:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_36.dll
[2020/04/15 13:43:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_35.dll
[2020/04/15 13:43:05 | 000,443,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_34.dll
[2020/04/15 13:43:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_9.dll
[2020/04/15 13:43:05 | 000,266,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_8.dll
[2020/04/15 13:43:05 | 000,017,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_2.dll
[2020/04/15 13:43:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_34.dll
[2020/04/15 13:43:04 | 003,495,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_33.dll
[2020/04/15 13:43:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_32.dll
[2020/04/15 13:43:04 | 002,414,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_31.dll
[2020/04/15 13:43:04 | 001,124,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_34.dll
[2020/04/15 13:43:04 | 001,123,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_33.dll
[2020/04/15 13:43:04 | 000,443,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_33.dll
[2020/04/15 13:43:04 | 000,440,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10.dll
[2020/04/15 13:43:04 | 000,261,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_7.dll
[2020/04/15 13:43:04 | 000,255,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_6.dll
[2020/04/15 13:43:04 | 000,251,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_5.dll
[2020/04/15 13:43:04 | 000,237,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_4.dll
[2020/04/15 13:43:04 | 000,236,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_3.dll
[2020/04/15 13:43:04 | 000,230,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_2.dll
[2020/04/15 13:43:04 | 000,229,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_1.dll
[2020/04/15 13:43:04 | 000,081,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_3.dll
[2020/04/15 13:43:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_2.dll
[2020/04/15 13:43:04 | 000,062,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_1.dll
[2020/04/15 13:43:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\x3daudio1_1.dll
[2020/04/15 13:43:00 | 002,388,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_30.dll
[2020/04/15 13:43:00 | 002,337,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_25.dll
[2020/04/15 13:43:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_29.dll
[2020/04/15 13:43:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_28.dll
[2020/04/15 13:43:00 | 002,319,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_27.dll
[2020/04/15 13:43:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_26.dll
[2020/04/15 13:43:00 | 000,230,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_0.dll
[2020/04/15 13:43:00 | 000,014,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\x3daudio1_0.dll
[2020/04/15 13:42:59 | 002,222,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_24.dll
[2020/04/15 13:42:07 | 000,000,000 | ---D | C] -- D:\Windows\System32\Macromed
[2020/04/15 13:39:19 | 000,000,000 | ---D | C] -- D:\Program Files\Yahoo!
[2020/04/15 13:21:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Creative
[2020/04/15 13:21:07 | 000,171,680 | ---- | C] (Creative Technology Ltd) -- D:\Windows\System32\CTOPT352.dll
[2020/04/15 13:21:07 | 000,061,440 | ---- | C] (Creative Technology Ltd) -- D:\Windows\System32\CTChkAud.dll
[2020/04/15 13:18:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2020/04/15 13:17:45 | 000,000,000 | ---D | C] -- D:\Windows\System32\Defaults
[2020/04/15 13:16:03 | 000,445,016 | ---- | C] (Creative Labs) -- D:\Windows\System32\wrap_oal.dll
[2020/04/15 13:16:03 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\Windows\System32\OpenAL32.dll
[2020/04/15 13:16:03 | 000,000,000 | ---D | C] -- D:\Program Files\OpenAL
[2020/04/15 13:15:13 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2020/04/15 13:11:46 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2020/04/15 13:11:46 | 000,000,000 | ---D | C] -- D:\Program Files\Phyxion.net
[2020/04/15 13:10:30 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\ElevatedDiagnostics
[2020/04/15 13:04:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2020/04/15 13:04:35 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2020/04/15 13:04:22 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\DAEMON Tools Lite
[2020/04/15 13:04:20 | 000,000,000 | ---D | C] -- D:\ProgramData\DAEMON Tools Lite
[2020/04/15 13:03:02 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2020/04/15 12:59:08 | 000,000,000 | -HSD | C] -- D:\Windows\Installer
[2020/04/15 12:59:04 | 000,000,000 | ---D | C] -- D:\ProgramData\NVIDIA Corporation
[2020/04/15 12:58:57 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvgenco322030.dll
[2020/04/15 12:58:57 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvgenco32.dll
[2020/04/15 12:58:50 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2020/04/15 12:32:14 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\format
[2020/04/15 12:31:57 | 000,062,464 | ---- | C] (Creative Technology Ltd.) -- D:\Windows\System32\UDAWRP32.dll
[2020/04/15 12:27:35 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\Transfer
[2020/04/15 12:27:25 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\RIG
[2020/04/15 12:27:00 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\Picture
[2020/04/15 12:18:39 | 000,000,000 | ---D | C] -- D:\Windows\SoftwareDistribution
[2020/04/15 12:17:57 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2020/04/15 12:17:57 | 000,000,000 | R--D | C] -- D:\Users\cj\Searches
[2020/04/15 12:17:57 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2020/04/15 12:17:57 | 000,000,000 | -H-D | C] -- D:\Users\cj\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2020/04/15 12:17:49 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Identities
[2020/04/15 12:17:48 | 000,000,000 | R--D | C] -- D:\Users\cj\Contacts
[2020/04/15 12:17:42 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\VirtualStore
[2020/04/15 12:17:41 | 000,000,000 | --SD | C] -- D:\Users\cj\AppData\Roaming\Microsoft
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Videos
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Saved Games
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Pictures
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Music
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Links
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Favorites
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Downloads
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\My Documents
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Desktop
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\AppData\Local\Temporary Internet Files
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Templates
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Start Menu
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\SendTo
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Recent
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\PrintHood
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\NetHood
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Documents\My Videos
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Documents\My Pictures
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Documents\My Music
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\My Documents
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Local Settings
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\AppData\Local\History
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Cookies
[2020/04/15 12:17
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
PC problem (maybe due to usb virus)
« Reply #3 on: February 16, 2011, 10:08:28 PM »
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Right-click on TFC.exe
choose to "Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.    
  • If an update is found, it will download and install the latest version.    
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.    
  • The scan may take some time to finish,so please be patient.    
  • When the scan is complete, click OK, then Show Results to view the results.    
  • Make sure that everything is checked, and click Remove Selected.
        * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)    
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.    
  • Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
PC problem (maybe due to usb virus)
« Reply #4 on: February 16, 2011, 10:10:19 PM »
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Right-click on TFC.exe
choose to "Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows
download Malwarebytes' Anti-Malware from Here Note: It says it's Shareware, but this is actually the Freeware version
Save the installer to desktop

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.    
  • If an update is found, it will download and install the latest version.    
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.    
  • The scan may take some time to finish,so please be patient.    
  • When the scan is complete, click OK, then Show Results to view the results.    
  • Make sure that everything is checked, and click Remove Selected.
        * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)    
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.    
  • Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline treasurechest

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
PC problem (maybe due to usb virus)
« Reply #5 on: February 18, 2011, 10:01:56 PM »
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5807

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2/19/2011 10:59:11 AM
mbam-log-2011-02-19 (10-59-11).txt

Scan type: Quick scan
Objects scanned: 161222
Time elapsed: 2 minute(s), 6 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
d:\Users\cj\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\cssrs.exe (Trojan.StartPage) -> 1664 -> Unloaded process successfully.
d:\Users\cj\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\cssrs.exe (Trojan.StartPage) -> 1636 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\blank (Trojan.StartPage) -> Value: blank -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\Tabs (Trojan.StartPage) -> Value: Tabs -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.114116.info) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.114116.info) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
d:\Users\cj\AppData\Roaming\cssrs.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
d:\Users\cj\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\cssrs.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
PC problem (maybe due to usb virus)
« Reply #6 on: February 19, 2011, 04:49:48 PM »
If you didn't purposely install the next 2 programs
Can you close down all browser windows and uninstall them please

Conduit Engine
McAfee Security Scan Plus

Let me know if you uninstalled them
In addition, right click on "OTL.exe" and choose to 'Run as Admin'
Run a Quick Scan, when done, post the new log that opens

Also, keep me informed how things are now running
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline treasurechest

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
PC problem (maybe due to usb virus)
« Reply #7 on: February 19, 2011, 09:21:29 PM »
OTL logfile created on: 2/20/2011 10:19:51 AM - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = D:\Users\cj\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 70.20 Mb Free Space | 70.21% Space Free | Partition Type: NTFS
Drive D: | 446.12 Gb Total Space | 234.91 Gb Free Space | 52.66% Space Free | Partition Type: NTFS
Drive E: | 5.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 19.53 Gb Total Space | 19.44 Gb Free Space | 99.55% Space Free | Partition Type: NTFS
Drive H: | 21.03 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: CJ-PC | User Name: cj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/02/17 09:04:40 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Users\cj\Downloads\OTL.exe
PRC - [2011/01/31 12:16:40 | 000,703,360 | ---- | M] (Nokia) -- D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/12/12 03:24:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/12/04 13:45:18 | 000,086,016 | ---- | M] () -- D:\Program Files\Sun Broadband Wireless\Sun Broadband Wireless.exe
PRC - [2010/11/23 17:49:24 | 001,540,096 | ---- | M] (Nokia) -- D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/11/16 14:48:32 | 000,152,576 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010/10/16 12:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/03 16:15:44 | 009,726,568 | ---- | M] (Realtek Semiconductor) -- D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2010/09/03 16:15:44 | 001,493,608 | ---- | M] (Realtek Semiconductor) -- D:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/21 14:14:34 | 007,987,720 | ---- | M] (ASRock Incorporation) -- D:\Program Files\ASRock Utility\IES\AsrIes.exe
PRC - [2010/05/21 00:28:00 | 011,312,128 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 00:27:58 | 011,318,784 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2010/05/11 10:16:34 | 000,140,288 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2010/04/01 17:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/12 05:40:54 | 000,136,544 | ---- | M] () -- D:\Program Files\AMD\OverDrive\AODAssist.exe
PRC - [2010/02/12 16:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- D:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/08/22 19:25:00 | 000,102,400 | ---- | M] () -- D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverrider.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2009/07/07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- D:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/01/12 20:15:52 | 000,071,096 | ---- | M] () -- D:\Program Files\Blaze Media Pro\NMSAccess32.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/02/17 09:04:40 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Users\cj\Downloads\OTL.exe
MOD - [2009/08/22 19:25:00 | 000,032,768 | ---- | M] () -- D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverriderHooks.dll
MOD - [2009/07/14 09:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sspicli.dll
MOD - [2009/07/14 09:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\sechost.dll
MOD - [2009/07/14 09:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\samcli.dll
MOD - [2009/07/14 09:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\profapi.dll
MOD - [2009/07/14 09:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\netutils.dll
MOD - [2009/07/14 09:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 09:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 09:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\devobj.dll
MOD - [2009/07/14 09:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 09:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (Creative Dolby Digital Live Pack Licensing Service)
SRV - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/24 22:57:12 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/11/24 22:56:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- D:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/11/19 20:22:57 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/12 05:40:54 | 000,136,544 | ---- | M] () [Auto | Running] -- D:\Program Files\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/02/12 16:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- D:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 09:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 09:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/07/14 09:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 09:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 09:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 09:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 09:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 09:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 09:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 09:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 09:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 09:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 09:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 09:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 09:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 09:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 09:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 09:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/01/12 20:15:52 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files\Blaze Media Pro\NMSAccess32.exe -- (NMSAccess)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] --  -- (IesDrv)
DRV - [2020/04/15 13:04:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/10/17 02:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/09/29 09:14:30 | 000,228,352 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/09/08 04:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/09/03 16:16:18 | 003,185,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/08/31 11:04:18 | 000,012,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\MSI Afterburner\RTCore32.sys -- (RTCore32)
DRV - [2010/08/16 18:41:54 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/03/18 20:50:12 | 000,189,528 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2010/03/18 20:50:04 | 000,162,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2010/03/18 20:49:56 | 000,798,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2010/03/18 20:45:42 | 000,092,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/03/18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTERFXFX.SYS -- (CTERFXFX.SYS)
DRV - [2010/03/18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV - [2010/03/18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTSBLFX.SYS -- (CTSBLFX.SYS)
DRV - [2010/03/18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV - [2010/03/18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTAUDFX.SYS -- (CTAUDFX.SYS)
DRV - [2010/03/18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV - [2010/03/18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\COMMONFX.SYS -- (COMMONFX.SYS)
DRV - [2010/03/18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\COMMONFX.sys -- (COMMONFX)
DRV - [2010/03/12 05:35:48 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- D:\Program Files\AMD\OverDrive\i386\AODDriver.sys -- (AODDriver)
DRV - [2009/07/30 19:58:26 | 000,187,392 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009/07/14 09:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 09:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 09:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 09:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 09:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 09:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 09:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 09:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 09:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 09:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 09:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 09:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 09:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 09:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 09:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 09:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 09:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 09:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 09:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 09:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 09:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 09:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 09:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 09:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 09:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 09:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 09:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 09:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 09:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 09:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 09:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 09:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 09:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 09:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 09:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 08:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 08:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 08:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 07:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 07:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 07:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 07:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 07:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 07:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 07:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 07:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 07:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 07:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 07:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 07:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- D:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 07:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 07:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 07:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/14 06:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 06:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/14 06:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/14 06:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/14 06:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/14 06:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/14 06:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/14 06:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/14 06:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/05/05 00:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2008/09/26 18:04:22 | 000,113,152 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2008/09/26 18:04:10 | 000,101,760 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ph
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 F3 52 93 E1 12 D6 01  [binary data]
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: D:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/02/06 17:02:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/12/12 03:24:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/12/12 03:24:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: D:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/02/06 17:02:05 | 000,000,000 | ---D | M]
 
[2010/06/18 00:31:57 | 000,000,000 | ---D | M] (No name found) -- D:\Users\cj\AppData\Roaming\Mozilla\Extensions
[2010/11/16 22:08:28 | 000,000,000 | ---D | M] (No name found) -- D:\Users\cj\AppData\Roaming\Mozilla\Firefox\Profiles\2o0hglwt.default\extensions
[2010/11/16 22:08:28 | 000,000,000 | ---D | M] (XfireXO) -- D:\Users\cj\AppData\Roaming\Mozilla\Firefox\Profiles\2o0hglwt.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/11/11 11:17:24 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2010/11/07 17:09:31 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/11 11:17:24 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/06 17:02:05 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- D:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2009/06/11 05:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - D:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [D3DOverrider] D:\Users\cj\Desktop\dlsu\D3DOverrider\D3DOverriderWrapper.exe ()
O4 - HKLM..\Run: [EEventManager] D:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] D:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RunDLLEntry] D:\Windows\System32\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [UpdReg] D:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] D:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ASRockIES]  File not found
O4 - HKCU..\Run: [ASRockOCTuner]  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON TX121 Series] D:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGI.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Messenger (Yahoo!)] D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NokiaOviSuite2] D:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/01/28 10:11:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/08/24 11:45:20 | 000,000,054 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007/11/07 23:41:52 | 000,000,047 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0af94a5e-1a7b-11e0-97e5-001e101f63cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0af94a5e-1a7b-11e0-97e5-001e101f63cf}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0af94a62-1a7b-11e0-97e5-001e101f63cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0af94a62-1a7b-11e0-97e5-001e101f63cf}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{10c62bce-0ed0-11e0-a2c4-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{10c62bce-0ed0-11e0-a2c4-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{1f2e7816-159b-11e0-a01c-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{1f2e7816-159b-11e0-a01c-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2281b9af-045c-11e0-a13a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2281b9af-045c-11e0-a13a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010/09/04 11:34:49 | 000,227,256 | R--- | M] (2K Sports)
O33 - MountPoints2\{2db2d533-04b1-11e0-9b92-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2db2d533-04b1-11e0-9b92-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{574a955c-343a-11e0-9b3d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{574a955c-343a-11e0-9b3d-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{903214cd-0465-11e0-a225-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{903214cd-0465-11e0-a225-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{903214d4-0465-11e0-a225-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{903214d4-0465-11e0-a225-00252266111b}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{984b3179-ffaa-11df-aeb0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{984b3179-ffaa-11df-aeb0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{984b318a-ffaa-11df-aeb0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{984b318a-ffaa-11df-aeb0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{99280d34-045c-11e0-bbd5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99280d34-045c-11e0-bbd5-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c881-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c881-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c888-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c888-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c8a1-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c8a1-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c8a6-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c8a6-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e129c8c0-ff5f-11df-9fe0-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e129c8c0-ff5f-11df-9fe0-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e45c37ed-1260-11e0-ac35-00252266111b}\Shell - "" = AutoRun
O33 - MountPoints2\{e45c37ed-1260-11e0-ac35-00252266111b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2008/04/24 21:44:40 | 000,114,688 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2020/05/15 12:09:38 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\ATI
[2020/05/15 12:09:38 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\ATI
[2020/05/15 12:09:38 | 000,000,000 | ---D | C] -- D:\ProgramData\ATI
[2020/04/16 04:10:00 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2020/04/16 03:11:20 | 000,000,000 | ---D | C] -- D:\Windows\Prefetch
[2020/04/15 19:36:34 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2020/04/15 13:52:01 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Macromedia
[2020/04/15 13:50:53 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Adobe
[2020/04/15 13:45:39 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\2K Sports
[2020/04/15 13:43:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_40.dll
[2020/04/15 13:43:09 | 004,178,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_41.dll
[2020/04/15 13:43:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_40.dll
[2020/04/15 13:43:09 | 001,846,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_41.dll
[2020/04/15 13:43:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_4.dll
[2020/04/15 13:43:09 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_41.dll
[2020/04/15 13:43:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_40.dll
[2020/04/15 13:43:09 | 000,235,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_4.dll
[2020/04/15 13:43:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_6.dll
[2020/04/15 13:43:07 | 003,851,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_39.dll
[2020/04/15 13:43:07 | 001,493,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_39.dll
[2020/04/15 13:43:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_38.dll
[2020/04/15 13:43:07 | 000,507,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_1.dll
[2020/04/15 13:43:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_39.dll
[2020/04/15 13:43:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_38.dll
[2020/04/15 13:43:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_1.dll
[2020/04/15 13:43:07 | 000,065,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_0.dll
[2020/04/15 13:43:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_4.dll
[2020/04/15 13:43:06 | 003,850,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_38.dll
[2020/04/15 13:43:06 | 003,786,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_37.dll
[2020/04/15 13:43:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_37.dll
[2020/04/15 13:43:06 | 000,479,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_0.dll
[2020/04/15 13:43:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_37.dll
[2020/04/15 13:43:06 | 000,267,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_10.dll
[2020/04/15 13:43:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_0.dll
[2020/04/15 13:43:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_3.dll
[2020/04/15 13:43:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_36.dll
[2020/04/15 13:43:05 | 003,727,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_35.dll
[2020/04/15 13:43:05 | 001,374,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_36.dll
[2020/04/15 13:43:05 | 001,358,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_35.dll
[2020/04/15 13:43:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_36.dll
[2020/04/15 13:43:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_35.dll
[2020/04/15 13:43:05 | 000,443,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_34.dll
[2020/04/15 13:43:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_9.dll
[2020/04/15 13:43:05 | 000,266,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_8.dll
[2020/04/15 13:43:05 | 000,017,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_2.dll
[2020/04/15 13:43:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_34.dll
[2020/04/15 13:43:04 | 003,495,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_33.dll
[2020/04/15 13:43:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_32.dll
[2020/04/15 13:43:04 | 002,414,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_31.dll
[2020/04/15 13:43:04 | 001,124,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_34.dll
[2020/04/15 13:43:04 | 001,123,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_33.dll
[2020/04/15 13:43:04 | 000,443,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_33.dll
[2020/04/15 13:43:04 | 000,440,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10.dll
[2020/04/15 13:43:04 | 000,261,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_7.dll
[2020/04/15 13:43:04 | 000,255,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_6.dll
[2020/04/15 13:43:04 | 000,251,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_5.dll
[2020/04/15 13:43:04 | 000,237,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_4.dll
[2020/04/15 13:43:04 | 000,236,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_3.dll
[2020/04/15 13:43:04 | 000,230,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_2.dll
[2020/04/15 13:43:04 | 000,229,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_1.dll
[2020/04/15 13:43:04 | 000,081,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_3.dll
[2020/04/15 13:43:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_2.dll
[2020/04/15 13:43:04 | 000,062,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_1.dll
[2020/04/15 13:43:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\x3daudio1_1.dll
[2020/04/15 13:43:00 | 002,388,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_30.dll
[2020/04/15 13:43:00 | 002,337,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_25.dll
[2020/04/15 13:43:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_29.dll
[2020/04/15 13:43:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_28.dll
[2020/04/15 13:43:00 | 002,319,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_27.dll
[2020/04/15 13:43:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_26.dll
[2020/04/15 13:43:00 | 000,230,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_0.dll
[2020/04/15 13:43:00 | 000,014,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\x3daudio1_0.dll
[2020/04/15 13:42:59 | 002,222,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_24.dll
[2020/04/15 13:42:07 | 000,000,000 | ---D | C] -- D:\Windows\System32\Macromed
[2020/04/15 13:39:19 | 000,000,000 | ---D | C] -- D:\Program Files\Yahoo!
[2020/04/15 13:21:40 | 000,000,000 | ---D | C] -- D:\ProgramData\Creative
[2020/04/15 13:21:07 | 000,171,680 | ---- | C] (Creative Technology Ltd) -- D:\Windows\System32\CTOPT352.dll
[2020/04/15 13:21:07 | 000,061,440 | ---- | C] (Creative Technology Ltd) -- D:\Windows\System32\CTChkAud.dll
[2020/04/15 13:18:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2020/04/15 13:17:45 | 000,000,000 | ---D | C] -- D:\Windows\System32\Defaults
[2020/04/15 13:16:03 | 000,445,016 | ---- | C] (Creative Labs) -- D:\Windows\System32\wrap_oal.dll
[2020/04/15 13:16:03 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\Windows\System32\OpenAL32.dll
[2020/04/15 13:16:03 | 000,000,000 | ---D | C] -- D:\Program Files\OpenAL
[2020/04/15 13:15:13 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2020/04/15 13:11:46 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2020/04/15 13:11:46 | 000,000,000 | ---D | C] -- D:\Program Files\Phyxion.net
[2020/04/15 13:10:30 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\ElevatedDiagnostics
[2020/04/15 13:04:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2020/04/15 13:04:35 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2020/04/15 13:04:22 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\DAEMON Tools Lite
[2020/04/15 13:04:20 | 000,000,000 | ---D | C] -- D:\ProgramData\DAEMON Tools Lite
[2020/04/15 13:03:02 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2020/04/15 12:59:08 | 000,000,000 | -HSD | C] -- D:\Windows\Installer
[2020/04/15 12:59:04 | 000,000,000 | ---D | C] -- D:\ProgramData\NVIDIA Corporation
[2020/04/15 12:58:57 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvgenco322030.dll
[2020/04/15 12:58:57 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvgenco32.dll
[2020/04/15 12:58:50 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2020/04/15 12:32:14 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\format
[2020/04/15 12:31:57 | 000,062,464 | ---- | C] (Creative Technology Ltd.) -- D:\Windows\System32\UDAWRP32.dll
[2020/04/15 12:27:35 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\Transfer
[2020/04/15 12:27:25 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\RIG
[2020/04/15 12:27:00 | 000,000,000 | ---D | C] -- D:\Users\cj\Documents\Picture
[2020/04/15 12:18:39 | 000,000,000 | ---D | C] -- D:\Windows\SoftwareDistribution
[2020/04/15 12:17:57 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2020/04/15 12:17:57 | 000,000,000 | R--D | C] -- D:\Users\cj\Searches
[2020/04/15 12:17:57 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2020/04/15 12:17:57 | 000,000,000 | -H-D | C] -- D:\Users\cj\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2020/04/15 12:17:49 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Identities
[2020/04/15 12:17:48 | 000,000,000 | R--D | C] -- D:\Users\cj\Contacts
[2020/04/15 12:17:42 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\VirtualStore
[2020/04/15 12:17:41 | 000,000,000 | --SD | C] -- D:\Users\cj\AppData\Roaming\Microsoft
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Videos
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Saved Games
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Pictures
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Music
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Links
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Favorites
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Downloads
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\My Documents
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\Desktop
[2020/04/15 12:17:41 | 000,000,000 | R--D | C] -- D:\Users\cj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\AppData\Local\Temporary Internet Files
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Templates
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Start Menu
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\SendTo
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Recent
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\PrintHood
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\NetHood
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Documents\My Videos
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Documents\My Pictures
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Documents\My Music
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\My Documents
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Local Settings
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\AppData\Local\History
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Cookies
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\Application Data
[2020/04/15 12:17:41 | 000,000,000 | -HSD | C] -- D:\Users\cj\AppData\Local\Application Data
[2020/04/15 12:17:41 | 000,000,000 | -H-D | C] -- D:\Users\cj\AppData
[2020/04/15 12:17:41 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\Temp
[2020/04/15 12:17:41 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Local\Microsoft
[2020/04/15 12:17:41 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Media Center Programs
[2020/04/15 12:17:29 | 000,000,000 | -HSD | C] -- D:\Recovery
[2011/02/19 10:53:39 | 000,000,000 | ---D | C] -- D:\Users\cj\AppData\Roaming\Malwarebytes
[2011/02/19 10:53:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbamswissarmy.sys
[2011/02/19 10:53:32 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/19 10:53:31 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2011/02/19 10:53:29 | 000,020,952 | ----
Logged

Offline treasurechest

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
PC problem (maybe due to usb virus)
« Reply #8 on: February 19, 2011, 09:24:43 PM »
Improvements I seen was that the folder from the USB, where before I can't delete, but after Ive done this process I was able to delete this.

However, I still cant get my Iphone to work, as a usb device, I can only sinc it with Itunes, I cant see it on the My Computer. If I plug it, there isn't any installation of hardware process, but right after I unplug the Iphone, theres a three second installation process which eventually fails because the Iphone is already unplugged.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
PC problem (maybe due to usb virus)
« Reply #9 on: February 20, 2011, 08:18:32 PM »
You can't see Iphone icon in COMPUTER?

But you can see it's icon when connected in Itunes, correct?

Did you ever see your Iphone in Computer?
If so, what Drive letter was it assigned
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline treasurechest

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
PC problem (maybe due to usb virus)
« Reply #10 on: February 21, 2011, 10:09:19 AM »
I've seen it before, I just cant remember what drive was it, because i was still able to transfer a photo back then, but now, i cant because it wont show on my computer, only in itunes. the bad thing is that I just cant sync it because i dont want to just delete the files inside the iphone.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
PC problem (maybe due to usb virus)
« Reply #11 on: February 22, 2011, 05:07:52 PM »
I didn't save the link, but I saved a quote of what happened with someone else with Windows 7 and an Iphone

Quote
"There is something wrong with the firmware in the iphone. If you have any photos that are in your photo album within the phone that are there from any source except the phone itself such as an emailed photo or downloaded photo, PC's and Macs will not recognize your phone.  You must delete the "foreign pictures" then the Mac or PC will recognize the phone. I have both a PC with Upgraded to Windows 7 and an IMac. When my PC would not recognize the iphone in MY COMPUTER but saw it as a device in the the device manager as an Apple Mobile Device, I spent hours trying to figure it out. I gave up and decided to download pics to IMac but had the same problem (iphoto would not recognize the Iphone). Scanning Apple forums, I found that many people found a solution by deleteing foreign pictures from their phone. I did this and the IMac instantly recognized my phone. I decided to go back to the PC with Windows 7 and it instantly recognized my phone and it appeared under MY COMPUTER. All is well. Sounds like your problem since you just downloaded foreign pic to your phone."
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »