Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error 132 in WoW - Combofix log included


  • This topic is locked This topic is locked
2 replies to this topic

#1 oso27

oso27

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 04 April 2011 - 03:51 PM

So I've been getting an error 132 when I play WoW. I was told to run combofix, but I don't know how to read the log. I was wondering if there is anything that needs to be removed. Thanks in advance.

Here's the log that I received:

ComboFix 11-04-01.01 - jon 01/04/2011 20:24:33.1.4 - x64
Microsoft� Windows Vista� Home Premium 6.0.6002.2.1252.2.1033.18.8190.6439 [GMT -7:00]
Running from: c:\users\jon\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-02 to 2011-04-02 )))))))))))))))))))))))))))))))
.
.
2011-04-02 03:30 . 2011-04-02 03:30 -------- d-----w- c:\users\jon\AppData\Local\temp
2011-04-02 03:30 . 2011-04-02 03:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-02 02:50 . 2011-04-02 02:50 -------- dc-h--w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-04-02 02:50 . 2011-04-02 02:50 -------- d-----w- c:\program files (x86)\Uniblue
2011-04-02 02:50 . 2011-04-02 02:50 -------- d-----w- c:\users\jon\AppData\Local\PackageAware
2011-04-02 00:38 . 2011-04-02 00:38 431104 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-02 00:38 . 2011-04-02 00:38 409600 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-04-02 00:38 . 2011-04-02 00:38 136192 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-02 00:38 . 2011-04-02 00:38 114688 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-04-02 00:38 . 2011-04-02 00:38 -------- d-----w- c:\program files (x86)\Creative
2011-04-02 00:38 . 2007-07-03 20:14 1828352 ------w- c:\windows\system32\adi_oal.dll
2011-04-02 00:38 . 2007-07-03 20:11 1503232 ------w- c:\windows\SysWow64\adi_oal.dll
2011-04-02 00:38 . 2003-11-11 01:10 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-04-02 00:38 . 2003-11-11 01:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-04-02 00:38 . 2003-11-11 01:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-04-02 00:37 . 2011-04-02 00:37 -------- d-----w- c:\programdata\SonicFocus
2011-04-02 00:13 . 2008-01-04 20:34 11832 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2011-04-02 00:13 . 2008-01-04 20:34 10216 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2011-04-01 23:55 . 2011-04-02 00:36 -------- d-----w- c:\users\jon\AppData\Roaming\Download Manager
2011-04-01 23:29 . 2011-04-01 23:29 -------- d-----w- c:\program files\Microsoft Windows Performance Toolkit
2011-04-01 23:28 . 2011-04-01 23:28 -------- d-----w- c:\program files\Debugging Tools for Windows (x64)
2011-04-01 23:23 . 2011-04-01 23:23 -------- d-----w- c:\program files\Microsoft SDKs
2011-04-01 22:16 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{113EE3E7-DC7C-4E6D-B007-0A1262E81950}\mpengine.dll
2011-03-31 07:23 . 2011-02-23 15:28 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-03-31 07:23 . 2011-02-23 15:28 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-03-31 07:17 . 2011-04-01 23:45 -------- d-----w- c:\programdata\UAB
2011-03-31 07:17 . 2011-03-31 07:17 -------- d-----w- c:\users\jon\AppData\Local\PC_Drivers_Headquarters
2011-03-31 07:17 . 2011-03-31 07:17 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2011-03-31 07:16 . 2011-03-31 07:16 -------- d-----w- c:\program files (x86)\PC Drivers HeadQuarters
2011-03-31 07:04 . 2011-03-31 07:04 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2011-03-31 07:04 . 2011-04-02 01:18 -------- d-----w- c:\users\jon\AppData\Local\eSupport.com
2011-03-31 05:30 . 2011-03-31 05:30 -------- d-----w- c:\users\jon\AppData\Local\{9E17ED6A-3FED-41D3-BEF1-223F270C3981}
2011-03-31 02:43 . 2011-03-31 02:43 -------- d-----w- c:\users\jon\AppData\Roaming\ConsumerSoft
2011-03-31 02:43 . 2011-03-31 03:32 -------- d-----w- c:\program files (x86)\ConsumerSoft
2011-03-31 02:38 . 2011-03-31 02:38 -------- d-----w- c:\users\jon\AppData\Local\{0BE32671-DF56-4741-82A4-4A98A9BA66DA}
2011-03-30 05:07 . 2011-03-30 05:08 -------- d-----w- c:\users\jon\AppData\Local\{02458D32-6029-4D34-889B-CAA41C47F990}
2011-03-28 23:42 . 2011-03-28 23:42 -------- d-----w- c:\users\jon\AppData\Local\{40513F57-AE29-471D-A3E2-E9B9426932D8}
2011-03-26 16:44 . 2011-03-26 16:44 -------- d-----w- c:\users\jon\AppData\Local\{1A2C3EA7-9A9C-43AF-8EAA-74056B181131}
2011-03-26 01:14 . 2011-01-27 01:34 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-03-26 01:14 . 2011-01-27 01:34 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5D40A298-9F21-41D3-97B5-C7E514C5C16A}\gapaengine.dll
2011-03-25 20:19 . 2011-03-25 20:19 -------- d-----w- c:\users\jon\AppData\Local\{D56D7777-13F5-4911-9708-62F1F7DA09C9}
2011-03-25 04:25 . 2011-03-25 04:25 -------- d-----w- c:\users\jon\AppData\Local\{1D8AC6D6-7C84-45A1-A5AE-3F3D3A209308}
2011-03-25 02:24 . 2011-03-25 02:24 -------- d-----w- c:\users\jon\AppData\Local\{7B4EE0BB-03E3-431C-AF77-F190272078A2}
2011-03-24 23:51 . 2011-03-24 23:51 -------- d-----w- c:\users\jon\AppData\Local\{CD41D9BB-445A-4636-B8B4-23F05D275DB2}
2011-03-23 23:39 . 2011-03-23 23:39 -------- d-----w- c:\users\jon\AppData\Local\{634C2AFF-B825-417E-9E5A-70D36D51975A}
2011-03-23 00:04 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 00:04 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 00:04 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 00:04 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 00:04 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-22 23:45 . 2011-03-22 23:45 -------- d-----w- c:\users\jon\AppData\Local\{302C931C-A31C-41C0-AC94-67F0E96675A8}
2011-03-22 06:51 . 2011-03-22 06:51 -------- d-----w- c:\users\jon\AppData\Local\{0A3F8F1C-77A1-4B98-B84F-39DE0995A29F}
2011-03-21 16:27 . 2011-03-21 16:27 -------- d-----w- c:\users\jon\AppData\Local\{1112316A-138E-4E40-965B-995978BC4CFE}
2011-03-21 03:43 . 2011-03-21 03:43 -------- d-----w- c:\users\jon\AppData\Local\{6546CCEE-F957-41F2-A07C-D180227E8E8D}
2011-03-19 23:14 . 2011-03-19 23:14 -------- d-----w- c:\users\jon\AppData\Local\{02A6FCAE-6597-4EB8-AC12-723779A302CC}
2011-03-18 21:40 . 2011-03-18 21:40 -------- d-----w- c:\users\jon\AppData\Local\{B8FD705C-6B3A-4847-AFEF-1492348459DC}
2011-03-18 21:04 . 2011-03-18 21:04 -------- d-----w- c:\users\jon\AppData\Local\{4F728BB3-6577-487B-955B-766B8C0C1605}
2011-03-18 02:50 . 2011-03-18 02:51 -------- d-----w- c:\users\jon\AppData\Local\{5C2E17F0-ED22-4876-B479-B4635AC8C243}
2011-03-15 23:54 . 2011-03-15 23:54 -------- d-----w- c:\users\jon\AppData\Local\{1078A135-8B6E-4E25-B56C-FEDC7D64521D}
2011-03-14 05:21 . 2011-03-14 05:21 -------- d-----w- c:\users\jon\AppData\Local\{A7642503-0AC6-41F2-B16D-61CBF752C79F}
2011-03-12 19:28 . 2011-03-12 19:28 103864 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-03-12 18:30 . 2011-03-12 18:30 -------- d-----w- c:\users\jon\AppData\Local\{1795FEFC-5ED0-45BF-A06B-D483CF5DA514}
2011-03-11 23:56 . 2011-03-11 23:57 -------- d-----w- c:\users\jon\AppData\Local\{87774542-8710-40BA-8CD5-5BDD0421C8C8}
2011-03-11 06:23 . 2011-03-11 06:23 -------- d-----w- c:\users\jon\AppData\Local\{D51B193E-DCA6-4E94-A065-77D7522113BF}
2011-03-11 00:55 . 2011-03-11 00:55 -------- d-----w- c:\users\jon\AppData\Local\{A15BA43A-E145-46FE-8822-48366904D069}
2011-03-10 06:35 . 2011-03-10 06:35 -------- d-----w- c:\users\jon\AppData\Local\Activision
2011-03-10 04:41 . 2011-03-10 04:41 -------- d-----w- c:\program files (x86)\Activision
2011-03-10 03:01 . 2011-03-10 03:01 -------- d-----w- c:\program files\iPod
2011-03-10 03:01 . 2011-03-10 03:02 -------- d-----w- c:\program files\iTunes
2011-03-10 03:01 . 2011-03-10 03:02 -------- d-----w- c:\program files (x86)\iTunes
2011-03-10 00:53 . 2011-03-10 00:53 -------- d-----w- c:\users\jon\AppData\Local\{9058BDF1-A0FE-4F95-916A-7D734B4976CD}
2011-03-09 01:09 . 2011-03-09 01:09 -------- d-----w- c:\users\jon\AppData\Local\{C0FF35DD-447D-474E-BE61-39E128617DAB}
2011-03-09 00:45 . 2010-12-17 17:34 2425344 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 00:45 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-09 00:45 . 2010-12-17 15:41 731136 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 00:45 . 2010-12-17 13:54 677888 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-09 00:45 . 2010-12-29 19:01 416768 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 00:45 . 2010-12-29 19:01 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 00:45 . 2010-12-29 19:01 210944 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 00:45 . 2010-12-29 18:59 226816 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 00:45 . 2010-12-29 18:28 322560 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-09 00:45 . 2010-12-29 18:28 153088 ----a-w- c:\windows\SysWow64\sbeio.dll
2011-03-09 00:45 . 2010-12-29 18:28 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-09 00:45 . 2010-12-29 18:26 177664 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-08 05:11 . 2011-03-08 05:11 -------- d-----w- c:\users\jon\AppData\Local\{6EC36D24-BE19-4384-BBC8-AFC35D69BD8B}
2011-03-07 07:00 . 2011-03-07 07:00 -------- d-----w- c:\users\jon\AppData\Local\{5DF290AD-9D30-4F7E-A37A-48830519F711}
2011-03-06 07:01 . 2011-03-06 07:01 -------- d-----w- c:\users\jon\AppData\Local\{A285C586-ABE8-487A-A145-3AD641A95BA9}
2011-03-05 18:03 . 2011-03-05 18:04 -------- d-----w- c:\users\jon\AppData\Local\{13ECA711-780C-4309-9721-1DF8E67734B7}
2011-03-04 21:16 . 2011-03-04 21:17 -------- d-----w- c:\users\jon\AppData\Local\{AD3B9DA8-C6E8-4666-BD30-42AD47DA705B}
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-15 05:17 . 2010-12-21 02:53 8424784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-09 04:57 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-23 15:28 . 2011-02-23 15:28 7732328 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-02-23 15:28 . 2011-02-23 15:28 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-23 15:28 . 2011-02-23 15:28 6606440 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-23 15:28 . 2011-02-23 15:28 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-02-23 15:28 . 2011-02-23 15:28 5654120 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-02-23 15:28 . 2011-02-23 15:28 4942952 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-02-23 15:28 . 2011-02-23 15:28 3112040 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-23 15:28 . 2011-02-23 15:28 2895976 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-02-23 15:28 . 2011-02-23 15:28 2479720 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-23 15:28 . 2011-02-23 15:28 2251368 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-02-23 15:28 . 2011-02-23 15:28 20473960 ----a-w- c:\windows\system32\nvoglv64.dll
2011-02-23 15:28 . 2011-02-23 15:28 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-02-23 15:28 . 2011-02-23 15:28 18580072 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-23 15:28 . 2011-02-23 15:28 15047272 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-02-23 15:28 . 2011-02-23 15:28 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-02-23 15:28 . 2011-02-23 15:28 12962792 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-23 15:28 . 2011-02-23 15:28 10079336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-02-23 15:28 . 2009-11-03 22:00 12862568 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-02-23 15:28 . 2009-11-03 22:00 2200680 ----a-w- c:\windows\system32\nvapi64.dll
2011-02-03 05:40 . 2010-12-19 03:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-01-20 16:46 . 2011-02-09 04:46 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-09 04:46 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-09 04:46 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-09 04:46 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-09 04:46 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-09 04:46 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-09 04:46 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-09 04:46 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-09 04:46 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-09 04:46 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-09 04:46 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-09 04:46 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-09 04:46 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-09 04:46 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-09 04:46 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 04:46 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 04:46 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-09 04:46 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 04:46 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-09 04:46 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-09 04:46 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-09 04:46 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-09 04:46 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-09 04:46 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-09 04:46 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-09 04:46 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-09 04:46 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-09 04:46 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-09 04:46 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-09 04:46 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-09 04:46 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-09 04:46 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-09 04:46 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-09 04:46 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-09 04:46 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-09 04:46 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 04:46 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-09 04:46 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 04:46 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 04:46 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 04:46 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 04:46 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 04:46 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 04:46 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 04:46 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-09 04:46 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-09 04:46 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-13 10:20 . 2011-01-27 01:20 7844688 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-01-08 09:03 . 2011-02-09 04:40 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 08:47 . 2011-02-09 04:40 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-08 06:45 . 2011-02-09 04:40 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-01-08 06:28 . 2011-02-09 04:40 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-01-08 03:49 . 2011-01-08 03:49 795752 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-01-08 03:49 . 2011-01-08 03:49 6143080 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-08 03:49 . 2011-01-08 03:49 3156072 ----a-w- c:\windows\system32\nvsvc64.dll
2011-01-08 03:48 . 2011-01-08 03:48 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-08 03:48 . 2011-01-08 03:48 1005160 ----a-w- c:\windows\system32\nvvsvc.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"PowerSuite"="c:\users\jon\Desktop\Uniblue\DriverScanner\PowerSuite\launcher.exe" [2010-08-30 67448]
"Google Update"="c:\users\jon\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-12-22 136176]
"RegistryBooster"="c:\program files (x86)\Uniblue\RegistryBooster\launcher.exe" [2011-03-14 67456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"SoundTray"="c:\program files (x86)\Analog Devices\SoundMAX\SoundTray.exe" [2008-03-26 143360]
"RemoteControl"="c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"Drive Xpert"="c:\program files (x86)\ASUS\Drive Xpert\DriveXpert.exe" [2009-02-02 10231808]
"Ai Nap"="c:\program files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" [2009-07-02 1435136]
"QFan Help"="c:\program files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [2009-07-02 601088]
"Cpu Level Up help"="c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-12-01 881152]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2008-03-17 1302528]
.
c:\users\jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-12-28 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 57xx SteelVine Manager;57xx SteelVine;c:\program files (x86)\ASUS\Drive Xpert\SteelVine.exe [2009-02-02 1286144]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-03-31 21712]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-08 378984]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-869329415-3424843425-4264633635-1000Core.job
- c:\users\jon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 06:54]
.
2011-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-869329415-3424843425-4264633635-1000UA.job
- c:\users\jon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 06:54]
.
2011-04-02 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 15:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"UpdateUSB"="c:\windows\inf\UpdateUSB.exe" [2006-06-23 30720]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MI1933~1\OFFICE11\EXCEL.EXE/3000
DPF: {01025D1C-BB03-4369-8344-732CD0DCCCF0} - hxxp://www.geforce.com/services_toolkit/ShimGen/1.1.28.1/GPU_Reader.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Completion time: 2011-04-01 20:32:19
ComboFix-quarantined-files.txt 2011-04-02 03:32
.
Pre-Run: 189,764,935,680 bytes free
Post-Run: 189,200,089,088 bytes free
.
- - End Of File - - 8F8E7BACD238BC28FA3C744023D5536D

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:38 AM

Posted 12 April 2011 - 07:40 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:38 AM

Posted 17 April 2011 - 07:00 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users