problem when clicking on links in firefox...redirected to a different page.

Page 1 of 5 1, 2, 3, 4, 5  Next

View previous topic View next topic Go down

problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Wed 30 Mar 2011, 10:13 pm


lately, when I search for a topic and then click on a link provided (in google) I am redirected to a different page. also, in firefox, random pages will open in a new tab all on their own. they are always spam type pages. I have run AVG, super anti-spyware, and maleware bites anti maleware but can't get rid of it. hijack this is included below:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:13:25 AM, on 3/30/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 12\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\My Computer\Local Settings\Application Data\CyberDefender\cdmyidd.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\My Computer\Local Settings\Application Data\CyberDefender\cdmyidd.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [EaseUs Watch] "C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - [You must be registered and logged in to see this link.]
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EASEUS Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Update Service (gupdate1c9fb9d112482d4) (gupdate1c9fb9d112482d4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files\twc\medicsp2\bin\sprtsvc.exe

--
End of file - 8716 bytes


any disasters you see, please feel free to comment.

thanks,
Jeremy

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by Gabethebabe on Thu 31 Mar 2011, 1:38 am

Hello Jeremy,

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end! If your computer starts running better, doesn´t mean it is clean yet!

====================

For the next step we need to uninstall AVG antivirus, because it will interfere with our tools. Use the uninstaller below.
Do not worry, about being temporarily unprotected (it hasn´t helped preventing this infection, has it?). We will reinstall it later.

  • Please download AppRemover by OPSWAT from here and save it to your Desktop.
  • Double-click AppRemover.exe.
  • Unselect Enable anonymous usage statistics
  • Click Next>>
  • Make sure Remove security Application is selected and click Next>> to start a scan of installed security software.
  • Click Next>>
  • Select AVG and click Next>>
  • AppRemover will start the uninstall process. This may take a few minutes.
  • Once completed you may be prompted to restart your system. Please do so.


====================

With AVG out of the way, we can now use ComboFix by sUBs, a powerful tool that you are advised not to run without supervision of a trained malware helper. Please visit this webpage and read the tutorial on using ComboFix very carefully. After that download the tool and save it to your desktop.

Doubleclick ComboFix.exe to run the tool. Please post its log back here.


Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Thu 31 Mar 2011, 3:36 am

I followed your directions and ran appremover. now I'm trying to run combofix for the first time and I keep getting a warning that AVG is still on the computer. I re-booted and ran appremover one more time, AVG didn't show up on the scan, but malwarebytes anti-malware did (the first time it showed up too). so I uninstalled this program as well, just in case. I tried combofix again, same result (re:avg). I downloaded combofix again and ran the 2nd version of this and still got the avg message.


jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by Gabethebabe on Thu 31 Mar 2011, 5:44 pm

*sigh*

AVG is not a bad antivirus, but it is a pain in the behind to remove.

Have you tried to click the "Applications not found? Try this" option in AppRemover? This option (with a green exclamation Mark (!) will show up after the scan for security applications.

If that does not work, lets try another tool

====================

Download and install Revo Uninstaller from here.

  • Run Revo Uninstaller
  • Find the program you want to uninstall (AVG), click it and click the Uninstall button
  • When prompted for an uninstall mode choose Advanced
  • Follow the prompts to uninstall the program and related registry entries


Hopefully you get combofix running.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Thu 31 Mar 2011, 11:28 pm

I tried the "Applications not found? Try this" option in AppRemover. AVG did not show up on the list. I tried REVO Uninstaller, and again, AVG did not show up on the installed applications list. since first running appremover, there has been no evidence of avg on my pc. it hasn't shown up on the add/remove programs list, the icons are gone...but something, somewhere must be holding on. I tried to re-install AVG in order to try uninstalling it again, but the installation failed, twice. oh boy, computers are fun.

here's some additional info about my PC:
C: 75.4GB total space/45GB free space contains operating system and no real important saved info.
E: internal drive 114GB total/45GB free contains my documents, photos etc...
G: external drive 931GBtotal/411GBfree back up of C, E, and H.
H: external drive 298GBtotal/205GB free contains music

This machine is about 6 years old and I have never reformatted...Is this a reasonable option, considering all my vital info is on different drives and backed up? Maybe I'm ahead of myself...? (I'm due for a new machine, but when this one works, it does what I need it to...and it usually works.)

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by Gabethebabe on Fri 01 Apr 2011, 7:34 am

We do not give up yet. My teachers have shown me another tool you can use. Lets see if that is more successful.

The below will take care of AVG.

Note: Make sure you only delete AVG products.

Remove AVG Anti-Virus WMI Registration
  1. Click on the Start menu.
  2. Select Run...
  3. Type wbemtest and click OK
  4. Click Connect
  5. Type (or copy/paste) root/SecurityCenter in the NameSpace box
  6. Click Connect
  7. Click on Query
  8. Type in or copy / paste SELECT * FROM AntiVirusProduct and click on Apply

If there is more than one result, it means there is more than one Antivirus program installed.
Double click on each result to view the properties for that Antivirus product.
Identify the product(s) installed and DELETE any records for AVG Anti-Virus
Click Close and Exit out. Please let me know if this worked for you?



Try Combofix after this, please. Bring me some good news

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sat 02 Apr 2011, 1:50 pm

I followed the steps outlined above for WMI tester and there were zero results from the query. I tried combofix again and got the same AVG message...

I have a large hammer, just say the word...

eta: I'm just kidding about the hammer. just trying to keep things light. I appreciate your help!!

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by Gabethebabe on Sun 03 Apr 2011, 1:53 am

Use your large hammer on whoever invented AVG.
I give up. With combofix that is. We try two other tools that will deal with your infection.

====================
  • Download TDSSKiller by Kaspersky from here and save it to your Desktop
  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
  • The report can also be found in the root of your Windows drive (most likely C:\).


====================
Please download OTL by OldTimer from here and save it to your Desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need to use two posts to get it all.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 2:38 am

tdsskiller report:

2011/04/02 11:35:09.0187 3816 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/02 11:35:09.0531 3816 ================================================================================
2011/04/02 11:35:09.0531 3816 SystemInfo:
2011/04/02 11:35:09.0531 3816
2011/04/02 11:35:09.0562 3816 OS Version: 5.1.2600 ServicePack: 2.0
2011/04/02 11:35:09.0562 3816 Product type: Workstation
2011/04/02 11:35:09.0562 3816 ComputerName: MY-A2A4159540F8
2011/04/02 11:35:09.0562 3816 UserName: Jeremy C
2011/04/02 11:35:09.0562 3816 Windows directory: C:\WINDOWS
2011/04/02 11:35:09.0562 3816 System windows directory: C:\WINDOWS
2011/04/02 11:35:09.0562 3816 Processor architecture: Intel x86
2011/04/02 11:35:09.0562 3816 Number of processors: 1
2011/04/02 11:35:09.0562 3816 Page size: 0x1000
2011/04/02 11:35:09.0562 3816 Boot type: Normal boot
2011/04/02 11:35:09.0562 3816 ================================================================================
2011/04/02 11:35:10.0078 3816 Initialize success
2011/04/02 11:35:17.0046 3000 ================================================================================
2011/04/02 11:35:17.0046 3000 Scan started
2011/04/02 11:35:17.0046 3000 Mode: Manual;
2011/04/02 11:35:17.0046 3000 ================================================================================
2011/04/02 11:35:18.0609 3000 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/02 11:35:18.0828 3000 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/02 11:35:19.0093 3000 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/04/02 11:35:19.0281 3000 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
2011/04/02 11:35:19.0406 3000 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/04/02 11:35:19.0640 3000 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
2011/04/02 11:35:20.0453 3000 ALCXWDM (34fc779e3ce6964546e02596acc8ff48) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/04/02 11:35:21.0906 3000 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
2011/04/02 11:35:22.0093 3000 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/02 11:35:22.0265 3000 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/02 11:35:22.0546 3000 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/02 11:35:22.0843 3000 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/02 11:35:23.0187 3000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/02 11:35:23.0421 3000 brfilt (4ba311473e0d8557827e6f2fe33a8095) C:\WINDOWS\system32\Drivers\Brfilt.sys
2011/04/02 11:35:23.0765 3000 BrSerWDM (791ef93168dcf057715493d607e37983) C:\WINDOWS\system32\Drivers\BrSerWdm.sys
2011/04/02 11:35:23.0921 3000 BrUsbMdm (37e2d0b12ddf536cd64af6eb3b580ef8) C:\WINDOWS\system32\Drivers\BrUsbMdm.sys
2011/04/02 11:35:24.0031 3000 BrUsbScn (1c5f014048e5b2748c1a8ad297c50b6f) C:\WINDOWS\system32\Drivers\BrUsbScn.sys
2011/04/02 11:35:24.0156 3000 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/02 11:35:24.0390 3000 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/04/02 11:35:24.0703 3000 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/02 11:35:24.0890 3000 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/02 11:35:25.0062 3000 cdrbsvsd (7fc46240546c16c0448c29c9d233b915) C:\WINDOWS\system32\drivers\cdrbsvsd.sys
2011/04/02 11:35:25.0281 3000 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/02 11:35:26.0640 3000 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/02 11:35:26.0828 3000 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/02 11:35:27.0062 3000 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/02 11:35:27.0234 3000 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/02 11:35:27.0484 3000 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/02 11:35:27.0890 3000 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/02 11:35:28.0234 3000 EUBAKUP (3e5ddbd7405ad6f59f0646a15c754079) C:\WINDOWS\system32\drivers\eubakup.sys
2011/04/02 11:35:28.0484 3000 EuDisk (155666649521732bd4cc1a10823515f0) C:\WINDOWS\system32\DRIVERS\EuDisk.sys
2011/04/02 11:35:28.0703 3000 EUDSKACS (1acc054dfcc3a53cdbc8cfd6b111346f) C:\WINDOWS\system32\drivers\eudskacs.sys
2011/04/02 11:35:28.0875 3000 EUFS (a0dea491ac141207b348013725651044) C:\WINDOWS\system32\drivers\eufs.sys
2011/04/02 11:35:29.0093 3000 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/02 11:35:29.0328 3000 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/02 11:35:29.0453 3000 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/02 11:35:29.0671 3000 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/04/02 11:35:29.0781 3000 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/04/02 11:35:29.0984 3000 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/02 11:35:30.0140 3000 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/02 11:35:30.0312 3000 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/04/02 11:35:30.0453 3000 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/02 11:35:30.0750 3000 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/02 11:35:31.0078 3000 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/02 11:35:31.0515 3000 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/02 11:35:31.0718 3000 ialm (afa7c99d211a2aff21a287bc4264cde6) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/04/02 11:35:31.0937 3000 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/02 11:35:32.0281 3000 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/02 11:35:32.0468 3000 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/02 11:35:32.0625 3000 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/04/02 11:35:32.0843 3000 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/02 11:35:32.0984 3000 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/02 11:35:33.0156 3000 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/02 11:35:33.0484 3000 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/02 11:35:33.0671 3000 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/02 11:35:33.0859 3000 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/02 11:35:34.0156 3000 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/02 11:35:34.0343 3000 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/02 11:35:34.0531 3000 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/02 11:35:35.0156 3000 mcdbus (f922b609524cf1ed66a1a109f3ce014f) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/04/02 11:35:35.0296 3000 mf (729d83e56c29c510258a6e9e79ffddc3) C:\WINDOWS\system32\DRIVERS\mf.sys
2011/04/02 11:35:35.0453 3000 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/02 11:35:35.0734 3000 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/02 11:35:35.0890 3000 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/02 11:35:36.0078 3000 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/02 11:35:36.0218 3000 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/02 11:35:36.0656 3000 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/02 11:35:36.0796 3000 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/02 11:35:37.0140 3000 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/02 11:35:37.0328 3000 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/02 11:35:37.0515 3000 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/02 11:35:37.0734 3000 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/02 11:35:37.0921 3000 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/02 11:35:38.0046 3000 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/04/02 11:35:38.0203 3000 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/02 11:35:38.0359 3000 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/04/02 11:35:38.0546 3000 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/02 11:35:38.0718 3000 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/04/02 11:35:38.0890 3000 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/02 11:35:39.0109 3000 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/02 11:35:39.0328 3000 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/02 11:35:39.0562 3000 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/02 11:35:39.0734 3000 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/02 11:35:39.0921 3000 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/02 11:35:40.0312 3000 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/02 11:35:40.0593 3000 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/02 11:35:40.0875 3000 NuidFltr (e8717d9b0d1919cadafd8896a8e23e17) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2011/04/02 11:35:41.0031 3000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/02 11:35:41.0171 3000 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/02 11:35:41.0296 3000 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/02 11:35:41.0453 3000 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/02 11:35:41.0593 3000 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/02 11:35:41.0781 3000 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/02 11:35:41.0921 3000 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/02 11:35:42.0234 3000 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/02 11:35:42.0421 3000 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/02 11:35:42.0578 3000 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/04/02 11:35:44.0296 3000 Point32 (b4f59a953ef9e507f0d00c3a68580b8b) C:\WINDOWS\system32\DRIVERS\point32.sys
2011/04/02 11:35:44.0500 3000 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/02 11:35:44.0765 3000 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/02 11:35:44.0906 3000 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/02 11:35:45.0125 3000 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/02 11:35:46.0078 3000 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/02 11:35:46.0234 3000 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/02 11:35:46.0437 3000 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/02 11:35:46.0625 3000 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/02 11:35:46.0765 3000 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/02 11:35:46.0937 3000 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/02 11:35:47.0296 3000 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/02 11:35:47.0515 3000 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/02 11:35:47.0828 3000 RTL8023xp (7889e3981e0a5d347e037abd467d53a5) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/04/02 11:35:48.0000 3000 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/04/02 11:35:48.0125 3000 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/04/02 11:35:48.0296 3000 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/04/02 11:35:48.0562 3000 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/02 11:35:48.0828 3000 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/02 11:35:49.0046 3000 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/02 11:35:49.0328 3000 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/02 11:35:49.0734 3000 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/04/02 11:35:49.0953 3000 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
2011/04/02 11:35:50.0281 3000 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/02 11:35:50.0515 3000 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/02 11:35:50.0796 3000 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/02 11:35:51.0125 3000 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/04/02 11:35:51.0328 3000 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/02 11:35:51.0484 3000 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/02 11:35:52.0203 3000 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/02 11:35:52.0500 3000 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/02 11:35:52.0656 3000 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/02 11:35:52.0875 3000 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/02 11:35:52.0984 3000 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/02 11:35:53.0359 3000 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/02 11:35:53.0625 3000 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/02 11:35:53.0937 3000 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/04/02 11:35:54.0093 3000 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/04/02 11:35:54.0296 3000 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/02 11:35:54.0437 3000 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/02 11:35:54.0625 3000 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/02 11:35:54.0796 3000 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/02 11:35:54.0953 3000 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/02 11:35:55.0171 3000 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/02 11:35:55.0312 3000 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/02 11:35:55.0437 3000 USB_RNDIS_XP (af090265ec388bab320f1ff7e7a7d5ea) C:\WINDOWS\system32\DRIVERS\usb8023.sys
2011/04/02 11:35:55.0656 3000 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/04/02 11:35:56.0015 3000 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/02 11:35:56.0296 3000 VX1000 (f4fab0b9d43a65f79fc838c94006f643) C:\WINDOWS\system32\DRIVERS\VX1000.sys
2011/04/02 11:35:56.0625 3000 VX6000 (23c729c7c2465c901f52979b0a43e0e4) C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys
2011/04/02 11:35:56.0921 3000 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/02 11:35:57.0140 3000 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/04/02 11:35:57.0484 3000 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/02 11:35:58.0093 3000 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/04/02 11:35:58.0375 3000 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/04/02 11:35:58.0578 3000 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/04/02 11:35:58.0750 3000 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/04/02 11:35:59.0000 3000 X4HSX32 (28a27b68984b068567f109204ef74e0d) C:\Program Files\GameTap\bin\Release\X4HSX32.Sys
2011/04/02 11:35:59.0359 3000 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/04/02 11:35:59.0531 3000 ================================================================================
2011/04/02 11:35:59.0531 3000 Scan finished
2011/04/02 11:35:59.0531 3000 ================================================================================
2011/04/02 11:35:59.0578 0604 Detected object count: 1
2011/04/02 11:37:45.0578 0604 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/04/02 11:37:45.0578 0604 \HardDisk0 - ok
2011/04/02 11:37:45.0578 0604 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:20 am

extras.txt:

OTL Extras logfile created on: 4/2/2011 11:40:16 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jeremy C\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 42.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 49.10 Gb Free Space | 65.88% Space Free | Partition Type: NTFS
Drive E: | 114.49 Gb Total Space | 45.74 Gb Free Space | 39.95% Space Free | Partition Type: NTFS

Computer Name: MY-A2A4159540F8 | User Name: Jeremy C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"6881:TCP" = 6881:TCP:*:Enabled:utorrent
"6882:TCP" = 6882:TCP:*:Enabled:utorrent2
"6883:TCP" = 6883:TCP:*:Enabled:utorrent3
"59993:TCP" = 59993:TCP:*:Enabled:Azureus

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Grisoft\AVG Free\avginet.exe" = C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe" = C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe
"C:\Program Files\Grisoft\AVG Free\avgcc.exe" = C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Program Files\GameTap\bin\Release\gametap.exe" = C:\Program Files\GameTap\bin\Release\gametap.exe:*:Enabled:gametap -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe" = C:\Program Files\RedlightCenter\RedLightCenter\Redlightcenter.exe:*:Enabled:Redlightcenter
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\SecondLife\SLVoice.exe" = C:\Program Files\SecondLife\SLVoice.exe:*:Disabled:SLVoice
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe" = C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird -- (Mozilla Messaging)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\pfs\callatl\rteng9.exe" = C:\pfs\callatl\rteng9.exe:*:Enabled:Adaptive Server Anywhere Network Server -- (iAnywhere Solutions, Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}" = ArcSoft Print Creations
"{0F92D4CE-8D3C-48FE-89C9-5CB7C02F8FB0}" = Fisher-Price Leo and the Dinosaurs
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_Pro9000_II_series" = Canon Pro9000 II series Printer Driver
"{12E75B98-8463-4C1F-8DDA-F6CF31566A55}" = Google SketchUp Pro 6
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{188993D8-9B2B-475B-89DE-381419A9C1E4}" = Fisher-Price Clifford's Classroom
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206A595B-6ED6-4547-9293-C448139826EC}" = CallAtlanta
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{34E9641A-7DB3-4F08-961E-5069F533A0C1}" = Brother MFL-Pro Suite
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43D2A1DD-69C9-4E86-8F51-4890A6263863}" = VTech® Photo Editor
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BCB7EAA-598C-4836-B7EA-3642E41AA222}" = Microsoft LifeCam
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{803805A4-A3F7-4504-8B19-9A63BC8A4551}" = Fisher-Price Computer Cool School
"{83682B4C-B98C-4BEB-97CC-8EAD2AF9E4C6}" = MyIdentityDefender Toolbar (CyberDefender Corporation)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85DE22DE-CB29-4A0C-8930-09BC030F64BF}" = Fisher-Price Dora and Diego's Classroom
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D18465E-8B80-4AC1-8ABB-B42978B171E3}" = HP Photo and Imaging 1.0 - Scanjet 2300c Series
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-100000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}" = PaperPort 8.0 SE
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5F5F271-F80A-4963-BF29-43B16E5EB388}" = NetObjects Fusion 11.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C12D609B-EB71-411B-82C3-9BE6D40435D7}" = Google SketchUp LayOut 6
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3DE07CB-036F-45BC-85BD-D6FFC5D33603}" = TurboTax 2008 wnyiper
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}" = LightScribe System Software 1.17.90.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03E7B00-CA85-4684-9321-1888873C34BD}" = ArcSoft PhotoImpression 6
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D76D1828-BBA0-4BD9-8181-5ACC617DC5F2}" = Virtual Earth 3D (Beta)
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}" = Google SketchUp 6 Exporters
"{EBA4ECB6-8F08-4E3F-A1D1-6564931DFEAF}" = Fisher-Price Scooby-Doo's Classroom
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in
"8461-7759-5462-8226" = Vuze
"Adobe Acrobat 7.0 Professional - V" = Adobe Acrobat 7.0 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Ask Toolbar_is1" = Vuze Toolbar
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.6 (Unicode)
"AutoCAD 2008 - English" = AutoCAD 2008 - English
"Azureus" = Azureus
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon Pro9000 Mark II series User Registration" = Canon Pro9000 Mark II series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"conduitEngine" = Conduit Engine
"CSCLIB" = Canon Camera Support Core Library
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DPP" = Canon Utilities Digital Photo Professional 3.8
"DzSoftPPSlideShowConv_is1" = PowerPoint Slide Show Converter 3.1
"EASEUS Todo Backup Home 2.0_is1" = EASEUS Todo Backup Home 2.0
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Edmark's Early Academic Software Series 3.1.1" = Edmark's Early Academic Software Series v3.1.1
"EOS Utility" = Canon Utilities EOS Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"Exact Audio Copy" = Exact Audio Copy 0.99pb3
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"foobar2000" = foobar2000 v0.9.6.3
"Google Chrome" = Google Chrome
"Graboid Video" = Graboid Video 1.73
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{0F92D4CE-8D3C-48FE-89C9-5CB7C02F8FB0}" = Fisher-Price Leo and the Dinosaurs
"InstallShield_{188993D8-9B2B-475B-89DE-381419A9C1E4}" = Fisher-Price Clifford's Classroom
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{803805A4-A3F7-4504-8B19-9A63BC8A4551}" = Fisher-Price Computer Cool School
"InstallShield_{85DE22DE-CB29-4A0C-8930-09BC030F64BF}" = Fisher-Price Dora and Diego's Classroom
"InstallShield_{EBA4ECB6-8F08-4E3F-A1D1-6564931DFEAF}" = Fisher-Price Scooby-Doo's Classroom
"InterActual Player" = InterActual Player
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"MagicDisc 2.5.79" = MagicDisc 2.5.79
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MP4 to MP3 Converter" = MP4 to MP3 Converter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Opera 11.01.1190" = Opera 11.01
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PCI Desk" = PCI Desk Wallpaper
"PCI Screen Saver" = PCI Screen Saver
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Revo Uninstaller" = Revo Uninstaller 1.91
"Road Runner Install_is1" = Road Runner Install
"RoadRunnerMedic6.1_is1" = Road Runner Medic 6.1
"Shutterfly Plugin" = Shutterfly Plugin
"SmartDraw 2008" = SmartDraw 2008
"SmartDraw PDF Filter" = SmartDraw PDF Filter
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"TurboTax 2008" = TurboTax 2008
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.2
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WFTK" = Canon Utilities WFT Utility
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft DVD Ripper Platinum" = Xilisoft DVD Ripper Platinum 4
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Yahoo! Customizations" = Yahoo! Browser Services
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/1/2011 12:06:00 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 1:39:05 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 1:39:26 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 1:39:48 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 1:40:35 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 1:41:09 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 2:50:59 PM | Computer Name = MY-A2A4159540F8 | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 4/1/2011 10:51:57 PM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

Error - 4/1/2011 10:52:37 PM | Computer Name = MY-A2A4159540F8 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module mshtml.dll, version 8.0.6001.18928, fault address 0x000891e4.

Error - 4/2/2011 7:17:25 AM | Computer Name = MY-A2A4159540F8 | Source = MsiInstaller | ID = 11327
Description = Product: Microsoft Office 2000 Small Business -- Error 1327. Invalid
Drive: G:\

[ System Events ]
Error - 4/1/2011 10:40:15 PM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 4/1/2011 10:45:46 PM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7034
Description = The EASEUS Agent service terminated unexpectedly. It has done this
1 time(s).

Error - 4/2/2011 6:49:50 AM | Computer Name = MY-A2A4159540F8 | Source = SRService | ID = 104
Description = The System Restore initialization process failed.

Error - 4/2/2011 6:50:14 AM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends on the following nonexistent service:
AVGIDSDriver

Error - 4/2/2011 6:50:14 AM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7000
Description = The iPodDrv service failed to start due to the following error: %%2

Error - 4/2/2011 6:50:14 AM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7023
Description = The Intel CPU service terminated with the following error: %%126

Error - 4/2/2011 6:50:14 AM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2

Error - 4/2/2011 6:50:14 AM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7023
Description = The srv8D4 service terminated with the following error: %%127

Error - 4/2/2011 6:50:18 AM | Computer Name = MY-A2A4159540F8 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 4/2/2011 6:54:29 AM | Computer Name = MY-A2A4159540F8 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.


< End of report >

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:21 am

OTL.txt part 1:

OTL logfile created on: 4/2/2011 11:40:16 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jeremy C\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 42.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 49.10 Gb Free Space | 65.88% Space Free | Partition Type: NTFS
Drive E: | 114.49 Gb Total Space | 45.74 Gb Free Space | 39.95% Space Free | Partition Type: NTFS

Computer Name: MY-A2A4159540F8 | User Name: Jeremy C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/02 11:34:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
PRC - [2011/03/20 09:07:52 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 12\plugin-container.exe
PRC - [2011/03/20 09:07:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe
PRC - [2011/01/22 16:58:30 | 000,069,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
PRC - [2011/01/22 16:58:30 | 000,055,688 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe
PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/10/10 06:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/08/04 17:22:18 | 000,164,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/07 11:54:06 | 000,202,280 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
PRC - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/12/14 05:44:40 | 000,069,632 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
PRC - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe


========== Modules (SafeList) ==========

MOD - [2011/04/02 11:34:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (itlperf)
SRV - File not found [Auto | Stopped] -- -- (AVGIDSAgent)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/01 09:16:41 | 000,029,696 | -HS- | M] () [Auto | Stopped] -- \\?\globalroot\Device\HarddiskVolume2\WINDOWS\Temp\srv8D4.tmp [WARNING: \\?\globalroot\Device\HarddiskVolume2\WINDOWS\Temp\srv8D4.tmp] -- (srv8D4)
SRV - [2011/01/22 16:58:30 | 000,055,688 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe -- (EASEUS Agent)
SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/04/02 13:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 13:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/10/10 06:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/08/04 17:22:18 | 000,164,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/02/16 10:39:25 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/02/10 11:44:49 | 000,085,096 | ---- | M] (Autodesk) [Disabled | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/03/07 11:54:06 | 000,202,280 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\twc\medicsp2\bin\sprtsvc.exe -- (sprtsvc_medicsp2) SupportSoft Sprocket Service (medicsp2)
SRV - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Brmfrmps.exe -- (brmfrmps)


========== Driver Services (SafeList) ==========

DRV - [2011/01/22 16:58:22 | 000,020,744 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eufs.sys -- (EUFS)
DRV - [2011/01/22 16:58:20 | 000,014,216 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2011/01/22 16:58:18 | 000,030,472 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2011/01/22 16:58:16 | 000,187,400 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EuDisk.sys -- (EuDisk)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/08/04 17:22:22 | 002,077,840 | ---- | M] (Microsoft Corporation
) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX6000Xp.sys -- (VX6000)
DRV - [2007/09/05 02:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/10 17:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2007/02/23 10:00:52 | 000,031,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\GameTap\bin\Release\X4HSX32.sys -- (X4HSX32)
DRV - [2006/03/01 03:39:10 | 003,959,360 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/11/21 01:48:20 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2005/09/29 23:11:00 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/04 08:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2004/08/04 08:00:00 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/12/03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2002/10/15 23:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001/08/17 14:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn)
DRV - [2001/08/17 14:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4b82861b&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 10:16:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/04 17:19:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/04 17:19:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 12\components [2011/03/20 09:07:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 12\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/26 23:51:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/04/11 19:10:20 | 000,000,000 | ---D | M]

[2011/02/28 09:46:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Extensions
[2011/01/24 09:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/03/27 13:05:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions
[2011/03/01 13:20:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/28 09:54:55 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2011/02/28 09:54:56 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2011/03/03 17:23:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/02 18:36:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JEREMY C\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IFGN87KL.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JEREMY C\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IFGN87KL.DEFAULT\EXTENSIONS\FFEXT@FBBUTTON.COM.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JEREMY C\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IFGN87KL.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010/12/02 18:35:42 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/02 18:35:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/04/27 18:31:10 | 000,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - File not found
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} [You must be registered and logged in to see this link.] (Support.com Configuration Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Jeremy C\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeremy C\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/25 01:10:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell - "" = AutoRun
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell - "" = AutoRun
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: srv8D4 - \\?\globalroot\Device\HarddiskVolume2\WINDOWS\Temp\srv8D4.tmp ()
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "Bonjour Service"
MsConfig - Services: "Autodesk Licensing Service"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^My Computer^Start Menu^Programs^Startup^MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe - (MagicISO, Inc.)
MsConfig - StartUpReg: Acrobat Assistant 7.0 - hkey= - key= - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg: Active Desktop Calendar - hkey= - key= - File not found
MsConfig - StartUpReg: Ad-Watch - hkey= - key= - File not found
MsConfig - StartUpReg: AV Care - hkey= - key= - File not found
MsConfig - StartUpReg: brastk - hkey= - key= - File not found
MsConfig - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig - StartUpReg: CanonSolutionMenu - hkey= - key= - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: CyberDefender Registry Cleaner - hkey= - key= - File not found
MsConfig - StartUpReg: doubleTwist - hkey= - key= - File not found
MsConfig - StartUpReg: DriverCure - hkey= - key= - File not found
MsConfig - StartUpReg: EPSON Stylus Photo R280 Series (Copy 1) - hkey= - key= - File not found
MsConfig - StartUpReg: FBSearch - hkey= - key= - File not found
MsConfig - StartUpReg: FPCCSMiddleware - hkey= - key= - C:\Program Files\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe ()
MsConfig - StartUpReg: igfxhkcmd - hkey= - key= - File not found
MsConfig - StartUpReg: igfxpers - hkey= - key= - File not found
MsConfig - StartUpReg: igfxtray - hkey= - key= - File not found
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Program Files\Scansoft\PaperPort\IndexSearch.exe ()
MsConfig - StartUpReg: IntelliPoint - hkey= - key= - C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: LifeCam - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: medicsp2 - hkey= - key= - C:\Program Files\twc\medicsp2\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig - StartUpReg: Monopod - hkey= - key= - File not found
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NBJ - hkey= - key= - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Program Files\Scansoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: SetDefPrt - hkey= - key= - C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe ()
MsConfig - StartUpReg: Share-to-Web Namespace Daemon - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SmileboxTray - hkey= - key= - File not found
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: sysldtray - hkey= - key= - File not found
MsConfig - StartUpReg: system tool - hkey= - key= - File not found
MsConfig - StartUpReg: tmwdssur - hkey= - key= - File not found
MsConfig - StartUpReg: VX1000 - hkey= - key= - C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
MsConfig - StartUpReg: VX6000 - hkey= - key= - C:\WINDOWS\vVX6000.exe (Microsoft Corporation
)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: srv8D4 - \\?\globalroot\Device\HarddiskVolume2\WINDOWS\Temp\srv8D4.tmp ()
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Macromedia Shockwave Director 10.1.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5B428065-CE2B-CC7D-6974-1430E5E154F1} - Internet Explorer
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9B398258-FFC0-D4F7-C9A1-D332B960E724} - Java (Sun)
ActiveX: {9BCC61B9-F03A-5098-4810-52C0C184341A} - DirectX
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {DB9D75DA-A2E8-FB40-4247-A6A345E31C34} - NetShow
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/02 11:34:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
[2011/04/02 11:34:07 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jeremy C\Desktop\tdsskiller.exe
[2011/03/31 11:11:10 | 000,546,816 | ---- | C] (TFTC) -- C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe
[2011/03/31 06:15:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy C\Start Menu\Programs\Revo Uninstaller
[2011/03/31 06:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/03/31 06:15:13 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Jeremy C\Desktop\revosetup.exe
[2011/03/30 22:15:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/03/30 20:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/30 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/30 20:23:35 | 004,738,880 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Jeremy C\Desktop\avg_free_stb_all_2011_1204_cnet.exe
[2011/03/30 13:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2011/03/30 11:58:17 | 006,238,248 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\Jeremy C\Desktop\AppRemover.exe
[2011/03/30 11:47:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/27 13:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/03/27 13:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/03/26 23:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Thunderbird
[2011/03/26 23:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Thunderbird
[2011/03/26 11:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer
[2011/03/26 11:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/03/25 22:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/03/25 00:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/03/25 00:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/03/24 20:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/03/24 20:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/03/24 20:14:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/03/24 20:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/03/15 09:10:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/15 08:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/15 08:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/14 09:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy C\Desktop\Resume etc
[2011/03/04 17:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 12
[2011/03/04 11:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2011/03/04 09:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy C\Application Data\Audacity
[2011/03/04 09:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/04 09:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy C\Start Menu\Programs\HiJackThis
[5 E:\My Documents\*.tmp files -> E:\My Documents\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/02 11:34:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
[2011/04/02 11:34:00 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jeremy C\Desktop\tdsskiller.exe
[2011/04/02 07:21:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/02 06:52:25 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/02 06:48:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/31 11:11:16 | 000,118,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\1385E.sys
[2011/03/31 11:11:10 | 000,546,816 | ---- | M] (TFTC) -- C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe
[2011/03/31 06:15:49 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\Revo Uninstaller.lnk
[2011/03/31 06:15:03 | 002,649,016 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Jeremy C\Desktop\revosetup.exe
[2011/03/30 20:23:32 | 004,738,880 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Jeremy C\Desktop\avg_free_stb_all_2011_1204_cnet.exe
[2011/03/30 20:21:37 | 004,310,058 | R--- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\ComboFix.exe
[2011/03/30 20:14:18 | 000,002,162 | ---- | M] () -- C:\WINDOWS\BrmfBidi.ini
[2011/03/30 11:18:22 | 006,238,248 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\Jeremy C\Desktop\AppRemover.exe
[2011/03/30 07:12:44 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\HiJackThis.lnk
[2011/03/29 22:36:52 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\EUOD.DAT
[2011/03/29 22:36:36 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/03/29 11:10:28 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/22 21:45:39 | 000,025,261 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\166878_1776834749666_1503290023_3208419_4722233_n.jpg
[2011/03/21 10:28:55 | 000,076,056 | ---- | M] () -- C:\DC6810xp-001.raw
[2011/03/15 16:06:37 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/03/14 09:57:03 | 000,011,201 | ---- | M] () -- E:\My Documents\Professional References.pdf
[2011/03/14 09:55:03 | 000,009,000 | ---- | M] () -- E:\My Documents\cover letter.pdf
[2011/03/13 11:40:29 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 11:40:29 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/07 09:41:42 | 000,025,556 | ---- | M] () -- E:\My Documents\banjoclown3a.jpg
[2011/03/06 19:07:54 | 000,133,799 | ---- | M] () -- E:\My Documents\banjoclown3.jpg
[2011/03/04 21:13:30 | 000,061,494 | ---- | M] () -- E:\My Documents\banjoass.jpg
[2011/03/04 17:25:45 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 12.lnk
[2011/03/04 16:55:00 | 000,000,013 | ---- | M] () -- C:\Documents and Settings\Jeremy C\cvdm.err
[5 E:\My Documents\*.tmp files -> E:\My Documents\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:23 am

========== Files Created - No Company Name ==========

[2011/03/31 11:11:16 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\1385E.sys
[2011/03/31 06:15:49 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\Revo Uninstaller.lnk
[2011/03/30 20:21:43 | 004,310,058 | R--- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\ComboFix.exe
[2011/03/22 21:43:59 | 000,025,261 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\166878_1776834749666_1503290023_3208419_4722233_n.jpg
[2011/03/15 16:06:37 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/03/14 09:57:00 | 000,011,201 | ---- | C] () -- E:\My Documents\Professional References.pdf
[2011/03/14 09:54:49 | 000,009,000 | ---- | C] () -- E:\My Documents\cover letter.pdf
[2011/03/07 09:41:40 | 000,025,556 | ---- | C] () -- E:\My Documents\banjoclown3a.jpg
[2011/03/06 19:07:54 | 000,133,799 | ---- | C] () -- E:\My Documents\banjoclown3.jpg
[2011/03/04 21:13:27 | 000,061,494 | ---- | C] () -- E:\My Documents\banjoass.jpg
[2011/03/04 17:25:45 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 12.lnk
[2011/03/04 17:24:20 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox 4.0 Beta 12.lnk
[2011/03/04 09:22:07 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\HiJackThis.lnk
[2011/02/23 17:18:14 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\EUOD.DAT
[2011/01/11 22:04:55 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/05 20:02:54 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/11/05 20:02:54 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/10/18 16:41:11 | 000,000,094 | ---- | C] () -- C:\WINDOWS\ka.ini
[2010/08/30 18:30:19 | 000,294,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/29 18:41:01 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/07/29 18:41:01 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/07/29 18:41:01 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/07/29 18:41:00 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/04/02 20:37:13 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/04/02 20:35:05 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/12 21:45:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/12/19 21:22:26 | 000,039,832 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/18 10:11:35 | 000,000,062 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini
[2009/06/01 19:25:56 | 016,742,799 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-0.9.9-win32.exe
[2009/03/02 17:35:27 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\nnr.dll
[2009/02/15 21:59:53 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/15 09:23:12 | 000,074,752 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2009/01/03 10:25:50 | 000,015,497 | ---- | C] () -- C:\WINDOWS\VX6KStd.ini
[2008/04/23 22:48:55 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/04/23 22:48:55 | 000,002,556 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/02/13 22:21:20 | 000,000,072 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2008/02/12 23:07:49 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2008/01/19 11:09:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/12/30 19:10:57 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/12/30 19:10:57 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2007/12/30 19:10:57 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/12/30 19:10:57 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2007/12/30 19:10:57 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2007/12/30 19:10:57 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2007/12/30 19:10:57 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/12/30 19:10:57 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2007/12/30 19:10:57 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2007/12/30 19:10:57 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2007/12/30 19:10:57 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2007/12/30 19:10:57 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2007/12/30 19:10:57 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2007/12/30 19:10:57 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2007/12/30 19:10:57 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2007/12/30 19:10:57 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/12/30 19:09:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSPR280.ini
[2007/12/29 14:53:34 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2007/12/10 22:39:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2007/03/06 22:10:40 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/27 23:06:35 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/02/27 10:10:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2007/02/21 10:16:40 | 000,000,209 | ---- | C] () -- C:\WINDOWS\disney.ini
[2007/02/15 21:31:23 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007/02/05 11:24:28 | 000,000,178 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/02/05 10:27:57 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hpgt23.dll
[2007/02/03 23:18:37 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/02/02 17:36:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/02 00:22:29 | 000,000,645 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini
[2007/02/02 00:22:29 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/02/02 00:22:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\m8220def.dat
[2007/02/02 00:22:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007/02/02 00:03:21 | 000,000,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/02/01 23:59:34 | 000,002,162 | ---- | C] () -- C:\WINDOWS\BrmfBidi.ini
[2007/02/01 20:58:53 | 000,005,170 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/02/01 20:55:27 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/02/01 14:15:20 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/09/25 16:14:24 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/09/25 16:13:27 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/09/25 15:38:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006/09/25 01:13:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/09/25 01:07:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/09/24 20:37:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/09/24 20:36:30 | 001,490,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/03/10 21:00:16 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\BRMSL07.BIN
[2002/08/12 09:19:42 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\Welsof32.dll
[2002/01/08 17:57:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[1999/03/21 20:22:41 | 000,000,136 | ---- | C] () -- C:\WINDOWS\System32\mstraps.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2010/12/02 18:35:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\deployJava1.dll
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2010/05/06 06:41:50 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys >
[2011/03/31 11:11:16 | 000,118,272 | ---- | M] () -- C:\WINDOWS\system32\drivers\1385E.sys
[2004/08/04 08:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpi.sys
[2004/08/04 08:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpiec.sys
[2006/02/14 20:22:26 | 000,142,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys
[2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\WINDOWS\system32\drivers\afc.sys
[2008/08/14 05:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\afd.sys
[2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS
[2006/03/01 03:39:10 | 003,959,360 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\alcxwdm.sys
[2004/08/04 08:00:00 | 000,036,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk6.sys
[2004/08/04 08:00:00 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys
[2004/08/04 08:00:00 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\arp1394.sys
[2005/11/21 01:48:20 | 000,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\ASPI32.SYS
[2004/08/04 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 08:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2004/08/04 08:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2004/08/04 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmlane.sys
[2004/08/04 08:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 09:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\audstub.sys
[2004/08/04 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\beep.sys
[2001/08/17 14:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrFilt.sys
[2004/08/04 08:00:00 | 000,071,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bridge.sys
[2003/03/13 20:04:20 | 000,061,952 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrSerWdm.sys
[2001/08/17 14:12:20 | 000,011,008 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbMdm.sys
[2001/08/17 14:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys
[2008/06/13 09:10:50 | 000,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys
[2004/08/04 08:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2004/08/04 00:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\CCDECODE.sys
[2004/08/04 08:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2004/08/04 08:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdfs.sys
[2008/01/04 17:58:46 | 000,009,336 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys
[2008/01/04 17:58:46 | 000,009,464 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys
[2003/12/03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\drivers\cdrbsvsd.sys
[2004/08/04 08:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/04 08:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2004/08/04 08:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\classpnp.sys
[2004/08/04 08:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2004/08/04 08:00:00 | 000,036,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\crusoe.sys
[2004/08/04 08:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\disk.sys
[2004/08/04 08:00:00 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\diskdump.sys
[2004/08/04 08:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmboot.sys
[2004/08/04 08:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmio.sys
[2004/08/04 08:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\system32\drivers\dmload.sys
[2004/08/03 23:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys
[2004/08/03 23:08:00 | 000,060,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmk.sys
[2004/08/03 23:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2004/08/04 08:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxapi.sys
[2004/08/04 08:00:00 | 000,071,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxg.sys
[2004/08/04 08:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2011/01/22 16:58:18 | 000,030,472 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\system32\drivers\eubakup.sys
[2011/01/22 16:58:16 | 000,187,400 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\system32\drivers\EuDisk.sys
[2011/01/22 16:58:20 | 000,014,216 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\system32\drivers\eudskacs.sys
[2011/01/22 16:58:22 | 000,020,744 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\system32\drivers\eufs.sys
[2004/08/04 08:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fastfat.sys
[2004/08/04 08:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fdc.sys
[2004/08/04 08:00:00 | 000,034,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fips.sys
[2004/08/04 08:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2006/08/21 05:14:58 | 000,128,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltmgr.sys
[2004/08/04 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys
[2004/08/04 08:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2004/08/04 08:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2009/05/18 15:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
[2004/08/04 08:00:00 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidclass.sys
[2004/08/04 08:00:00 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidparse.sys
[2001/08/17 15:02:20 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidusb.sys
[2009/10/20 10:58:48 | 000,263,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\http.sys
[2004/08/04 00:14:38 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2005/08/23 12:00:00 | 001,052,732 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys
[2004/08/04 08:00:00 | 000,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\imapi.sys
[2004/08/03 18:59:42 | 000,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelide.sys
[2004/08/04 08:00:00 | 000,036,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys
[2004/08/04 08:00:00 | 000,029,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2004/08/04 08:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2004/08/04 08:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipinip.sys
[2004/09/29 18:28:37 | 000,134,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipnat.sys
[2004/08/04 08:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipsec.sys
[2004/08/04 08:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irenum.sys
[2004/08/04 08:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys
[2004/08/04 08:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2006/06/14 04:47:45 | 000,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys
[2004/08/04 00:15:22 | 000,140,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ks.sys
[2009/06/22 07:34:52 | 000,092,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2004/08/04 08:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mcd.sys
[2007/09/05 02:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) -- C:\WINDOWS\system32\drivers\mcdbus.sys
[2004/08/04 08:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys
[2004/08/04 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2004/08/04 08:00:00 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\modem.sys
[2004/08/03 23:58:34 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouclass.sys
[2001/08/17 14:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouhid.sys
[2004/08/04 08:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2007/12/18 05:51:35 | 000,179,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2010/02/24 08:31:30 | 000,454,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2004/08/04 08:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msfs.sys
[2004/08/04 08:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgpc.sys
[2004/08/03 22:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys
[2004/08/03 22:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[2004/08/03 22:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys
[2004/08/04 08:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2004/08/03 23:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSTEE.sys
[2004/08/04 08:00:00 | 000,107,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mup.sys
[2004/08/04 00:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NABTSFEC.sys
[2004/08/04 08:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/04 00:10:14 | 000,010,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\NdisIP.sys
[2004/08/04 08:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2004/08/04 08:00:00 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2004/08/04 08:00:00 | 000,091,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2004/08/04 08:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2004/08/04 08:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbios.sys
[2004/08/04 08:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbt.sys
[2004/08/04 08:00:00 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nic1394.sys
[2004/08/04 08:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2004/08/04 08:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys
[2004/08/04 08:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\npfs.sys
[2007/02/09 07:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ntfs.sys
[2007/08/31 12:58:20 | 000,018,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nuidfltr.sys
[2004/08/04 08:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\null.sys
[2004/08/04 08:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2004/08/04 08:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2004/08/04 08:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2004/08/04 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2004/08/04 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2004/08/04 08:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2004/08/04 08:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\p3.sys
[2004/08/04 08:00:00 | 000,080,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parport.sys
[2004/08/04 08:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\partmgr.sys
[2004/08/04 08:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parvdm.sys
[2004/08/04 08:00:00 | 000,068,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pci.sys
[2001/08/17 13:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys
[2004/08/03 22:59:42 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciidex.sys
[2004/08/04 08:00:00 | 000,119,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2010/01/12 00:25:37 | 000,047,360 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\pcouffin.sys
[2007/08/21 02:13:00 | 000,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\point32.sys
[2004/08/03 23:15:50 | 000,145,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\portcls.sys
[2004/08/04 08:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\processr.sys
[2004/08/04 08:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\psched.sys
[2004/08/04 08:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys
[2008/01/04 17:58:46 | 000,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys
[2004/08/04 08:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasacd.sys
[2004/08/04 08:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2004/08/04 08:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2004/08/04 08:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspptp.sys
[2004/08/04 08:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspti.sys
[2004/08/04 08:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rawwan.sys
[2006/05/05 05:47:57 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdbss.sys
[2004/08/04 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2004/08/03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2005/06/10 00:09:46 | 000,139,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2004/08/03 18:59:38 | 000,057,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\redbook.sys
[2004/08/04 08:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2004/08/04 08:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008/05/08 08:28:49 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rmcast.sys
[2004/08/04 08:00:00 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismp.sys
[2004/08/04 08:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys
[2005/09/29 23:11:00 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys
[2004/08/04 08:00:00 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\scsiport.sys
[2004/08/04 08:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys
[2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys
[2004/08/04 08:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serenum.sys
[2004/08/04 08:00:00 | 000,064,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serial.sys
[2004/08/04 08:00:00 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2004/08/04 08:00:00 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2004/08/04 08:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2004/08/04 00:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\SLIP.sys
[2004/08/04 08:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smclib.sys
[2004/08/04 08:00:00 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2001/11/05 10:23:14 | 000,006,097 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\sonyhcb.sys
[2001/11/05 10:23:20 | 000,038,739 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\sonyhcc.sys
[2001/11/05 10:23:52 | 000,299,923 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\sonyhcs.sys
[2002/10/15 23:41:06 | 000,102,220 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\sonypvs1.sys
[2006/06/14 04:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys
[2004/08/04 08:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sr.sys
[2009/12/31 12:14:12 | 000,352,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys
[2004/08/03 23:08:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\stream.sys
[2004/08/04 00:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\StreamIP.sys
[2004/08/04 08:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swenum.sys
[2001/08/17 14:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys
[2004/08/03 23:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2004/08/04 08:00:00 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tape.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010/02/11 08:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2004/08/04 08:00:00 | 000,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdi.sys
[2004/08/04 08:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2004/08/04 08:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2004/08/04 01:01:08 | 000,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\termdd.sys
[2004/08/04 08:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2004/08/04 08:00:00 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2004/08/04 08:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys
[2004/08/04 08:00:00 | 000,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\udfs.sys
[2007/04/23 06:32:54 | 000,364,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\update.sys
[2004/08/04 08:00:00 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys
[2011/02/18 17:36:58 | 000,041,984 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys
[2004/08/04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys
[2004/08/04 08:00:00 | 000,023,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2004/08/04 08:00:00 | 000,023,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2004/08/04 00:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccgp.sys
[2004/08/04 08:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbd.sys
[2004/08/04 08:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys
[2004/08/04 08:00:00 | 000,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbhub.sys
[2004/08/04 08:00:00 | 000,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbintel.sys
[2004/08/04 08:00:00 | 000,142,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbport.sys
[2004/08/04 00:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbprint.sys
[2004/08/03 23:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbscan.sys
[2004/08/04 00:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBSTOR.SYS
[2004/08/04 08:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2004/08/04 08:00:00 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2004/08/04 08:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vga.sys
[2004/08/04 08:00:00 | 000,079,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\videoprt.sys
[2004/08/04 08:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\volsnap.sys
[2007/04/10 17:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\VX1000.sys
[2008/08/04 17:22:22 | 002,077,840 | ---- | M] (Microsoft Corporation
) -- C:\WINDOWS\system32\drivers\VX6000Xp.sys
[2008/08/04 17:22:22 | 000,036,240 | ---- | M] (Microsoft Corporation
) -- C:\WINDOWS\system32\drivers\VX6KCamd.sys
[2004/08/04 08:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wanarp.sys
[2006/11/02 08:22:54 | 000,492,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys
[2006/11/02 08:22:52 | 000,032,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdfldr.sys
[2006/06/14 05:00:45 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2004/08/04 08:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmilib.sys
[2006/10/18 21:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2004/08/04 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2004/08/04 00:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
[2006/09/28 19:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WudfPf.sys
[2006/09/28 20:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WudfRd.sys

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:30 am

I'm trying to post the rest...

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:31 am

< %systemroot%\system32\drivers\*.dll >
[2004/08/04 01:56:44 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidserv.dll
[2001/07/03 21:39:00 | 000,003,654 | ---- | M] () -- C:\WINDOWS\system32\drivers\Sonyhcp.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2010/01/22 22:24:24 | 000,051,740 | ---- | M] () -- C:\aaw7boot.log
[2006/09/25 16:14:35 | 000,001,056 | ---- | M] () -- C:\ALCSetup.log
[2006/09/25 16:14:36 | 000,000,189 | ---- | M] () -- C:\Audio.log
[2006/09/25 01:10:35 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/29 18:42:15 | 000,007,789 | ---- | M] () -- C:\avi_log.txt
[2011/03/29 22:36:36 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/08/10 20:22:18 | 000,000,412 | ---- | M] () -- C:\CD3rdPartyWrapper.log
[2006/09/25 01:10:35 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/02/05 12:00:57 | 000,015,333 | ---- | M] () -- C:\CybDefInstallInfo.log
[2011/03/21 10:28:55 | 000,076,056 | ---- | M] () -- C:\DC6810xp-001.raw
[2011/01/11 09:50:21 | 000,028,638 | ---- | M] () -- C:\drwtsn32.log
[2010/03/06 08:29:38 | 000,000,055 | ---- | M] () -- C:\DVDPATH.TXT
[2011/02/23 17:03:45 | 000,194,748 | -HS- | M] () -- C:\EASEUSLD.LDR
[2008/10/17 21:23:50 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2006/09/25 01:10:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/03/23 21:28:19 | 000,002,320 | -H-- | M] () -- C:\IPH.PH
[2006/09/25 01:10:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/04 08:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2011/04/02 06:48:50 | 2137,505,792 | -HS- | M] () -- C:\pagefile.sys
[2011/03/04 00:37:30 | 000,000,553 | ---- | M] () -- C:\rkill.log
[2008/05/17 15:42:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/01/21 21:14:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/05/17 15:42:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/01/21 21:14:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2011/04/02 11:39:22 | 000,041,692 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_02.04.2011_11.35.09_log.txt
[2008/03/09 07:37:28 | 000,000,432 | ---- | M] () -- C:\temp.txt
[2007/03/08 23:22:53 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2007/02/03 14:44:01 | 000,000,000 | ---D | M] -- C:\Program Files\360Share Pro
[2008/02/16 10:57:11 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2007/02/01 13:19:24 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2007/03/07 09:32:39 | 000,000,000 | ---D | M] -- C:\Program Files\Allume Systems
[2010/01/10 23:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2008/09/27 17:55:57 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2007/12/30 19:42:51 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2009/12/01 22:07:49 | 000,000,000 | ---D | M] -- C:\Program Files\AskBarDis
[2010/11/14 08:01:21 | 000,000,000 | ---D | M] -- C:\Program Files\Attainment
[2009/02/26 00:21:33 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2008/02/10 11:44:42 | 000,000,000 | ---D | M] -- C:\Program Files\AutoCAD 2008
[2008/02/10 11:13:16 | 000,000,000 | ---D | M] -- C:\Program Files\Autodesk
[2008/02/15 13:46:56 | 000,000,000 | ---D | M] -- C:\Program Files\AutoDWG
[2011/03/30 20:27:46 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/12/31 11:41:14 | 000,000,000 | ---D | M] -- C:\Program Files\Azureus
[2008/01/22 22:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\BitTorrent
[2011/02/10 12:13:45 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/01/03 14:07:55 | 000,000,000 | ---D | M] -- C:\Program Files\Boulder Remake 2.1
[2007/02/02 00:21:51 | 000,000,000 | ---D | M] -- C:\Program Files\Brother
[2010/09/24 20:21:28 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/07/07 16:29:31 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2011/02/22 16:27:53 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2006/09/25 01:07:07 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/07/27 18:43:04 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2011/02/24 17:43:27 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2010/07/29 18:40:58 | 000,000,000 | ---D | M] -- C:\Program Files\Cucusoft
[2007/02/01 14:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2007/12/10 21:58:39 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2010/01/16 23:31:54 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/01/13 20:47:34 | 000,000,000 | ---D | M] -- C:\Program Files\DzSoft
[2011/02/23 17:02:53 | 000,000,000 | ---D | M] -- C:\Program Files\EASEUS
[2007/02/05 12:02:29 | 000,000,000 | ---D | M] -- C:\Program Files\eMusic Download Manager
[2007/12/30 19:43:26 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON
[2008/01/05 14:28:29 | 000,000,000 | ---D | M] -- C:\Program Files\Exact Audio Copy
[2011/01/11 09:38:36 | 000,000,000 | ---D | M] -- C:\Program Files\ffdshow
[2008/12/24 09:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Fisher-Price
[2009/03/05 14:52:23 | 000,000,000 | ---D | M] -- C:\Program Files\foobar2000
[2009/02/26 14:31:48 | 000,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2007/02/28 13:26:31 | 000,000,000 | ---D | M] -- C:\Program Files\GameTap
[2009/07/03 01:15:56 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/06/05 08:05:18 | 000,000,000 | ---D | M] -- C:\Program Files\Graboid
[2007/02/01 22:28:41 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2009/05/16 16:42:38 | 000,000,000 | ---D | M] -- C:\Program Files\HERACTSTG
[2007/02/05 10:34:06 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/04/10 13:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\HOTLLAMA Media
[2007/12/10 22:26:41 | 000,000,000 | ---D | M] -- C:\Program Files\Infogrames
[2011/01/11 09:41:55 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2006/09/25 16:06:18 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/02/25 13:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2010/12/27 17:42:16 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/03/15 08:53:58 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/01/20 10:18:52 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:35 am

I'm having trouble sending all of this. it's infuriating.

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:36 am

[2011/03/15 08:56:33 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/12/02 18:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/03/04 11:03:34 | 000,000,000 | ---D | M] -- C:\Program Files\Lame For Audacity
[2010/01/22 22:49:31 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2008/02/05 23:42:31 | 000,000,000 | ---D | M] -- C:\Program Files\MagicDisc
[2008/02/05 22:35:26 | 000,000,000 | ---D | M] -- C:\Program Files\MagicISO
[2010/10/18 17:08:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mattel Interactive
[2008/08/13 03:08:28 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/02/02 17:32:16 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/01/07 21:38:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2009/01/03 10:25:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2008/02/10 11:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/02/27 13:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/03/11 01:27:24 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/06/05 08:05:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla ActiveX Control v1.7.12
[2011/03/04 17:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2011/03/20 09:08:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox 4.0 Beta 12
[2011/01/18 11:21:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2007/12/30 22:44:36 | 000,000,000 | ---D | M] -- C:\Program Files\MP4Converter
[2007/02/01 13:53:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/09/25 01:05:47 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2006/09/25 01:06:20 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/02/25 04:02:31 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/08/15 03:03:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/02/06 10:21:41 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2006/09/25 01:08:00 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/03/02 17:34:12 | 000,000,000 | ---D | M] -- C:\Program Files\NetObjects
[2006/09/25 01:08:43 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/02/24 11:37:41 | 000,000,000 | ---D | M] -- C:\Program Files\Opera

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:37 am

[2010/05/13 03:00:29 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2007/12/03 06:34:24 | 000,000,000 | ---D | M] -- C:\Program Files\PCI Screen Saver
[2009/02/16 23:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\PDF Editor 2
[2009/12/20 13:14:48 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2010/12/26 19:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/09/25 16:13:06 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek AC97
[2007/02/01 13:46:24 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/12/10 23:25:10 | 000,000,000 | ---D | M] -- C:\Program Files\RLC
[2010/10/21 20:21:57 | 000,000,000 | ---D | M] -- C:\Program Files\Sarm Software
[2007/02/02 00:02:23 | 000,000,000 | ---D | M] -- C:\Program Files\Scansoft
[2009/01/07 20:00:17 | 000,000,000 | ---D | M] -- C:\Program Files\Seagate
[2010/01/22 22:23:23 | 000,000,000 | ---D | M] -- C:\Program Files\Shared
[2008/01/03 09:18:09 | 000,000,000 | ---D | M] -- C:\Program Files\Shutterfly
[2011/02/22 16:28:01 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2008/02/12 23:07:25 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDraw 2007
[2008/04/13 20:52:09 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDraw 2008
[2008/02/03 09:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDVDCreator
[2011/01/11 09:44:32 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2007/02/27 15:39:31 | 000,000,000 | ---D | M] -- C:\Program Files\Stamps.com Internet Postage
[2011/03/26 14:39:11 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2007/02/01 20:09:44 | 000,000,000 | ---D | M] -- C:\Program Files\Thomson
[2011/03/04 09:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/02/23 23:41:10 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2009/05/16 17:03:37 | 000,000,000 | ---D | M] -- C:\Program Files\twc
[2008/02/10 11:16:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/02/15 19:57:25 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2007/03/07 09:05:16 | 000,000,000 | ---D | M] -- C:\Program Files\VideoProfessor
[2007/02/27 23:10:15 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2008/02/24 21:00:50 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Earth 3D
[2011/03/31 06:15:48 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2011/01/11 09:37:49 | 000,000,000 | ---D | M] -- C:\Program Files\VSO
[2009/03/15 14:33:54 | 000,000,000 | ---D | M] -- C:\Program Files\VTech

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:42 am

still more to come...I keep getting screen that says the server connection was reset...

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 3:43 am


[2010/11/23 18:48:19 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze_Remote
[2007/12/29 14:38:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2007/02/01 13:43:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/02/01 13:43:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/09/25 01:06:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 8:36 am

I still have about 30 more lines to post...
but I can't!!!!!!!!!!!!

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 8:37 am

why can I post this, but not the logfile?

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 10:16 pm


[2006/09/25 01:08:46 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/01/20 23:49:43 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2009/06/06 08:09:04 | 000,000,000 | ---D | M] -- C:\Program Files\XemiComputers
[2006/09/25 01:10:42 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2008/03/09 07:37:14 | 000,000,000 | ---D | M] -- C:\Program Files\Xilisoft
[2010/11/05 20:02:55 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2009/01/15 17:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: ATAPI.SYS >
[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 08:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 08:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/04 08:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 08:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/04 08:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF

< End of report >

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Sun 03 Apr 2011, 10:17 pm

there we go...finally.

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by Gabethebabe on Mon 04 Apr 2011, 9:24 pm

  • Please run OTL.exe again
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

:files
C:WINDOWS\Temp\srv8D4.tmp
C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe
C:\WINDOWS\System32\drivers\1385E.sys
C:\WINDOWS\cadkasdeinst01e.exe

:services
srv8D4

:otl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell - "" = AutoRun
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell - "" = AutoRun
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS

:commands
[resethosts]
[reboot]
  • Then click the Run Fix button at the top.
  • Allow it to run. It may take some time and you may see some things happen to your desktop - this is normal.
  • If it asks to reboot the computer, allow it to reboot.
  • If the program freezes, and the computer fails to reboot - let me know.
  • Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by jeremypc on Mon 04 Apr 2011, 9:50 pm

OTL logfile created on: 4/4/2011 6:45:03 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Jeremy C\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 49.07 Gb Free Space | 65.84% Space Free | Partition Type: NTFS
Drive E: | 114.49 Gb Total Space | 45.74 Gb Free Space | 39.95% Space Free | Partition Type: NTFS

Computer Name: MY-A2A4159540F8 | User Name: Jeremy C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/02 11:34:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
PRC - [2011/01/22 16:58:30 | 000,069,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe
PRC - [2011/01/22 16:58:30 | 000,055,688 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe
PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/10/10 06:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/08/04 17:22:18 | 000,164,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/07 11:54:06 | 000,202,280 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
PRC - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe


========== Modules (SafeList) ==========

MOD - [2011/04/02 11:34:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (itlperf)
SRV - File not found [Auto | Stopped] -- -- (AVGIDSAgent)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/01 09:16:41 | 000,029,696 | -HS- | M] () [Auto | Stopped] -- \\?\globalroot\Device\HarddiskVolume2\WINDOWS\Temp\srv8D4.tmp [WARNING: \\?\globalroot\Device\HarddiskVolume2\WINDOWS\Temp\srv8D4.tmp] -- (srv8D4)
SRV - [2011/01/22 16:58:30 | 000,055,688 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EASEUS\Todo Backup 2.0\bin\Agent.exe -- (EASEUS Agent)
SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/04/02 13:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 13:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/10/10 06:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/08/04 17:22:18 | 000,164,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/02/16 10:39:25 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/02/10 11:44:49 | 000,085,096 | ---- | M] (Autodesk) [Disabled | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/03/07 11:54:06 | 000,202,280 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\twc\medicsp2\bin\sprtsvc.exe -- (sprtsvc_medicsp2) SupportSoft Sprocket Service (medicsp2)
SRV - [2007/01/31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Brmfrmps.exe -- (brmfrmps)


========== Driver Services (SafeList) ==========

DRV - [2011/01/22 16:58:22 | 000,020,744 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eufs.sys -- (EUFS)
DRV - [2011/01/22 16:58:20 | 000,014,216 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eudskacs.sys -- (EUDSKACS)
DRV - [2011/01/22 16:58:18 | 000,030,472 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eubakup.sys -- (EUBAKUP)
DRV - [2011/01/22 16:58:16 | 000,187,400 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EuDisk.sys -- (EuDisk)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/08/04 17:22:22 | 002,077,840 | ---- | M] (Microsoft Corporation
) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX6000Xp.sys -- (VX6000)
DRV - [2007/09/05 02:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/10 17:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2007/02/23 10:00:52 | 000,031,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\GameTap\bin\Release\X4HSX32.sys -- (X4HSX32)
DRV - [2006/03/01 03:39:10 | 003,959,360 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/11/21 01:48:20 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2005/09/29 23:11:00 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/04 08:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2004/08/04 08:00:00 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_XP)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/12/03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2002/10/15 23:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001/08/17 14:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn)
DRV - [2001/08/17 14:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.5
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.5
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4b82861b&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 10:16:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/04 17:19:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/04 17:19:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 12\components [2011/03/20 09:07:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 12\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/03/26 23:51:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/04/11 19:10:20 | 000,000,000 | ---D | M]

[2011/02/28 09:46:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Extensions
[2011/01/24 09:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/03/27 13:05:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions
[2011/03/01 13:20:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/28 09:54:55 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2011/02/28 09:54:56 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Documents and Settings\Jeremy C\Application Data\Mozilla\Firefox\Profiles\ifgn87kl.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2011/03/03 17:23:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/02 18:36:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JEREMY C\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IFGN87KL.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JEREMY C\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IFGN87KL.DEFAULT\EXTENSIONS\FFEXT@FBBUTTON.COM.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JEREMY C\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\IFGN87KL.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010/12/02 18:35:42 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/02 18:35:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/04/27 18:31:10 | 000,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - File not found
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [EaseUs Watch] C:\Program Files\EASEUS\Todo Backup 2.0\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} [You must be registered and logged in to see this link.] (Support.com Configuration Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Jeremy C\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeremy C\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/25 01:10:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell - "" = AutoRun
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell - "" = AutoRun
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/02 11:34:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
[2011/04/02 11:34:07 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jeremy C\Desktop\tdsskiller.exe
[2011/03/31 11:11:10 | 000,546,816 | ---- | C] (TFTC) -- C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe
[2011/03/31 06:15:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy C\Start Menu\Programs\Revo Uninstaller
[2011/03/31 06:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/03/31 06:15:13 | 002,649,016 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Jeremy C\Desktop\revosetup.exe
[2011/03/30 22:15:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/03/30 20:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/30 20:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/30 20:23:35 | 004,738,880 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Jeremy C\Desktop\avg_free_stb_all_2011_1204_cnet.exe
[2011/03/30 13:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2011/03/30 11:58:17 | 006,238,248 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\Jeremy C\Desktop\AppRemover.exe
[2011/03/30 11:47:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/27 13:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\AdobeUM
[2011/03/27 13:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/03/26 23:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Thunderbird
[2011/03/26 23:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Thunderbird
[2011/03/26 11:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple Computer
[2011/03/26 11:59:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/03/25 22:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/03/25 00:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/03/25 00:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/03/24 20:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer
[2011/03/24 20:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/03/24 20:14:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/03/24 20:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/03/15 09:10:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/15 08:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/15 08:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/14 09:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeremy C\Desktop\Resume etc
[5 E:\My Documents\*.tmp files -> E:\My Documents\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/04 06:39:49 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/04 06:37:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/02 11:34:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeremy C\Desktop\OTL.exe
[2011/04/02 11:34:00 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jeremy C\Desktop\tdsskiller.exe
[2011/04/02 07:21:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/31 11:11:16 | 000,118,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\1385E.sys
[2011/03/31 11:11:10 | 000,546,816 | ---- | M] (TFTC) -- C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe
[2011/03/31 06:15:49 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\Revo Uninstaller.lnk
[2011/03/31 06:15:03 | 002,649,016 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Jeremy C\Desktop\revosetup.exe
[2011/03/30 20:23:32 | 004,738,880 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Jeremy C\Desktop\avg_free_stb_all_2011_1204_cnet.exe
[2011/03/30 20:21:37 | 004,310,058 | R--- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\ComboFix.exe
[2011/03/30 20:14:18 | 000,002,162 | ---- | M] () -- C:\WINDOWS\BrmfBidi.ini
[2011/03/30 11:18:22 | 006,238,248 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\Jeremy C\Desktop\AppRemover.exe
[2011/03/30 07:12:44 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\HiJackThis.lnk
[2011/03/29 22:36:52 | 000,000,032 | ---- | M] () -- C:\WINDOWS\System32\EUOD.DAT
[2011/03/29 22:36:36 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/03/29 11:10:28 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/22 21:45:39 | 000,025,261 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Desktop\166878_1776834749666_1503290023_3208419_4722233_n.jpg
[2011/03/21 10:28:55 | 000,076,056 | ---- | M] () -- C:\DC6810xp-001.raw
[2011/03/15 16:06:37 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\Jeremy C\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/03/14 09:57:03 | 000,011,201 | ---- | M] () -- E:\My Documents\Professional References.pdf
[2011/03/14 09:55:03 | 000,009,000 | ---- | M] () -- E:\My Documents\cover letter.pdf
[2011/03/13 11:40:29 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 11:40:29 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/07 09:41:42 | 000,025,556 | ---- | M] () -- E:\My Documents\banjoclown3a.jpg
[2011/03/06 19:07:54 | 000,133,799 | ---- | M] () -- E:\My Documents\banjoclown3.jpg
[5 E:\My Documents\*.tmp files -> E:\My Documents\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/31 11:11:16 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\1385E.sys
[2011/03/31 06:15:49 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\Revo Uninstaller.lnk
[2011/03/30 20:21:43 | 004,310,058 | R--- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\ComboFix.exe
[2011/03/22 21:43:59 | 000,025,261 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Desktop\166878_1776834749666_1503290023_3208419_4722233_n.jpg
[2011/03/15 16:06:37 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/03/14 09:57:00 | 000,011,201 | ---- | C] () -- E:\My Documents\Professional References.pdf
[2011/03/14 09:54:49 | 000,009,000 | ---- | C] () -- E:\My Documents\cover letter.pdf
[2011/03/07 09:41:40 | 000,025,556 | ---- | C] () -- E:\My Documents\banjoclown3a.jpg
[2011/03/06 19:07:54 | 000,133,799 | ---- | C] () -- E:\My Documents\banjoclown3.jpg
[2011/02/23 17:18:14 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\EUOD.DAT
[2011/01/11 22:04:55 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\Jeremy C\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/05 20:02:54 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/11/05 20:02:54 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/10/18 16:41:11 | 000,000,094 | ---- | C] () -- C:\WINDOWS\ka.ini
[2010/08/30 18:30:19 | 000,294,960 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/29 18:41:01 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/07/29 18:41:01 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/07/29 18:41:01 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/07/29 18:41:00 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/04/02 20:37:13 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/04/02 20:35:05 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/12 21:45:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/12/19 21:22:26 | 000,039,832 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/18 10:11:35 | 000,000,062 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini
[2009/06/01 19:25:56 | 016,742,799 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vlc-0.9.9-win32.exe
[2009/03/02 17:35:27 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\nnr.dll
[2009/02/15 21:59:53 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/01/15 09:23:12 | 000,074,752 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2009/01/03 10:25:50 | 000,015,497 | ---- | C] () -- C:\WINDOWS\VX6KStd.ini
[2008/04/23 22:48:55 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/04/23 22:48:55 | 000,002,556 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/02/13 22:21:20 | 000,000,072 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2008/02/12 23:07:49 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2008/01/19 11:09:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/12/30 19:10:57 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/12/30 19:10:57 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2007/12/30 19:10:57 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/12/30 19:10:57 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2007/12/30 19:10:57 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2007/12/30 19:10:57 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2007/12/30 19:10:57 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/12/30 19:10:57 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2007/12/30 19:10:57 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2007/12/30 19:10:57 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2007/12/30 19:10:57 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2007/12/30 19:10:57 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2007/12/30 19:10:57 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2007/12/30 19:10:57 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2007/12/30 19:10:57 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2007/12/30 19:10:57 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/12/30 19:09:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSPR280.ini
[2007/12/29 14:53:34 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2007/12/10 22:39:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2007/03/06 22:10:40 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/27 23:06:35 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/02/27 10:10:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2007/02/21 10:16:40 | 000,000,209 | ---- | C] () -- C:\WINDOWS\disney.ini
[2007/02/15 21:31:23 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007/02/05 11:24:28 | 000,000,178 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/02/05 10:27:57 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hpgt23.dll
[2007/02/03 23:18:37 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2007/02/02 17:36:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/02 00:22:29 | 000,000,645 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini
[2007/02/02 00:22:29 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/02/02 00:22:29 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\m8220def.dat
[2007/02/02 00:22:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007/02/02 00:03:21 | 000,000,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/02/01 23:59:34 | 000,002,162 | ---- | C] () -- C:\WINDOWS\BrmfBidi.ini
[2007/02/01 20:58:53 | 000,005,170 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/02/01 20:55:27 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/02/01 14:15:20 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/09/25 16:14:24 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/09/25 16:13:27 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/09/25 15:38:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006/09/25 01:13:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/09/25 01:07:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/09/24 20:37:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/09/24 20:36:30 | 001,490,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/03/10 21:00:16 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\BRMSL07.BIN
[2002/08/12 09:19:42 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\Welsof32.dll
[2002/01/08 17:57:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[1999/03/21 20:22:41 | 000,000,136 | ---- | C] () -- C:\WINDOWS\System32\mstraps.dll

========== Custom Scans ==========


< C:WINDOWS\Temp\srv8D4.tmp >

< C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe >
[2011/03/31 11:11:10 | 000,546,816 | ---- | M] (TFTC) -- C:\Documents and Settings\All Users\Application Data\YoopehTnCRAPa.exe

< C:\WINDOWS\System32\drivers\1385E.sys >
[2011/03/31 11:11:16 | 000,118,272 | ---- | M] () -- C:\WINDOWS\system32\drivers\1385E.sys

< C:\WINDOWS\cadkasdeinst01e.exe >
[2009/01/15 09:23:12 | 000,074,752 | ---- | M] () -- C:\WINDOWS\cadkasdeinst01e.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< >

< :services >

< srv8D4 >

< >

< :otl >

~[Filtered]~

< O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (MyIdentityDefender) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - File not found >

< O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. >

< O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found >

< O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found >

< O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell - "" = AutoRun >

< O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun - "" = Auto&Play >

< O33 - MountPoints2\{0c2ab248-fe76-11df-984e-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS >

< O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell - "" = AutoRun >

< O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun - "" = Auto&Play >

< O33 - MountPoints2\{4f3aaf87-ec51-11df-9847-001558528a6f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS >

< >

< :commands >

< [resethosts] >

< [reboot] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF

< End of report >

jeremypc

Rookie Surfer
Rookie Surfer

Posts : 142
Joined : 2010-01-21
Operating System : windows xp home

View user profile

Back to top Go down

Re: problem when clicking on links in firefox...redirected to a different page.

Post by Sponsored content Today at 4:21 am


Sponsored content


Back to top Go down

Page 1 of 5 1, 2, 3, 4, 5  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum