Google Serches just lead to spam links

View previous topic View next topic Go down

Google Serches just lead to spam links

Post by andrew.fisher.336 on Mon Dec 26, 2011 6:08 am

Hey, Everytime i Google something, the links i click on always lead to a spam link and not to anything related to what I am searching for. Thank You For the help


Last edited by andrew.fisher.336 on Mon Dec 26, 2011 6:10 am; edited 1 time in total

andrew.fisher.336
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-04-22
OS OS : XP
Points Points : 20691
# Likes # Likes : 0

View user profile

Back to top Go down

OTL.Txt

Post by andrew.fisher.336 on Mon Dec 26, 2011 6:09 am

OTL logfile created on: 12/26/2011 12:47:57 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Andrew\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.78 Gb Available Physical Memory | 79.42% Memory free
5.34 Gb Paging File | 4.74 Gb Available in Paging File | 88.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 82.06 Gb Free Space | 55.09% Space Free | Partition Type: NTFS
Drive D: | 681.96 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DGZCRWG1 | User Name: Andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 00:40:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrew\Desktop\OTL.com
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/05/11 15:43:48 | 006,061,400 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid\Vid.exe
PRC - [2010/05/11 14:11:30 | 001,188,176 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe
PRC - [2010/05/11 14:11:20 | 000,341,328 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\LWS\LU\LULnchr.exe
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 17:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 17:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2008/02/26 10:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/02/22 12:43:38 | 001,245,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/12/05 17:24:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/11/08 22:50:10 | 001,552,384 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/09/14 10:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2007/09/10 09:55:04 | 000,092,160 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2007/09/07 17:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2007/07/25 16:32:50 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/07/25 16:30:36 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/07/25 16:26:14 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/15 21:49:16 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2007/04/15 21:49:08 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/04/15 21:49:08 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/04/15 21:49:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2007/03/14 14:42:48 | 000,321,088 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
PRC - [2007/03/14 14:42:48 | 000,321,088 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2006/12/19 14:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/11/02 14:05:50 | 000,282,624 | -H-- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\KADxMain.exe
PRC - [2006/01/13 19:13:02 | 000,172,032 | -H-- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
PRC - [2006/01/13 19:13:01 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2004/08/04 05:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ping.exe
PRC - [2002/12/18 13:12:26 | 000,110,592 | ---- | M] (Microsoft Corp.) -- C:\Program Files\WallpaperToy\Wallpapertoy.Exe


========== Modules (No Company Name) ==========

MOD - [2011/05/26 12:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/07/03 02:02:10 | 000,303,104 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/07/03 00:33:56 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
MOD - [2010/07/03 00:33:49 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll
MOD - [2010/06/21 13:23:00 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2010/06/21 13:22:55 | 012,430,848 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
MOD - [2010/06/21 13:22:39 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
MOD - [2010/06/21 13:21:07 | 007,949,824 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2010/05/11 15:45:18 | 000,138,072 | ---- | M] () -- C:\Program Files\Logitech\Vid\plugins\imageformats\qjpeg4.dll
MOD - [2010/05/11 15:44:48 | 000,035,160 | ---- | M] () -- C:\Program Files\Logitech\Vid\plugins\imageformats\qico4.dll
MOD - [2010/05/11 15:44:22 | 000,029,016 | ---- | M] () -- C:\Program Files\Logitech\Vid\plugins\imageformats\qgif4.dll
MOD - [2010/05/11 15:42:22 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\Vid\SDL.dll
MOD - [2010/05/11 15:42:10 | 000,363,864 | ---- | M] () -- C:\Program Files\Logitech\Vid\qtxml4.dll
MOD - [2010/05/11 15:42:00 | 011,311,960 | ---- | M] () -- C:\Program Files\Logitech\Vid\QtWebKit4.dll
MOD - [2010/05/11 15:41:48 | 000,200,024 | ---- | M] () -- C:\Program Files\Logitech\Vid\qtsql4.dll
MOD - [2010/05/11 15:41:36 | 000,475,480 | ---- | M] () -- C:\Program Files\Logitech\Vid\QtOpenGL4.dll
MOD - [2010/05/11 15:41:24 | 000,969,048 | ---- | M] () -- C:\Program Files\Logitech\Vid\QtNetwork4.dll
MOD - [2010/05/11 15:41:14 | 007,704,408 | ---- | M] () -- C:\Program Files\Logitech\Vid\QtGui4.dll
MOD - [2010/05/11 15:41:02 | 002,141,016 | ---- | M] () -- C:\Program Files\Logitech\Vid\QtCore4.dll
MOD - [2010/05/11 15:40:50 | 000,291,672 | ---- | M] () -- C:\Program Files\Logitech\Vid\phonon4.dll
MOD - [2010/05/07 17:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2010/05/07 17:37:50 | 000,290,648 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2010/05/07 17:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 17:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 17:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 17:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 17:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 17:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/07 17:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2009/10/20 02:08:08 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2008/06/20 12:41:10 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/20 12:41:10 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/02/22 12:45:06 | 000,098,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/09/10 09:53:26 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2007/07/25 16:25:48 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/04/25 10:55:40 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2004/08/04 05:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/04 05:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/10/15 13:31:53 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 13:30:02 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/12/05 17:24:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/11/08 22:50:10 | 001,552,384 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/09/13 14:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2007/09/07 17:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2007/08/31 17:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2007/03/14 14:42:48 | 000,321,088 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- (nmservice)
SRV - [2007/03/14 14:42:22 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
SRV - [2006/12/19 14:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/05/07 17:43:30 | 000,025,824 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/07 13:53:14 | 006,842,592 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C510(UVC)
DRV - [2010/05/07 13:51:32 | 000,276,448 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/07 13:47:04 | 000,020,704 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2008/10/30 10:21:03 | 000,075,072 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008/05/20 15:29:41 | 000,052,032 | ---- | M] (Avira GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2007/12/05 17:24:44 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/12/02 18:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 18:26:20 | 000,731,136 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 18:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/11/28 16:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/09/10 09:55:00 | 000,161,280 | -H-- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 09:57:14 | 000,026,608 | -H-- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007/09/06 09:18:40 | 000,018,176 | -H-- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2007/08/12 18:05:34 | 002,211,456 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/07/23 15:05:20 | 000,009,104 | -H-- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 000,027,216 | -H-- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 000,108,752 | -H-- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 000,014,576 | -H-- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/05/29 15:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/04/15 21:49:08 | 000,132,608 | -H-- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/23 10:01:46 | 000,026,944 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2007/03/23 10:01:12 | 000,025,792 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2007/03/18 15:44:38 | 000,160,256 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/03/01 09:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/02/27 14:25:01 | 000,011,840 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2007/02/03 13:32:34 | 000,041,504 | RH-- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 13:27:27 | 000,938,272 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/02/03 13:27:15 | 000,014,240 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/01/29 23:16:42 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2006/12/19 14:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/11/02 12:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2005/08/12 16:50:46 | 000,016,128 | -H-- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/08/04 01:01:08 | 000,040,840 | -H-- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: ErrorZillaMod@jaybaldwin:0.40
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.6
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {DB2EA31C-58F5-48b7-8D60-CB0739257904}:0.21
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {0fa2149e-bb2c-4ac2-a8d3-479599819475}:2.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..keyword.URL: "http://www.google.com/webhp?ie=UTF-8&oe=UTF-8"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Andrew\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Andrew\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Andrew\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/03 18:05:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/16 19:20:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Andrew\Application Data\Move Networks [2010/03/11 17:22:57 | 000,000,000 | ---D | M]

[2008/07/30 18:29:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Extensions
[2011/12/22 12:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions
[2011/12/10 00:42:33 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/09/01 11:36:44 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/04/28 01:22:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/25 16:35:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/04/13 18:56:13 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/11/18 01:50:51 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2011/12/22 12:39:44 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2010/03/27 00:44:18 | 000,000,000 | ---D | M] (Answers) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2011/11/12 15:28:45 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/08/19 20:04:31 | 000,000,000 | ---D | M] (Aging Tabs) -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\extensions\aging-tabs@design-noir.de
[2011/01/02 23:24:31 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\bing-zugo.xml
[2009/11/03 23:28:30 | 000,002,164 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\bing.xml
[2008/07/30 18:46:49 | 000,001,504 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\imdb.xml
[2011/12/15 23:14:46 | 000,002,066 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\roller-coaster-db.xml
[2011/12/15 23:14:46 | 000,002,328 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\urban-dictionary.xml
[2011/12/15 23:14:45 | 000,001,023 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\webshots.xml
[2011/12/15 23:14:46 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Andrew\Application Data\Mozilla\Firefox\Profiles\81ywl4fy.default\searchplugins\youtube.xml
[2011/12/03 18:05:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/21 15:37:12 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{0FA2149E-BB2C-4AC2-A8D3-479599819475}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{CE6E6E3B-84DD-4CAC-9F63-8D2AE4F30A4B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{DB2EA31C-58F5-48B7-8D60-CB0739257904}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ANDREW\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\81YWL4FY.DEFAULT\EXTENSIONS\ERRORZILLAMOD@JAYBALDWIN.XPI
[2011/04/28 22:54:56 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/12/03 18:05:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/28 22:54:56 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/03 18:05:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/03 18:05:00 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

Hosts file not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Andrew\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Logitech Vid HD] C:\Program Files\Logitech\Vid\vid.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Andrew\Start Menu\Programs\Startup\Wallpaper Changer.lnk = C:\Program Files\WallpaperToy\Wallpapertoy.Exe (Microsoft Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} [You must be registered and logged in to see this link.] (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{210AA817-270D-4861-B521-A9C0DAAF23D0}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - (C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll) - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop WallPaper: C:\Documents and Settings\Andrew\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andrew\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/10/13 16:23:46 | 000,045,056 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/26 19:21:07 | 000,000,158 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/26 00:40:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andrew\Desktop\OTL.com
[2011/12/25 01:02:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/25 01:02:29 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/25 01:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/25 01:01:08 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andrew\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/15 23:13:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/12/14 20:31:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Andrew\Recent
[2011/12/14 01:54:20 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/08 15:05:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/12/08 15:05:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/12/07 21:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andrew\Application Data\Malwarebytes
[2011/12/07 21:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/07 21:34:15 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andrew\Desktop\mbam-setup.exe
[2011/12/07 00:45:59 | 000,322,560 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Andrew\Local Settings\Application Data\cts.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\Documents and Settings\Andrew\My Documents\*.tmp files -> C:\Documents and Settings\Andrew\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/26 00:40:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andrew\Desktop\OTL.com
[2011/12/26 00:38:42 | 000,116,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/26 00:34:53 | 000,030,024 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2011/12/26 00:34:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Andrew\Local Settings\Application Data\WavXMapDrive.bat
[2011/12/26 00:34:48 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/26 00:34:47 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/26 00:34:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/26 00:34:25 | 3755,966,464 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/25 02:23:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/25 01:59:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/25 01:02:32 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/25 01:01:28 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Andrew\Desktop\mbam-setup-1.51.2.1300.exe
[2011/12/22 20:57:17 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2557729023-3572931733-2769781076-1005UA.job
[2011/12/21 23:57:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2557729023-3572931733-2769781076-1005Core.job
[2011/12/19 00:47:15 | 000,030,024 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2011/12/14 20:21:41 | 007,237,422 | ---- | M] () -- C:\Documents and Settings\Andrew\Desktop\d32de08a-8853-4024-8675-25393475e192.jpg
[2011/12/14 01:54:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/12/07 21:21:47 | 000,012,168 | -HS- | M] () -- C:\Documents and Settings\Andrew\Local Settings\Application Data\sueuwa2p4hft1ksa4kfm0y575s7b
[2011/12/07 21:21:47 | 000,012,168 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\sueuwa2p4hft1ksa4kfm0y575s7b
[2011/12/07 00:45:59 | 000,322,560 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Andrew\Local Settings\Application Data\cts.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\Documents and Settings\Andrew\My Documents\*.tmp files -> C:\Documents and Settings\Andrew\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/25 01:02:32 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/14 20:20:37 | 007,237,422 | ---- | C] () -- C:\Documents and Settings\Andrew\Desktop\d32de08a-8853-4024-8675-25393475e192.jpg
[2011/12/07 00:46:00 | 000,012,168 | -HS- | C] () -- C:\Documents and Settings\Andrew\Local Settings\Application Data\sueuwa2p4hft1ksa4kfm0y575s7b
[2011/12/07 00:46:00 | 000,012,168 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\sueuwa2p4hft1ksa4kfm0y575s7b
[2011/08/09 21:36:57 | 000,320,730 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/04/24 00:01:12 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/24 00:01:12 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/24 00:01:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/24 00:01:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/24 00:01:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/21 23:57:42 | 000,000,062 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644.lic
[2011/04/21 23:22:15 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~17358644
[2011/04/21 23:22:15 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~17358644r
[2011/04/21 23:22:12 | 000,000,488 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\17358644
[2010/05/07 17:46:36 | 000,014,168 | -H-- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | -H-- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/05/07 13:44:36 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 13:44:16 | 005,496,152 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/07 13:44:16 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/04/15 23:06:40 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/03 23:38:18 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/07 16:23:35 | 000,043,520 | -H-- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/05/02 15:14:12 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/04/01 11:34:54 | 000,000,552 | -H-- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/10/05 23:00:26 | 000,119,808 | ---- | C] () -- C:\Documents and Settings\Andrew\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/31 00:24:42 | 000,090,071 | -H-- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/08/15 22:58:29 | 000,010,687 | -H-- | C] () -- C:\WINDOWS\hpdj3840.ini
[2008/07/30 18:29:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/07/30 12:31:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Andrew\Local Settings\Application Data\WavXMapDrive.bat
[2008/07/24 13:42:01 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2008/07/24 13:38:54 | 000,000,234 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2008/07/24 13:27:44 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2008/07/24 13:25:09 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2008/07/24 13:25:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2008/07/24 13:02:03 | 000,030,024 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/07/24 12:58:07 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/07/24 12:58:06 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/07/24 12:58:06 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/07/24 12:58:06 | 001,018,748 | -H-- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2008/07/24 12:58:06 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/07/24 12:58:05 | 001,474,560 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/07/24 12:58:05 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/07/24 12:58:03 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/07/24 12:58:02 | 000,425,984 | -H-- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/07/24 12:57:40 | 000,077,824 | -H-- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/07/24 12:56:29 | 000,001,120 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/13 14:42:30 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/09/13 14:42:30 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/09/13 14:42:28 | 000,487,424 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/09/13 14:42:28 | 000,487,424 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/09/13 14:42:28 | 000,462,848 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/09/13 14:42:28 | 000,458,752 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/09/13 14:42:26 | 000,487,424 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/09/13 14:42:26 | 000,487,424 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/09/13 14:42:26 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/09/13 14:42:26 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/09/13 14:36:24 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/09/13 14:32:36 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\CacheFP.exe
[2007/09/12 15:05:08 | 000,102,400 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/09/12 15:04:46 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/09/12 15:04:26 | 000,090,112 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/09/12 15:04:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/09/12 15:03:44 | 000,098,304 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/09/12 15:03:24 | 000,090,112 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/09/12 15:03:04 | 000,102,400 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/09/12 15:02:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/09/12 15:02:22 | 000,102,400 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/09/12 15:02:02 | 000,086,016 | -H-- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/09/10 09:53:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/06/15 10:19:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2006/08/14 11:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/12 08:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2006/01/13 19:13:03 | 000,004,460 | -H-- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2006/01/13 19:13:03 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/09/10 13:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 13:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/11 17:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 17:12:14 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 17:11:31 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 17:11:23 | 000,040,840 | -H-- | C] () -- C:\WINDOWS\System32\drivers\termdd.sys
[2004/08/11 17:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 17:06:43 | 000,278,152 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 17:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 17:00:28 | 000,445,938 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 17:00:28 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 17:00:28 | 000,116,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 17:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 17:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 17:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 17:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 17:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 17:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 17:00:12 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 17:00:04 | 000,001,788 | -H-- | C] () -- C:\WINDOWS\System32\Dcache.bin

< End of report >

andrew.fisher.336
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-04-22
OS OS : XP
Points Points : 20691
# Likes # Likes : 0

View user profile

Back to top Go down

Extras.Txt

Post by andrew.fisher.336 on Mon Dec 26, 2011 6:09 am

OTL Extras logfile created on: 4/22/2011 11:44:23 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Andrew\My Documents\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.95 Gb Total Space | 85.23 Gb Free Space | 57.22% Space Free | Partition Type: NTFS
Drive D: | 681.96 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DGZCRWG1 | User Name: Andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe:*:Disabled:GoogleToolbarNotifier
"C:\Program Files\Logitech\Vid\Vid.exe" = C:\Program Files\Logitech\Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{02807340-8FA2-44B6-ABA1-E443E4FF0A20}" = VZAccess Manager for RIM
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3B62A632-215F-4EC3-982A-3F2054BB72BD}" = WVU Configuration for Symantec Endpoint Protection
"{3DE0053C-FD9A-483E-B7C9-B06E4392206E}" = iTunes
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{6003F12D-6DAF-4C3F-9FFA-F4A721DC6BBF}" = AVG 2011
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9833D727-8FF5-40AE-A193-525747555FF1}" = BlackBerry Desktop Software 4.7
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1591C79-1C35-4E09-AA15-F7D6923AFB96}" = HP Deskjet 3840
"{B81023A5-71ED-46EB-BE3B-9F974D1155F1}" = HP Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{D9FCA292-1186-421F-8D93-9A5D272AD5D0}" = IntelliSonic Speech Enhancement
"{E5BA0430-919F-46DD-B656-0796F8A5ADFF}" = Microsoft Office Communicator 2007
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}" = Garmin Communicator Plugin
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_6" = AIM 6
"AVG" = AVG 2011
"BlackBerry_{9833D727-8FF5-40AE-A193-525747555FF1}" = BlackBerry Desktop Software 4.7
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Google Desktop" = Google Desktop
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"LimeWire" = LimeWire 4.18.8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.18)" = Mozilla Firefox (3.5.18)
"NoLimits Coasters full" = NoLimits Coasters 1.6 (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"ProInst" = Intel(R) PROSet/Wireless Software
"PROPLUSR" = Microsoft Office Professional Plus 2007
"QcDrv" = Logitech® Camera Driver
"Search Toolbar" = Search Toolbar
"SearchAssist" = SearchAssist
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.2
"WallpaperToy" = Wallpaper Changer for Windows XP
"WIC" = Windows Imaging Component
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"I-Doser v4" = I-Doser v4
"Inquisit 3 Web Edition" = Inquisit 3 Web Edition
"Move Media Player" = Move Media Player
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

andrew.fisher.336
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-04-22
OS OS : XP
Points Points : 20691
# Likes # Likes : 0

View user profile

Back to top Go down

aswMRB.txt

Post by andrew.fisher.336 on Mon Dec 26, 2011 6:11 am

aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-26 01:04:29
-----------------------------
01:04:29.713 OS Version: Windows 5.1.2600 Service Pack 2
01:04:29.713 Number of processors: 2 586 0x1706
01:04:29.713 ComputerName: DGZCRWG1 UserName: Andrew
01:04:30.135 Initialize success
01:04:53.338 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
01:04:53.338 Disk 0 Vendor: ST9160823ASG 3.ADE Size: 152627MB BusType: 3
01:04:55.369 Disk 0 MBR read successfully
01:04:55.369 Disk 0 MBR scan
01:04:55.369 Disk 0 Windows XP default MBR code
01:04:55.369 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
01:04:55.369 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152523 MB offset 208845
01:04:55.385 Disk 0 scanning sectors +312576705
01:04:55.447 Disk 0 scanning C:\WINDOWS\system32\drivers
01:05:00.760 File: C:\WINDOWS\system32\drivers\i8042prt.sys **SUSPICIOUS**
01:05:03.744 Service scanning
01:05:05.385 Modules scanning
01:05:06.400 Module: C:\WINDOWS\system32\DRIVERS\i8042prt.sys **SUSPICIOUS**
01:06:02.135 Disk 0 trace - called modules:
01:06:02.197 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8ae06f10]<<
01:06:02.197 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b0e7ab8]
01:06:02.197 3 CLASSPNP.SYS[ba0e905b] -> nt!IofCallDriver -> [0x8ad6c568]
01:06:02.213 \Driver\00001184[0x8ad40f38] -> IRP_MJ_CREATE -> 0x8ae06f10
01:06:02.213 Scan finished successfully
01:06:15.197 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Andrew\Desktop\MBR.dat"
01:06:15.197 The log file has been saved successfully to "C:\Documents and Settings\Andrew\Desktop\aswMBR.txt"



andrew.fisher.336
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-04-22
OS OS : XP
Points Points : 20691
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Google Serches just lead to spam links

Post by Belahzur on Fri Dec 30, 2011 1:21 am

Please download TDSSKiller from [You must be registered and logged in to see this link.] and save it to your Desktop.

  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

TDSSKiller Report

Post by andrew.fisher.336 on Fri Dec 30, 2011 1:40 am

20:29:06.0671 2960 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:29:07.0078 2960 ============================================================
20:29:07.0078 2960 Current date / time: 2011/12/29 20:29:07.0078
20:29:07.0078 2960 SystemInfo:
20:29:07.0078 2960
20:29:07.0078 2960 OS Version: 5.1.2600 ServicePack: 2.0
20:29:07.0078 2960 Product type: Workstation
20:29:07.0078 2960 ComputerName: DGZCRWG1
20:29:07.0078 2960 UserName: Andrew
20:29:07.0078 2960 Windows directory: C:\WINDOWS
20:29:07.0078 2960 System windows directory: C:\WINDOWS
20:29:07.0078 2960 Processor architecture: Intel x86
20:29:07.0078 2960 Number of processors: 2
20:29:07.0078 2960 Page size: 0x1000
20:29:07.0078 2960 Boot type: Normal boot
20:29:07.0078 2960 ============================================================
20:29:09.0000 2960 Initialize success
20:29:23.0812 4236 ============================================================
20:29:23.0812 4236 Scan started
20:29:23.0812 4236 Mode: Manual;
20:29:23.0812 4236 ============================================================
20:29:28.0609 4236 Abiosdsk - ok
20:29:28.0937 4236 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:29:28.0953 4236 abp480n5 - ok
20:29:29.0281 4236 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:29:29.0406 4236 ACPI - ok
20:29:29.0703 4236 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:29:29.0703 4236 ACPIEC - ok
20:29:30.0187 4236 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:29:30.0265 4236 adpu160m - ok
20:29:30.0765 4236 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
20:29:30.0875 4236 aec - ok
20:29:31.0515 4236 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:29:31.0531 4236 AegisP - ok
20:29:32.0343 4236 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
20:29:32.0546 4236 AFD - ok
20:29:33.0187 4236 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:29:35.0562 4236 agp440 - ok
20:29:35.0687 4236 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:29:35.0687 4236 agpCPQ - ok
20:29:35.0765 4236 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:29:35.0765 4236 Aha154x - ok
20:29:35.0843 4236 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:29:35.0843 4236 aic78u2 - ok
20:29:35.0890 4236 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:29:35.0890 4236 aic78xx - ok
20:29:35.0906 4236 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:29:35.0906 4236 AliIde - ok
20:29:35.0921 4236 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:29:35.0921 4236 alim1541 - ok
20:29:35.0937 4236 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:29:35.0937 4236 amdagp - ok
20:29:35.0953 4236 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:29:35.0953 4236 amsint - ok
20:29:36.0000 4236 ApfiltrService (b8d65da679a4a8d048783ede2691b5d4) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
20:29:36.0015 4236 ApfiltrService - ok
20:29:36.0046 4236 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
20:29:36.0046 4236 APPDRV - ok
20:29:36.0078 4236 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:29:36.0078 4236 Arp1394 - ok
20:29:36.0109 4236 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:29:36.0109 4236 asc - ok
20:29:36.0156 4236 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:29:36.0156 4236 asc3350p - ok
20:29:36.0171 4236 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:29:36.0171 4236 asc3550 - ok
20:29:36.0203 4236 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:29:36.0203 4236 AsyncMac - ok
20:29:36.0218 4236 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:29:36.0218 4236 atapi - ok
20:29:36.0234 4236 Atdisk - ok
20:29:36.0296 4236 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:29:36.0296 4236 Atmarpc - ok
20:29:36.0390 4236 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:29:36.0406 4236 audstub - ok
20:29:36.0468 4236 avgio (53d688e5f619edd01232b649a0c06008) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
20:29:36.0484 4236 avgio - ok
20:29:36.0500 4236 avgntflt (509bb9f79f7986cb0d4d7a7bef35c6d5) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
20:29:36.0750 4236 avgntflt - ok
20:29:36.0828 4236 avipbb (4ae8120e2f9466894849ee3c97a65101) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:29:36.0828 4236 avipbb - ok
20:29:36.0859 4236 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:29:36.0875 4236 b57w2k - ok
20:29:36.0906 4236 BASFND (5c68ac6f3e5b3e6d6a78e97d05e42c3a) C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
20:29:36.0906 4236 BASFND - ok
20:29:37.0031 4236 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:29:37.0031 4236 Beep - ok
20:29:37.0031 4236 catchme - ok
20:29:37.0093 4236 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:29:37.0109 4236 cbidf - ok
20:29:37.0203 4236 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:29:37.0203 4236 cbidf2k - ok
20:29:37.0296 4236 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:29:37.0312 4236 CCDECODE - ok
20:29:37.0390 4236 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:29:37.0390 4236 cd20xrnt - ok
20:29:37.0421 4236 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:29:37.0421 4236 Cdaudio - ok
20:29:37.0437 4236 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
20:29:37.0437 4236 Cdfs - ok
20:29:37.0484 4236 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:29:37.0484 4236 Cdrom - ok
20:29:37.0500 4236 Changer - ok
20:29:37.0640 4236 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:29:37.0640 4236 CmBatt - ok
20:29:37.0656 4236 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:29:37.0656 4236 CmdIde - ok
20:29:37.0671 4236 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:29:37.0671 4236 Compbatt - ok
20:29:37.0703 4236 CompFilter (0fc745fe79f51168e100c4f0b8738e07) C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
20:29:37.0703 4236 CompFilter - ok
20:29:37.0750 4236 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:29:37.0750 4236 Cpqarray - ok
20:29:37.0796 4236 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:29:37.0796 4236 dac2w2k - ok
20:29:37.0828 4236 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:29:37.0828 4236 dac960nt - ok
20:29:37.0875 4236 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
20:29:37.0875 4236 Disk - ok
20:29:37.0921 4236 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
20:29:37.0921 4236 DLABMFSM - ok
20:29:37.0953 4236 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
20:29:37.0953 4236 DLABOIOM - ok
20:29:37.0953 4236 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
20:29:37.0968 4236 DLACDBHM - ok
20:29:37.0984 4236 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
20:29:37.0984 4236 DLADResM - ok
20:29:38.0000 4236 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
20:29:38.0000 4236 DLAIFS_M - ok
20:29:38.0015 4236 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
20:29:38.0015 4236 DLAOPIOM - ok
20:29:38.0031 4236 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
20:29:38.0031 4236 DLAPoolM - ok
20:29:38.0062 4236 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
20:29:38.0062 4236 DLARTL_M - ok
20:29:38.0078 4236 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
20:29:38.0078 4236 DLAUDFAM - ok
20:29:38.0109 4236 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
20:29:38.0125 4236 DLAUDF_M - ok
20:29:38.0296 4236 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
20:29:38.0343 4236 dmboot - ok
20:29:38.0656 4236 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
20:29:38.0656 4236 dmio - ok
20:29:38.0718 4236 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:29:38.0718 4236 dmload - ok
20:29:38.0781 4236 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:29:38.0781 4236 DMusic - ok
20:29:38.0906 4236 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:29:38.0906 4236 dpti2o - ok
20:29:38.0984 4236 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:29:38.0984 4236 drmkaud - ok
20:29:39.0046 4236 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
20:29:39.0046 4236 DRVMCDB - ok
20:29:39.0062 4236 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
20:29:39.0062 4236 DRVNDDM - ok
20:29:39.0109 4236 DXEC01 (549734664886d91222969845e4311d1b) C:\WINDOWS\system32\drivers\dxec01.sys
20:29:39.0109 4236 DXEC01 - ok
20:29:39.0125 4236 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:29:39.0125 4236 E100B - ok
20:29:39.0156 4236 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
20:29:39.0171 4236 Fastfat - ok
20:29:39.0234 4236 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:29:39.0234 4236 Fdc - ok
20:29:39.0265 4236 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
20:29:39.0265 4236 Fips - ok
20:29:39.0281 4236 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:29:39.0281 4236 Flpydisk - ok
20:29:39.0312 4236 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:29:39.0312 4236 FltMgr - ok
20:29:39.0328 4236 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:29:39.0343 4236 Fs_Rec - ok
20:29:39.0781 4236 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:29:39.0781 4236 Ftdisk - ok
20:29:39.0890 4236 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:29:39.0890 4236 GEARAspiWDM - ok
20:29:39.0937 4236 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:29:39.0937 4236 Gpc - ok
20:29:39.0968 4236 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys
20:29:39.0968 4236 guardian2 - ok
20:29:40.0015 4236 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:29:40.0015 4236 HDAudBus - ok
20:29:40.0046 4236 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:29:40.0046 4236 HidUsb - ok
20:29:40.0093 4236 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:29:40.0093 4236 hpn - ok
20:29:40.0140 4236 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
20:29:40.0140 4236 HSFHWAZL - ok
20:29:40.0187 4236 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
20:29:40.0203 4236 HSF_DPV - ok
20:29:40.0265 4236 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
20:29:40.0265 4236 HTTP - ok
20:29:40.0281 4236 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:29:40.0281 4236 i2omgmt - ok
20:29:40.0296 4236 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:29:40.0296 4236 i2omp - ok
20:29:40.0328 4236 i8042prt (aeab17a80d93e6ae26dc29e694c331b6) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:29:40.0343 4236 i8042prt ( Rootkit.Win32.ZAccess.k ) - infected
20:29:40.0343 4236 i8042prt - detected Rootkit.Win32.ZAccess.k (0)
20:29:40.0484 4236 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:29:40.0484 4236 Imapi - ok
20:29:40.0515 4236 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:29:40.0640 4236 ini910u - ok
20:29:40.0656 4236 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:29:40.0656 4236 IntelIde - ok
20:29:40.0687 4236 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:29:40.0687 4236 intelppm - ok
20:29:40.0703 4236 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:29:40.0703 4236 Ip6Fw - ok
20:29:40.0734 4236 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\Drivers\IpFltDrv.sys
20:29:40.0734 4236 IpFilterDriver - ok
20:29:40.0765 4236 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:29:40.0765 4236 IpInIp - ok
20:29:40.0781 4236 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:29:40.0781 4236 IpNat - ok
20:29:40.0812 4236 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:29:40.0812 4236 IPSec - ok
20:29:40.0843 4236 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:29:40.0843 4236 IRENUM - ok
20:29:40.0875 4236 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:29:40.0875 4236 isapnp - ok
20:29:40.0906 4236 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:29:40.0906 4236 Kbdclass - ok
20:29:40.0937 4236 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
20:29:40.0937 4236 kmixer - ok
20:29:40.0953 4236 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
20:29:40.0953 4236 KSecDD - ok
20:29:40.0968 4236 lbrtfdc - ok
20:29:41.0000 4236 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
20:29:41.0000 4236 LVPr2Mon - ok
20:29:41.0046 4236 LVRS (f01fc94eb8f39f7d6e5f5b367473381e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
20:29:41.0046 4236 LVRS - ok
20:29:41.0078 4236 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\WINDOWS\system32\drivers\LVUSBSta.sys
20:29:41.0078 4236 LVUSBSta - ok
20:29:41.0250 4236 LVUVC (caffd79278b3d8fe75fdfe1b66c2565f) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
20:29:41.0828 4236 LVUVC - ok
20:29:41.0890 4236 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
20:29:41.0890 4236 MBAMProtector - ok
20:29:41.0921 4236 MBAMSwissArmy - ok
20:29:41.0968 4236 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:29:41.0968 4236 mdmxsdk - ok
20:29:42.0000 4236 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:29:42.0000 4236 mnmdd - ok
20:29:42.0015 4236 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
20:29:42.0015 4236 Modem - ok
20:29:42.0046 4236 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:29:42.0046 4236 Mouclass - ok
20:29:42.0093 4236 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:29:42.0093 4236 mouhid - ok
20:29:42.0109 4236 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
20:29:42.0109 4236 MountMgr - ok
20:29:42.0125 4236 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:29:42.0125 4236 mraid35x - ok
20:29:42.0156 4236 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:29:42.0156 4236 MRxDAV - ok
20:29:42.0203 4236 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:29:42.0218 4236 MRxSmb - ok
20:29:42.0234 4236 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
20:29:42.0234 4236 Msfs - ok
20:29:42.0265 4236 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:29:42.0265 4236 MSKSSRV - ok
20:29:42.0296 4236 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:29:42.0296 4236 MSPCLOCK - ok
20:29:42.0312 4236 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
20:29:42.0312 4236 MSPQM - ok
20:29:42.0343 4236 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:29:42.0343 4236 mssmbios - ok
20:29:42.0531 4236 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
20:29:42.0531 4236 MSTEE - ok
20:29:42.0546 4236 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
20:29:42.0546 4236 Mup - ok
20:29:42.0562 4236 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:29:42.0562 4236 NABTSFEC - ok
20:29:42.0593 4236 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
20:29:42.0593 4236 NDIS - ok
20:29:42.0609 4236 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:29:42.0609 4236 NdisIP - ok
20:29:42.0625 4236 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:29:42.0625 4236 NdisTapi - ok
20:29:42.0640 4236 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:29:42.0640 4236 Ndisuio - ok
20:29:42.0656 4236 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:29:42.0656 4236 NdisWan - ok
20:29:42.0687 4236 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
20:29:42.0687 4236 NDProxy - ok
20:29:42.0687 4236 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:29:42.0687 4236 NetBIOS - ok
20:29:42.0703 4236 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:29:42.0718 4236 NetBT - ok
20:29:42.0781 4236 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
20:29:42.0843 4236 NETw4x32 - ok
20:29:42.0859 4236 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:29:42.0859 4236 NIC1394 - ok
20:29:42.0890 4236 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
20:29:42.0890 4236 Npfs - ok
20:29:42.0906 4236 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
20:29:42.0906 4236 Ntfs - ok
20:29:42.0921 4236 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:29:42.0921 4236 Null - ok
20:29:43.0109 4236 nv (8129d762cc3e3c5ab9cf2eabc377fb73) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:29:43.0250 4236 nv - ok
20:29:43.0265 4236 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:29:43.0265 4236 NwlnkFlt - ok
20:29:43.0281 4236 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:29:43.0281 4236 NwlnkFwd - ok
20:29:43.0296 4236 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:29:43.0312 4236 ohci1394 - ok
20:29:43.0343 4236 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
20:29:43.0406 4236 Parport - ok
20:29:44.0203 4236 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
20:29:44.0203 4236 PartMgr - ok
20:29:44.0250 4236 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:29:44.0250 4236 ParVdm - ok
20:29:44.0281 4236 PBADRV (9ec004140e1b675acdeb07f66ee797a4) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
20:29:44.0281 4236 PBADRV - ok
20:29:44.0328 4236 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
20:29:44.0328 4236 PCI - ok
20:29:44.0593 4236 PCIDump - ok
20:29:44.0640 4236 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:29:44.0640 4236 PCIIde - ok
20:29:44.0671 4236 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:29:44.0671 4236 Pcmcia - ok
20:29:44.0671 4236 PDCOMP - ok
20:29:44.0687 4236 PDFRAME - ok
20:29:44.0687 4236 PDRELI - ok
20:29:44.0703 4236 PDRFRAME - ok
20:29:44.0750 4236 pepifilter (ea99a71316519d755f50a2ae2f828d9f) C:\WINDOWS\system32\DRIVERS\lv302af.sys
20:29:44.0750 4236 pepifilter - ok
20:29:44.0765 4236 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:29:44.0765 4236 perc2 - ok
20:29:44.0796 4236 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:29:44.0796 4236 perc2hib - ok
20:29:44.0875 4236 pgfilter (2ee7f9a01fac4d7c5516a5c3ce130fd7) C:\Program Files\PeerGuardian2\pgfilter.sys
20:29:44.0875 4236 pgfilter - ok
20:29:44.0953 4236 PID_PEPI (84b9084692fe00df09f20e516d831c57) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
20:29:44.0984 4236 PID_PEPI - ok
20:29:45.0015 4236 pnarp (2aff4c47e96a44c325a1e76548d0d26f) C:\WINDOWS\system32\DRIVERS\pnarp.sys
20:29:45.0015 4236 pnarp - ok
20:29:45.0046 4236 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:29:45.0046 4236 PptpMiniport - ok
20:29:45.0046 4236 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
20:29:45.0062 4236 PSched - ok
20:29:45.0062 4236 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:29:45.0062 4236 Ptilink - ok
20:29:45.0078 4236 purendis (9dffc5ffbb80c38f385e9137df5b33ca) C:\WINDOWS\system32\DRIVERS\purendis.sys
20:29:45.0078 4236 purendis - ok
20:29:45.0109 4236 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:29:45.0125 4236 PxHelp20 - ok
20:29:45.0140 4236 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:29:45.0140 4236 ql1080 - ok
20:29:45.0156 4236 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:29:45.0156 4236 Ql10wnt - ok
20:29:45.0156 4236 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:29:45.0156 4236 ql12160 - ok
20:29:45.0171 4236 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:29:45.0171 4236 ql1240 - ok
20:29:45.0203 4236 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:29:45.0203 4236 ql1280 - ok
20:29:45.0218 4236 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:29:45.0218 4236 RasAcd - ok
20:29:45.0250 4236 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:29:45.0250 4236 Rasl2tp - ok
20:29:45.0265 4236 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:29:45.0265 4236 RasPppoe - ok
20:29:45.0281 4236 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:29:45.0281 4236 Raspti - ok
20:29:45.0312 4236 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:29:45.0312 4236 Rdbss - ok
20:29:45.0328 4236 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:29:45.0343 4236 RDPCDD - ok
20:29:45.0703 4236 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:29:45.0703 4236 rdpdr - ok
20:29:45.0734 4236 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
20:29:45.0734 4236 RDPWD - ok
20:29:45.0750 4236 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:29:45.0750 4236 redbook - ok
20:29:45.0859 4236 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
20:29:45.0906 4236 RimUsb - ok
20:29:45.0968 4236 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:29:46.0000 4236 RimVSerPort - ok
20:29:46.0031 4236 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:29:46.0031 4236 ROOTMODEM - ok
20:29:46.0109 4236 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
20:29:46.0109 4236 s24trans - ok
20:29:46.0140 4236 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:29:46.0140 4236 Secdrv - ok
20:29:46.0187 4236 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:29:46.0187 4236 serenum - ok
20:29:46.0218 4236 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
20:29:46.0218 4236 Serial - ok
20:29:46.0250 4236 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:29:46.0250 4236 Sfloppy - ok
20:29:46.0265 4236 Simbad - ok
20:29:46.0281 4236 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:29:46.0281 4236 sisagp - ok
20:29:46.0312 4236 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:29:46.0312 4236 SLIP - ok
20:29:46.0640 4236 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:29:46.0671 4236 Sparrow - ok
20:29:46.0781 4236 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
20:29:46.0796 4236 splitter - ok
20:29:46.0953 4236 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
20:29:46.0968 4236 sr - ok
20:29:47.0000 4236 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
20:29:47.0000 4236 Srv - ok
20:29:47.0031 4236 ssmdrv (3d2829fde1c52fc64da5413889ce4dee) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:29:47.0031 4236 ssmdrv - ok
20:29:47.0093 4236 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
20:29:47.0140 4236 STHDA - ok
20:29:47.0187 4236 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:29:47.0187 4236 streamip - ok
20:29:47.0234 4236 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:29:47.0234 4236 swenum - ok
20:29:47.0265 4236 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:29:47.0265 4236 swmidi - ok
20:29:47.0296 4236 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:29:47.0296 4236 symc810 - ok
20:29:47.0312 4236 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:29:47.0312 4236 symc8xx - ok
20:29:47.0328 4236 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:29:47.0328 4236 sym_hi - ok
20:29:47.0375 4236 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:29:47.0421 4236 sym_u3 - ok
20:29:47.0609 4236 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:29:47.0609 4236 sysaudio - ok
20:29:47.0671 4236 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:29:47.0671 4236 Tcpip - ok
20:29:47.0718 4236 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:29:47.0718 4236 TDPIPE - ok
20:29:47.0734 4236 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
20:29:47.0734 4236 TDTCP - ok
20:29:47.0765 4236 TermDD (d10bda639465d9cd5d572965edfe37be) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:29:47.0765 4236 TermDD - ok
20:29:47.0781 4236 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:29:47.0781 4236 TosIde - ok
20:29:47.0843 4236 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
20:29:47.0843 4236 Udfs - ok
20:29:47.0875 4236 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:29:47.0875 4236 ultra - ok
20:29:47.0890 4236 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
20:29:47.0890 4236 Update - ok
20:29:47.0921 4236 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:29:47.0953 4236 USBAAPL - ok
20:29:47.0984 4236 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
20:29:47.0984 4236 usbaudio - ok
20:29:48.0015 4236 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:29:48.0015 4236 usbccgp - ok
20:29:48.0046 4236 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:29:48.0046 4236 usbehci - ok
20:29:48.0062 4236 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:29:48.0062 4236 usbhub - ok
20:29:48.0093 4236 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:29:48.0093 4236 usbprint - ok
20:29:48.0125 4236 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:29:48.0125 4236 usbscan - ok
20:29:48.0187 4236 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:29:48.0187 4236 USBSTOR - ok
20:29:48.0218 4236 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:29:48.0218 4236 usbuhci - ok
20:29:48.0250 4236 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
20:29:48.0250 4236 usbvideo - ok
20:29:48.0265 4236 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
20:29:48.0265 4236 VgaSave - ok
20:29:48.0296 4236 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:29:48.0296 4236 viaagp - ok
20:29:48.0312 4236 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:29:48.0312 4236 ViaIde - ok
20:29:48.0437 4236 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
20:29:48.0468 4236 VolSnap - ok
20:29:48.0875 4236 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:29:48.0890 4236 Wanarp - ok
20:29:48.0968 4236 WaveFDE (db626c46997c2430d4958da5c7ffb969) C:\WINDOWS\system32\DRIVERS\WaveFDE.sys
20:29:48.0968 4236 WaveFDE - ok
20:29:49.0046 4236 WavxDMgr (51e756f2bfb5e3adcb15f966ad293231) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
20:29:49.0046 4236 WavxDMgr - ok
20:29:49.0062 4236 WDICA - ok
20:29:49.0093 4236 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
20:29:49.0093 4236 wdmaud - ok
20:29:49.0140 4236 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:29:49.0187 4236 winachsf - ok
20:29:49.0234 4236 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:29:49.0234 4236 WmiAcpi - ok
20:29:49.0281 4236 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:29:49.0281 4236 WSTCODEC - ok
20:29:49.0328 4236 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:29:49.0937 4236 \Device\Harddisk0\DR0 - ok
20:29:49.0937 4236 Boot (0x1200) (19a403d15f0151d02b36a1bd014902ee) \Device\Harddisk0\DR0\Partition0
20:29:49.0937 4236 \Device\Harddisk0\DR0\Partition0 - ok
20:29:49.0937 4236 ============================================================
20:29:49.0937 4236 Scan finished
20:29:49.0937 4236 ============================================================
20:29:49.0937 5948 Detected object count: 1
20:29:49.0937 5948 Actual detected object count: 1
20:30:03.0062 5948 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\i8042prt.sys) error 1813
20:30:14.0562 5948 Backup copy found, using it..
20:30:14.0578 5948 C:\WINDOWS\system32\DRIVERS\i8042prt.sys - will be cured on reboot
20:30:17.0250 5948 i8042prt ( Rootkit.Win32.ZAccess.k ) - User select action: Cure
20:30:29.0078 3012 Deinitialize success

andrew.fisher.336
Novice
Novice

Posts Posts : 11
Joined Joined : 2011-04-22
OS OS : XP
Points Points : 20691
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Google Serches just lead to spam links

Post by Belahzur on Tue Jan 03, 2012 1:05 am

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum