Solved Browser Not Connecting To Web Pages

Status
Not open for further replies.
D

dbhojwani

Posts: 24   +0
Have a bit of a frustrating situation. I am unable to connect to any webpages using firefox. I have checked my modem and router and everything is functioning as it should. There are two other desktop systems connected to the router and they are functioning perfectly fine. I've tried using IE, however, IE shuts off immediately after starting up.

I have AVG, Malewarebytes, and SuperAntiSpyware installed but as I cannot establish a proper net connection on my system, I am unable to download updated virus definition files and hence running the scans produce nothing of value except in finding tracking cookies.

I have run HJT and have attached the log. Not sure if this is maleware based or whether I have some other system problem.

Any help on this would be great.
 

Attachments

  • hijackthis - 10-7-2010.txt
    13.3 KB · Views: 1
Let's see, if you have any connection...

1. Click Start>Run (Start>"Start search" in Vista).

2. Type in (or copy and paste):

cmd /c ping google.com>%temp%\$.$&notepad %temp%\$.$

and press Enter.

3. Notepad will open.

4. Copy all text in Notepad ([Ctrl-A], then [Ctrl-C]), and then post it (paste = [Ctrl-V]) in your next reply.
 
Hi Broni,

Here's the data you requested from the ping:



Pinging google.com [74.125.227.48] with 32 bytes of data:



Reply from 74.125.227.48: bytes=32 time=92ms TTL=51

Reply from 74.125.227.48: bytes=32 time=94ms TTL=53

Reply from 74.125.227.48: bytes=32 time=68ms TTL=51

Reply from 74.125.227.48: bytes=32 time=95ms TTL=51



Ping statistics for 74.125.227.48:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 68ms, Maximum = 95ms, Average = 87ms
 
Your connection is fine.
It looks like some malware is blocking your internet access.

Download following tools on good computer and transfer them to bad computer, using USB flash drive.
Run them on bad computer.
Do NOT use that particular USB flash drive on good computer for now.


Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.pif
* Rkill.exe


  • * Double-click on the Rkill desktop icon to run the tool.
    * If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    * A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    * If not, delete the file, then download and use the one provided in Link 2.
    * If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    * Do not reboot until instructed.
    * If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run then try to immediately run the following.

Now download and run exeHelper.


  • * Please download exeHelper from Raktor to your desktop.
    * Double-click on exeHelper.com to run the fix.
    * A black window should pop up, press any key to close once the fix is completed.
    * A log file named log.txt will be created in the directory where you ran exeHelper.com
    * Attach the log.txt file to your next message.

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

====================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
I followed the steps you outlined and here is a summary of the results:

1st try:
Ran RKill successfully and immediately followed by running exeHelper which also run successfully.

After this, I disabled all anti-virus, script-blocking and real-time protection programs and ran ComboFix. Howerver, right after I double clicked the icon, got the blue screen and my system restarted.

2nd try:
Re-ran RKill successfully again and immediately followed by running exeHelper which also run successfully.

Double-clicked on ComboFix and this time it did open up successfully, however, I was not prompted with any instructions and a command prompt window opened with a blinking cursor. This was around 8pm. I checked back around 11pm and still nothing had happened. Thinking it may be running, I left it overnight but once again this morning, didn't seem to have any new information.

Tried looking for a log file in the event it was created but found nothing.

Did I do something wrong when I tried to run ComboFix?

I have attached the log file for exeHelper nonetheless.
 

Attachments

  • exehelperlog.txt
    912 bytes · Views: 0
You did just fine.
Your infection is interfering.

Delete your Combofix file, download fresh one, but rename combofix.exe to broni.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Restart computer in Safe Mode, run rKill, exehelper and then broni.exe
 
Running it through Safe Mode worked! Although, the first time around, I didn't boot into Safe Mode with Networking so Recovery Console was not installed.

I've attached the new exeHelper log and Combofix log.
 

Attachments

  • exehelperlog.txt
    1.3 KB · Views: 0
  • log.txt
    18.7 KB · Views: 1
Very good :)
Combofix looks pretty good now :)

See, if you can run Combofix in normal mode, allow recovery console installation and post new log.

When done...

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt


STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.


STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.



DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
ComboFix didn't run in Normal mode so I re-ran it in Safe Mode with Networking and had the Recovery Console installed.

Additionally, Malewarebytes would now download the updated virus definition file in normal mode so I had to do it through Safe Mode with Networking. I ran this twice, once in Safe mode and once in Normal mode and have attached both files.

Also attached are the GMER log and the MBRCheck log is posted below:

MBRCheck Log-
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 151):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7A12000 \WINDOWS\system32\KDCOM.DLL
0xF7922000 \WINDOWS\system32\BOOTVID.dll
0xF73E3000 ACPI.sys
0xF7A14000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF73D2000 pci.sys
0xF7512000 isapnp.sys
0xF7522000 ohci1394.sys
0xF7532000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF7926000 compbatt.sys
0xF792A000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7ADA000 pciide.sys
0xF7792000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF73B4000 pcmcia.sys
0xF7542000 MountMgr.sys
0xF7395000 ftdisk.sys
0xF792E000 ACPIEC.sys
0xF7ADB000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF779A000 PartMgr.sys
0xF7932000 UBHelper.sys
0xF7552000 VolSnap.sys
0xF737D000 atapi.sys
0xF7562000 disk.sys
0xF7572000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF735D000 fltmgr.sys
0xF734B000 sr.sys
0xF7582000 PxHelp20.sys
0xF7327000 Fastfat.sys
0xF7310000 KSecDD.sys
0xF72E3000 NDIS.sys
0xF72C9000 Mup.sys
0xF75B2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7109000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF70F5000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF70CD000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF6F70000 \SystemRoot\system32\DRIVERS\w39n51.sys
0xF6F4F000 \SystemRoot\system32\DRIVERS\b57xp32.sys
0xF77C2000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6F2B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77CA000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF75C2000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF6F03000 \SystemRoot\system32\drivers\tifm21.sys
0xF75D2000 \SystemRoot\system32\DRIVERS\smcirda.sys
0xF79BA000 \SystemRoot\system32\DRIVERS\irenum.sys
0xF75E2000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF77D2000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0xF77DA000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF6ED4000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7A16000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF77E2000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF75F2000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7602000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7612000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6EB1000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7A18000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0xF79C6000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF79CA000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF6DBC000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xF6DA1000 \SystemRoot\system32\DRIVERS\dne2000.sys
0xF7AFE000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF6D8F000 \SystemRoot\system32\DRIVERS\bridge.sys
0xF77EA000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF77F2000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF7672000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF79DE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6D78000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7682000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7692000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF6D67000 \SystemRoot\system32\DRIVERS\psched.sys
0xF76A2000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF77FA000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7802000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6C6F000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF76B2000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A1A000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6C11000 \SystemRoot\system32\DRIVERS\update.sys
0xF79EE000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF76C2000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xEE7F1000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xEE7CD000 \SystemRoot\system32\drivers\portcls.sys
0xF7702000 \SystemRoot\system32\drivers\drmk.sys
0xEE79B000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xEE6A7000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xEE5F6000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF780A000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7722000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF728D000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7A20000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7B46000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A22000 \SystemRoot\System32\Drivers\Beep.SYS
0xF782A000 \SystemRoot\System32\drivers\vga.sys
0xF7A24000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A26000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7832000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF783A000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7289000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xEE4FB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xEE4A2000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xEE468000 \SystemRoot\System32\Drivers\avgtdix.sys
0xEE442000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xEE41A000 \SystemRoot\system32\DRIVERS\netbt.sys
0xEE3F8000 \SystemRoot\System32\drivers\afd.sys
0xF7772000 \SystemRoot\system32\DRIVERS\netbios.sys
0xEE3D7000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
0xF7842000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xEE3AC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF6E99000 \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys
0xEE314000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7782000 \SystemRoot\System32\Drivers\Fips.SYS
0xF784A000 \SystemRoot\System32\Drivers\avgmfx86.sys
0xEE2E0000 \SystemRoot\System32\Drivers\avgldx86.sys
0xF7622000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7632000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF7642000 \SystemRoot\system32\drivers\lvusbsta.sys
0xEE1D3000 \SystemRoot\system32\DRIVERS\lv321av.sys
0xF7652000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0xF6D27000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xEE193000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7ABC000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6CAB000 \SystemRoot\System32\drivers\Dxapi.sys
0xF786A000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7B1A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF054000 \SystemRoot\System32\ati2cqag.dll
0xBF08E000 \SystemRoot\System32\atikvmag.dll
0xBF0C4000 \SystemRoot\System32\ati3duag.dll
0xBF32B000 \SystemRoot\System32\ativvaxx.dll
0xF787A000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xEBF75000 \SystemRoot\system32\DRIVERS\irda.sys
0xEC097000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xEC07F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xEBB60000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xEB9E3000 \SystemRoot\system32\drivers\wdmaud.sys
0xEBCAD000 \SystemRoot\system32\drivers\sysaudio.sys
0xF789A000 \??\C:\WINDOWS\system32\drivers\btserial.sys
0xEB667000 \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
0xF7BD8000 \??\C:\WINDOWS\system32\drivers\epm-psd.sys
0xEB653000 \??\C:\WINDOWS\system32\drivers\epm-shd.sys
0xEB4E4000 \SystemRoot\system32\DRIVERS\srv.sys
0xEB5A7000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF7A9C000 \??\C:\WINDOWS\system32\drivers\osaio.sys
0xF7BFB000 \??\C:\WINDOWS\system32\drivers\osanbm.sys
0xBA45D000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7A6E000 \SystemRoot\System32\Drivers\NdisFilt.sys
0xBA003000 \??\C:\Acer\Empowering Technology\eRecovery\int15.sys
0xB9E31000 \??\C:\DOCUME~1\user\LOCALS~1\Temp\fgldapob.sys
0xB9E06000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\System32\ntdll.dll

Processes (total 74):
0 System Idle Process
4 System
1176 C:\WINDOWS\System32\SMSS.EXE
1296 CSRSS.EXE
1324 C:\WINDOWS\System32\WINLOGON.EXE
1368 C:\WINDOWS\System32\SERVICES.EXE
1380 C:\WINDOWS\System32\LSASS.EXE
1540 C:\WINDOWS\System32\ATI2EVXX.EXE
1556 C:\WINDOWS\System32\SVCHOST.EXE
1676 SVCHOST.EXE
1872 C:\WINDOWS\System32\SVCHOST.EXE
1936 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
1968 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
2020 SVCHOST.EXE
416 SVCHOST.EXE
916 C:\Program Files\AVG\AVG9\AVGCHSVX.EXE
924 C:\Program Files\AVG\AVG9\AVGRSX.EXE
912 C:\WINDOWS\System32\SPOOLSV.EXE
1072 C:\Program Files\AVG\AVG9\AVGCSRVX.EXE
624 SVCHOST.EXE
720 C:\Program Files\AVG\AVG9\AVGWDSVC.EXE
732 C:\Acer\Empowering Technology\admServ.exe
1780 C:\Program Files\AVG\AVG9\AVGNSX.EXE
252 C:\WINDOWS\System32\ATI2EVXX.EXE
2000 SVCHOST.EXE
1808 C:\Program Files\WIDCOMM\Bluetooth Software\BIN\BTWDINS.EXE
1852 C:\WINDOWS\EXPLORER.EXE
2072 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
2116 C:\Program Files\Cisco Systems\VPN Client\CVPND.EXE
2172 C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
2188 C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
2208 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
2272 C:\Program Files\Java\JRE6\BIN\JQS.EXE
2356 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
2468 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
2544 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2800 C:\WINDOWS\System32\SVCHOST.EXE
2848 C:\Program Files\AVG\AVG9\avgemc.exe
2904 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
3312 C:\WINDOWS\System32\wuauclt.exe
3476 C:\Program Files\AVG\AVG9\AVGCSRVX.EXE
3988 C:\WINDOWS\System32\wscntfy.exe
4016 C:\WINDOWS\RTHDCPL.EXE
4036 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
4048 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
228 C:\Program Files\Acer\Acer Arcade\PCMService.exe
1636 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
1624 C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
1736 C:\WINDOWS\System32\rundll32.exe
1744 C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
1900 C:\Program Files\Launch Manager\QtZgAcer.EXE
1016 C:\Acer\Empowering Technology\eRecovery\Monitor.exe
1988 C:\WINDOWS\System32\LVCOMSX.EXE
2056 C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
784 C:\WINDOWS\System32\ElkCtrl.exe
2204 C:\Acer\Empowering Technology\admtray.exe
1008 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
2464 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2592 C:\Program Files\AVG\AVG9\avgtray.exe
2620 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
2660 C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
2708 C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
2812 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
3808 wmiprvse.exe
2224 wmiprvse.exe
2752 alg.exe
3788 C:\WINDOWS\System32\WBEM\unsecapp.exe
440 C:\Program Files\Real\RealPlayer\RealPlay.exe
848 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
3928 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
4268 C:\WINDOWS\System32\ctfmon.exe
4668 C:\WINDOWS\System32\wuauclt.exe
4296 C:\Program Files\Real\RealPlayer\RealPlay.exe
1768 C:\Documents and Settings\USER\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`f98b7a00 (FAT32)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000c`21d3fe00 (FAT32)

PhysicalDrive0 Model Number: ST9100824AS, Rev: 7.24

Size Device Name MBR Status
--------------------------------------------
93 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
 

Attachments

  • mbam-log-2010-10-09 (17-41-21) (Safe Mode).txt
    1 KB · Views: 1
  • mbam-log-2010-10-09 (17-52-12) (Normal Mode).txt
    894 bytes · Views: 1
  • gmer.log
    2.5 KB · Views: 1
  • MBRCheck_10.09.10_18.19.16.txt
    11.6 KB · Views: 1
  • combofix log 2.txt
    13.3 KB · Views: 1
Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
I ran TDSKiller but it didn't find anything. Here's the first part of the log:

2010/10/09 21:25:21.0812 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/09 21:25:21.0812 ================================================================================
2010/10/09 21:25:21.0812 SystemInfo:
2010/10/09 21:25:21.0812
2010/10/09 21:25:21.0812 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/09 21:25:21.0812 Product type: Workstation
2010/10/09 21:25:21.0812 ComputerName: DHRUV
2010/10/09 21:25:21.0812 UserName: user
2010/10/09 21:25:21.0812 Windows directory: C:\WINDOWS
2010/10/09 21:25:21.0812 System windows directory: C:\WINDOWS
2010/10/09 21:25:21.0812 Processor architecture: Intel x86
2010/10/09 21:25:21.0812 Number of processors: 2
2010/10/09 21:25:21.0812 Page size: 0x1000
2010/10/09 21:25:21.0812 Boot type: Normal boot
2010/10/09 21:25:21.0812 ================================================================================
2010/10/09 21:25:22.0093 Initialize success
2010/10/09 21:25:39.0171 ================================================================================
2010/10/09 21:25:39.0171 Scan started
2010/10/09 21:25:39.0171 Mode: Manual;
2010/10/09 21:25:39.0171 ================================================================================
2010/10/09 21:25:39.0765 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/10/09 21:25:39.0875 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/09 21:25:39.0937 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2010/10/09 21:25:40.0093 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/10/09 21:25:40.0187 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/10/09 21:25:40.0359 AegisP (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2010/10/09 21:25:40.0546 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/10/09 21:25:40.0703 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/10/09 21:25:40.0859 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/10/09 21:25:41.0000 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/10/09 21:25:41.0140 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/10/09 21:25:41.0296 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/10/09 21:25:41.0500 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/10/09 21:25:41.0640 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/10/09 21:25:41.0734 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/10/09 21:25:41.0890 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/10/09 21:25:42.0000 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/10/09 21:25:42.0156 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/10/09 21:25:42.0312 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/10/09 21:25:42.0468 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/10/09 21:25:42.0578 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/09 21:25:42.0671 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/09 21:25:43.0078 ati2mtag (d81980c64543ba5c39dd2a92dc1d2daf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/10/09 21:25:43.0281 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/09 21:25:43.0437 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/09 21:25:43.0531 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2010/10/09 21:25:43.0609 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2010/10/09 21:25:43.0734 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\System32\Drivers\avgtdix.sys
2010/10/09 21:25:43.0890 b57w2k (48bf91cffbcdd12a710207f2a08fec4d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2010/10/09 21:25:43.0968 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/09 21:25:44.0046 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
2010/10/09 21:25:44.0078 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
2010/10/09 21:25:44.0265 btaudio (0c7b763abda79b53e2016af1af8b9706) C:\WINDOWS\system32\drivers\btaudio.sys
2010/10/09 21:25:44.0453 BTDriver (1b24333d2bcb4dc1c5c3b15bedace5b4) C:\WINDOWS\system32\DRIVERS\btport.sys
2010/10/09 21:25:44.0593 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2010/10/09 21:25:44.0703 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2010/10/09 21:25:44.0812 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
2010/10/09 21:25:44.0984 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2010/10/09 21:25:45.0218 BTKRNL (54e368a1768c627f2adb8ab5624d0bc4) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2010/10/09 21:25:45.0468 BTSERIAL (8aeca4330654da58423e7fe03a704513) C:\WINDOWS\system32\drivers\btserial.sys
2010/10/09 21:25:45.0656 BTWDNDIS (bde1502aabe76f71d32178e5c6a58e89) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2010/10/09 21:25:45.0843 BTWUSB (fca94255e0a0e65c7c93530bdf10adca) C:\WINDOWS\system32\Drivers\btwusb.sys
2010/10/09 21:25:46.0000 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/10/09 21:25:46.0046 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/09 21:25:46.0125 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/10/09 21:25:46.0265 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/10/09 21:25:46.0328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/09 21:25:46.0406 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/09 21:25:46.0468 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/09 21:25:46.0781 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/10/09 21:25:46.0968 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/10/09 21:25:47.0031 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/10/09 21:25:47.0203 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/10/09 21:25:47.0390 CVirtA (72f820e457bc8a1c61aeb86df89dd41a) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
2010/10/09 21:25:47.0484 CVPNDRVA (25f3c293b1a10eb1e1a2cee5c3c1c62d) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
2010/10/09 21:25:47.0656 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/10/09 21:25:47.0812 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/10/09 21:25:47.0906 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/09 21:25:48.0093 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
2010/10/09 21:25:48.0203 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/09 21:25:48.0359 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/09 21:25:48.0390 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/09 21:25:48.0484 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/09 21:25:48.0703 DNE (c86fbf607445bf693450d84b775f168c) C:\WINDOWS\system32\DRIVERS\dne2000.sys
2010/10/09 21:25:48.0859 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/10/09 21:25:48.0937 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/09 21:25:49.0109 EpmPsd (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys
2010/10/09 21:25:49.0296 EpmShd (50425cbd80468bf53ba90f0d7cc61805) C:\WINDOWS\system32\drivers\epm-shd.sys
2010/10/09 21:25:49.0406 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/09 21:25:49.0468 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/10/09 21:25:49.0531 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/09 21:25:49.0593 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/10/09 21:25:49.0703 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/10/09 21:25:49.0781 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/09 21:25:49.0906 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/09 21:25:50.0140 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/09 21:25:50.0265 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/10/09 21:25:50.0343 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/09 21:25:50.0515 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/10/09 21:25:50.0593 HSFHWAZL (a30d7011c1b80a0bc16602d99218d522) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2010/10/09 21:25:50.0750 HSF_DPV (5a5a7721d9c62d77fc0faba9b2cf5be9) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2010/10/09 21:25:51.0015 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/09 21:25:51.0062 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/10/09 21:25:51.0109 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/10/09 21:25:51.0171 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/10/09 21:25:51.0406 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/09 21:25:51.0593 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/10/09 21:25:51.0921 IntcAzAudAddService (4078d4795e394bf2adbed6fcc9827f78) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/10/09 21:25:52.0375 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/10/09 21:25:52.0484 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/10/09 21:25:52.0593 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/10/09 21:25:52.0640 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/09 21:25:52.0890 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/09 21:25:53.0140 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/09 21:25:53.0390 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/09 21:25:53.0640 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2010/10/09 21:25:53.0890 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/09 21:25:54.0140 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/09 21:25:54.0359 ivusb (339dea550cc17283d6fd689ac7e67c57) C:\WINDOWS\system32\DRIVERS\ivusb.sys
2010/10/09 21:25:54.0578 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/09 21:25:54.0843 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/09 21:25:55.0000 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/09 21:25:55.0484 lv321av (c7513b8eb50d6062384986f279c86078) C:\WINDOWS\system32\DRIVERS\lv321av.sys
2010/10/09 21:25:55.0765 LVUSBSta (a20f5f044a1ecb19d48fdfc7e161f4d2) C:\WINDOWS\system32\drivers\lvusbsta.sys
2010/10/09 21:25:55.0906 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/10/09 21:25:56.0015 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/09 21:25:56.0250 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/09 21:25:56.0500 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/09 21:25:56.0703 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/10/09 21:25:56.0968 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/09 21:25:57.0125 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/10/09 21:25:57.0359 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/09 21:25:57.0484 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/09 21:25:57.0734 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/09 21:25:57.0984 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/09 21:25:58.0218 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/09 21:25:58.0468 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/09 21:25:58.0578 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/09 21:25:58.0828 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/10/09 21:25:59.0078 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/09 21:25:59.0312 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/10/09 21:25:59.0578 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/09 21:25:59.0796 NdisFilt (1f76996253071cbae0a5ab5d8551ef88) C:\WINDOWS\system32\Drivers\NdisFilt.sys
2010/10/09 21:26:00.0031 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/10/09 21:26:00.0281 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/09 21:26:00.0531 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/09 21:26:00.0750 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/09 21:26:00.0984 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/09 21:26:01.0203 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/09 21:26:01.0437 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/09 21:26:01.0656 NETMNT (6a25f27202f3122a44a6b74ee46e7a76) C:\WINDOWS\system32\DRIVERS\NETMNT.sys
2010/10/09 21:26:01.0921 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/10/09 21:26:02.0156 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/09 21:26:02.0421 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/09 21:26:02.0578 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
2010/10/09 21:26:02.0765 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2010/10/09 21:26:02.0828 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/09 21:26:02.0890 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/09 21:26:02.0937 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/09 21:26:03.0156 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/10/09 21:26:03.0359 OsaFsLoc (26c4a4b64d1dd8e6fdfb2f4897be029c) C:\WINDOWS\system32\drivers\OsaFsLoc.sys
2010/10/09 21:26:03.0562 osaio (9d1177c2a8de936b33d85ff75e8cbf1a) C:\WINDOWS\system32\drivers\osaio.sys
2010/10/09 21:26:03.0765 osanbm (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys
2010/10/09 21:26:04.0000 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2010/10/09 21:26:04.0234 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/09 21:26:04.0296 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/09 21:26:04.0500 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/09 21:26:04.0875 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/09 21:26:05.0078 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2010/10/09 21:26:06.0109 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/10/09 21:26:06.0265 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/10/09 21:26:06.0531 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/09 21:26:06.0750 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/09 21:26:06.0781 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/09 21:26:06.0968 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/10/09 21:26:07.0140 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/10/09 21:26:07.0281 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/10/09 21:26:07.0437 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/10/09 21:26:07.0578 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/10/09 21:26:07.0734 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
 

Attachments

  • TDSSKiller.2.4.4.0_09.10.2010_21.25.21_log.txt
    53.8 KB · Views: 0
Here's the remainder of the log:


2010/10/09 21:26:07.0828 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/09 21:26:07.0968 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2010/10/09 21:26:08.0171 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/09 21:26:08.0390 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/09 21:26:08.0421 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/09 21:26:08.0656 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/09 21:26:08.0718 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/09 21:26:08.0921 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/10/09 21:26:09.0156 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/09 21:26:09.0390 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/09 21:26:09.0531 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2010/10/09 21:26:09.0765 s24trans (1cc074e0d48383d4e9bffc6a26c2a58a) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2010/10/09 21:26:09.0890 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/10/09 21:26:10.0031 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2010/10/09 21:26:10.0140 SASKUTIL (67d2688756dd304af655349baad82bff) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2010/10/09 21:26:10.0406 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/09 21:26:10.0625 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2010/10/09 21:26:10.0859 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/09 21:26:11.0187 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/10/09 21:26:11.0421 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/10/09 21:26:11.0578 SMCIRDA (62556d170f22c43a544481e4ee16d2e2) C:\WINDOWS\system32\DRIVERS\smcirda.sys
2010/10/09 21:26:11.0703 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/10/09 21:26:11.0921 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/09 21:26:12.0156 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/09 21:26:12.0343 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/09 21:26:12.0578 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/10/09 21:26:12.0781 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/09 21:26:13.0015 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/09 21:26:13.0171 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/10/09 21:26:13.0312 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/10/09 21:26:13.0453 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/10/09 21:26:13.0609 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/10/09 21:26:13.0765 SynTP (a63401d180863a2cefce51798542ae5f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2010/10/09 21:26:13.0984 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/09 21:26:14.0171 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/09 21:26:14.0406 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/09 21:26:14.0593 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/09 21:26:14.0812 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/09 21:26:14.0968 tifm21 (0edc3cf7b38f4260eb006c38e4a44de4) C:\WINDOWS\system32\drivers\tifm21.sys
2010/10/09 21:26:15.0140 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/10/09 21:26:15.0296 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
2010/10/09 21:26:15.0531 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/09 21:26:15.0703 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/10/09 21:26:15.0828 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/09 21:26:15.0937 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/09 21:26:16.0140 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/09 21:26:16.0359 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/10/09 21:26:16.0578 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/09 21:26:16.0796 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/10/09 21:26:17.0000 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/10/09 21:26:17.0093 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/10/09 21:26:17.0296 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/10/09 21:26:17.0515 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/09 21:26:18.0796 vsdatant (27b3dd12a19eec50220df15b64913dda) C:\WINDOWS\system32\vsdatant.sys
2010/10/09 21:26:19.0093 w39n51 (73395a19fc86461a151d3c330604e8b3) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2010/10/09 21:26:19.0390 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/09 21:26:19.0593 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2010/10/09 21:26:20.0046 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/09 21:26:20.0156 winachsf (e0a00b06ea067c84e124b407dffa1af1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/10/09 21:26:20.0406 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2010/10/09 21:26:20.0500 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/10/09 21:26:20.0703 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/10/09 21:26:20.0921 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/10/09 21:26:21.0109 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/10/09 21:26:21.0312 ================================================================================
2010/10/09 21:26:21.0312 Scan finished
2010/10/09 21:26:21.0312 ================================================================================
 
Firefox still won't connect and I still can't update AVG when running in Normal mode. The same situation for Malewarebytes.

However, when I updated Malewarebyte's virus definitions file in Safe Mode it worked.Haven't tried Firefox or AVG in safe mode yet.
 
Firefox and IE works! Uninstalling AVG seems to have done the trick!

Was the program itself corrupted in some way?

Should I use Avira or Avast instead of AVG now?
 
I was looking through the AVG remover log file and noticed that AVG was not removed completely. Is there something I can do ensure it is completely removed?
 
Unfortunately, that's one of the reasons, I don't recommend AVG anymore. Causing all kind of problems.

Yes, get Avast, or Avira instead.
We'll take care of AVG leftovers in our next step.
Make sure, you install new AV program first.

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Here is the first part of the OTL.txt log:

OTL logfile created on: 10/10/2010 9:51:05 AM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 446.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 44.62 Gb Total Space | 17.67 Gb Free Space | 39.61% Space Free | Partition Type: FAT32
Drive D: | 44.62 Gb Total Space | 31.06 Gb Free Space | 69.61% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DHRUV
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/10/10 09:49:36 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
PRC - [2010/10/10 01:31:56 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/09/07 08:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 08:12:00 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/03/14 21:58:28 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/07/17 17:12:24 | 000,161,064 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/07/17 17:12:04 | 000,177,448 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/04/23 02:08:14 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/04/13 16:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/21 10:38:54 | 000,225,280 | ---- | M] (Logitech) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/12/15 19:13:38 | 000,344,064 | ---- | M] (Acer Incorporated) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2005/12/06 17:11:24 | 000,458,752 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2005/12/02 15:43:02 | 000,114,784 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
PRC - [2005/12/02 15:43:00 | 000,254,050 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
PRC - [2005/12/02 15:42:42 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
PRC - [2005/12/02 15:42:28 | 001,077,376 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
PRC - [2005/12/02 15:42:28 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2005/12/02 14:30:42 | 000,618,557 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2005/11/29 14:45:06 | 000,438,272 | ---- | M] (Acer) -- C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
PRC - [2005/11/28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005/11/28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/11/28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005/11/16 17:00:50 | 000,397,312 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
PRC - [2005/11/02 00:11:00 | 000,102,491 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/10/24 16:45:32 | 002,462,208 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admtray.exe
PRC - [2005/10/24 16:40:52 | 001,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe
PRC - [2005/10/19 09:30:16 | 000,069,632 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2005/08/12 14:43:58 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/04/07 16:26:10 | 001,421,336 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2004/11/01 17:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe


========== Modules (SafeList) ==========

MOD - [2010/10/10 09:49:36 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
MOD - [2008/04/13 16:11:56 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008/04/13 16:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2005/12/05 16:00:10 | 000,053,248 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll
MOD - [2005/12/02 14:31:56 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2005/11/02 00:11:00 | 000,069,723 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
MOD - [2005/10/11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2005/08/24 01:24:00 | 000,010,752 | ---- | M] () -- C:\WINDOWS\system32\MSNChatHook.dll
MOD - [2003/03/18 21:12:12 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71u.dll
MOD - [2003/03/18 20:44:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71ENU.DLL
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/07 08:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 08:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 08:12:00 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/07/17 17:12:24 | 000,161,064 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2006/01/05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [On_Demand | Stopped] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)
SRV - [2005/12/02 15:43:02 | 000,114,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/12/02 15:43:00 | 000,254,050 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/12/02 15:42:28 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/11/28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2005/11/28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2005/11/28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2005/10/24 16:40:52 | 001,314,816 | ---- | M] (Avocent Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\admServ.exe -- (AWService)
SRV - [2005/04/07 16:26:10 | 001,421,336 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\user\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/10 01:31:56 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/09/07 07:52:26 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 07:52:04 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 07:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 07:47:20 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/07 07:47:08 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/07 07:46:52 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/03/14 21:59:32 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/03/14 21:59:32 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/03/10 08:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/04/13 10:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 10:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 08:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005/12/20 19:28:40 | 001,098,880 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv321av.sys -- (lv321av) Logitech USB PC Camera (VC0321)
DRV - [2005/12/20 19:27:30 | 000,039,424 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/12/02 14:01:28 | 000,328,141 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005/12/02 13:59:20 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2005/12/02 13:57:48 | 000,854,826 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2005/12/02 13:54:56 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2005/12/02 13:54:14 | 000,065,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/12/02 13:51:28 | 000,148,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2005/12/01 07:49:20 | 001,412,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/26 16:36:08 | 001,427,968 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005/11/17 00:45:40 | 004,069,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/11/08 00:12:18 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/11/08 00:11:34 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/11/08 00:11:30 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/11/02 00:11:00 | 000,191,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/10/15 18:20:44 | 000,012,106 | ---- | M] (OSA Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys -- (OsaFsLoc)
DRV - [2005/09/13 15:34:40 | 000,004,392 | ---- | M] (OSA Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NdisFilt.sys -- (NdisFilt)
DRV - [2005/07/24 23:15:06 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2005/06/30 16:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005/06/22 18:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/05/02 12:13:42 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETMNT.sys -- (NETMNT)
DRV - [2005/04/22 16:57:06 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2005/04/22 16:57:06 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2005/04/07 16:23:50 | 000,299,083 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/04/05 01:38:32 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/02/08 10:27:00 | 000,005,185 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/01/26 06:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2005/01/14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2005/01/13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004/12/17 01:14:44 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004/12/09 14:54:12 | 000,046,592 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/08/04 05:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 05:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/04 05:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/04 05:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/04 05:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/04 05:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 05:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 05:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 05:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/04 05:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 05:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 05:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/04 05:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/04 05:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 05:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2003/07/24 18:55:50 | 000,139,604 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
2nd part of OTL log:

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-US.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial"

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/02/13 08:56:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008/07/23 21:05:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008/07/23 21:05:28 | 000,000,000 | ---D | M]

[2008/07/23 21:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2008/07/23 22:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\hpsty84n.default\extensions
[2008/07/23 22:44:28 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\hpsty84n.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2008/07/23 21:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rv5cym92.default\extensions
[2010/09/25 22:20:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rv5cym92.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/07/23 21:05:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/07 22:16:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/10/08 23:34:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ADMTray.exe] C:\Acer\Empowering Technology\admtray.exe (Avocent Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated)
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe (Acer)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe (Acer)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/24 23:15:48 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 90 Days ==========

[2010/10/10 09:49:38 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2010/10/10 09:47:15 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/10/10 09:47:14 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/10/10 09:47:14 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/10/10 09:47:13 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/10/10 09:47:12 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/10/10 09:47:12 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/10/10 09:47:12 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/10/10 09:47:02 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/10/10 09:47:02 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/10/10 09:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/10 09:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/10/10 00:49:24 | 000,718,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\user\Desktop\avgremover.exe
[2010/10/09 21:25:08 | 001,325,656 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Desktop\TDSSKiller.exe
[2010/10/09 17:31:57 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Desktop\mbam-setup-1.46.exe
[2010/10/09 17:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/10/09 17:24:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/08 23:11:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/08 23:11:07 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/08 23:11:07 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/08 23:11:07 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/08 23:11:03 | 000,000,000 | ---D | C] -- C:\broni
[2010/10/07 19:38:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/07 19:38:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/07 19:21:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/09/30 22:21:30 | 000,000,000 | ---D | C] -- C:\FOUND.004
[2010/09/30 06:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2010/09/30 06:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/09/30 06:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2010/09/28 16:33:00 | 000,000,000 | ---D | C] -- C:\FOUND.003
[2010/09/25 13:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Downloaded Installations
[2010/09/25 13:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/09/25 13:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2010/09/25 13:15:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/09/25 13:15:40 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/08/12 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/12 22:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/12 22:55:48 | 000,000,000 | ---D | C] -- C:\FOUND.002
[2010/08/11 21:20:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/08/07 22:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/18 10:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/18 10:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
3rd part of OTL log:

========== Files/Folders - Created Within 90 Days ==========

[2010/10/10 09:49:38 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2010/10/10 09:47:15 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/10/10 09:47:14 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/10/10 09:47:14 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/10/10 09:47:13 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/10/10 09:47:12 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/10/10 09:47:12 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/10/10 09:47:12 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/10/10 09:47:02 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/10/10 09:47:02 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/10/10 09:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/10 09:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/10/10 00:49:24 | 000,718,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\user\Desktop\avgremover.exe
[2010/10/09 21:25:08 | 001,325,656 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Desktop\TDSSKiller.exe
[2010/10/09 17:31:57 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Desktop\mbam-setup-1.46.exe
[2010/10/09 17:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/10/09 17:24:30 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/08 23:11:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/08 23:11:07 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/08 23:11:07 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/08 23:11:07 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/08 23:11:03 | 000,000,000 | ---D | C] -- C:\broni
[2010/10/07 19:38:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/07 19:38:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/07 19:21:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/09/30 22:21:30 | 000,000,000 | ---D | C] -- C:\FOUND.004
[2010/09/30 06:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2010/09/30 06:30:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/09/30 06:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2010/09/28 16:33:00 | 000,000,000 | ---D | C] -- C:\FOUND.003
[2010/09/25 13:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Downloaded Installations
[2010/09/25 13:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/09/25 13:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2010/09/25 13:15:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/09/25 13:15:40 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/08/12 22:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/12 22:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/12 22:55:48 | 000,000,000 | ---D | C] -- C:\FOUND.002
[2010/08/11 21:20:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/08/07 22:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/18 10:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/18 10:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/10 09:49:36 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2010/10/10 09:47:16 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/10/10 09:47:14 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/10/10 01:01:40 | 000,000,684 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/10/10 01:01:22 | 000,000,503 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2010/10/10 01:00:56 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/10/10 01:00:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/10 01:00:14 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3780724069-2906875367-3881392313-1005.job
[2010/10/10 00:59:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/10/10 00:59:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/10 00:59:08 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/10 00:58:30 | 005,767,168 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/10/10 00:58:10 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/10/10 00:57:48 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/10/10 00:44:50 | 000,718,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\user\Desktop\avgremover.exe
[2010/10/10 00:42:24 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/09 21:18:38 | 001,211,285 | ---- | M] () -- C:\Documents and Settings\user\Desktop\tdsskiller.zip
[2010/10/09 17:32:50 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/09 17:32:50 | 000,000,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/09 17:28:06 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/10/09 17:24:34 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/10/09 17:21:12 | 003,876,407 | R--- | M] () -- C:\Documents and Settings\user\Desktop\broni.exe
[2010/10/09 17:16:50 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Desktop\mbam-setup-1.46.exe
[2010/10/09 17:13:44 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MBRCheck.exe
[2010/10/09 17:13:24 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\user\Desktop\lxbxc4pz.exe
[2010/10/07 19:17:14 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\user\Desktop\rkill.exe
[2010/10/07 19:16:58 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\user\Desktop\rkill.scr
[2010/10/07 19:16:36 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\user\Desktop\rkill.com
[2010/10/07 19:14:38 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\user\Desktop\exeHelper.com
[2010/10/04 09:08:00 | 001,325,656 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Desktop\TDSSKiller.exe
[2010/10/03 17:55:04 | 000,164,041 | ---- | M] () -- C:\Documents and Settings\user\Desktop\A_Fast_Scheduling_Algorithm_Considering_Buffer_Occupancy_and_Channel_....pdf
[2010/10/03 17:30:22 | 000,245,001 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Overview of Scheduling Algorithms.pdf
[2010/09/26 22:01:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3780724069-2906875367-3881392313-1005.job
[2010/09/25 22:11:02 | 000,345,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/25 22:00:50 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/25 13:36:52 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/25 13:18:40 | 000,001,771 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2010/09/07 08:12:18 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 08:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 07:52:26 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 07:52:04 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 07:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 07:47:20 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 07:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 07:47:08 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 07:46:52 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/08/23 22:53:28 | 003,987,201 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Master's Project Papers.rar
[2010/08/23 22:45:08 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Papers.doc
[2010/08/23 22:06:04 | 000,828,095 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Congestion-Based Pricing Resource Management in Broadband Wireless Networks.pdf
[2010/08/15 17:36:16 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\user\Desktop\~$Papers.doc
[2010/07/31 13:10:40 | 000,443,254 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/31 13:10:40 | 000,385,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/07/31 13:10:40 | 000,054,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/07/26 22:24:24 | 000,007,258 | ---- | M] () -- C:\Documents and Settings\user\My Documents\AudioCD 1.cdm
[2010/07/25 17:21:48 | 000,409,830 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Data Throughput of CDMA-HDR a High Efficiency-High Data Rate Personal Communication Wireless System.pdf
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/10 09:47:15 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/10/09 21:25:02 | 001,211,285 | ---- | C] () -- C:\Documents and Settings\user\Desktop\tdsskiller.zip
[2010/10/09 17:42:56 | 1071,763,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/09 17:32:48 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/10/09 17:32:03 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\user\Desktop\lxbxc4pz.exe
[2010/10/09 17:32:03 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MBRCheck.exe
[2010/10/09 17:24:32 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/10/09 17:24:30 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/08 23:11:07 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/08 23:11:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/08 23:11:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/08 23:11:07 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/08 23:11:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/08 23:02:59 | 003,876,407 | R--- | C] () -- C:\Documents and Settings\user\Desktop\broni.exe
[2010/10/07 19:20:44 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\user\Desktop\rkill.scr
[2010/10/07 19:20:40 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\user\Desktop\rkill.exe
[2010/10/07 19:20:37 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\user\Desktop\rkill.com
[2010/10/07 19:20:33 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\user\Desktop\exeHelper.com
[2010/10/03 17:55:11 | 000,164,041 | ---- | C] () -- C:\Documents and Settings\user\Desktop\A_Fast_Scheduling_Algorithm_Considering_Buffer_Occupancy_and_Channel_....pdf
[2010/10/03 17:30:21 | 000,245,001 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Overview of Scheduling Algorithms.pdf
[2010/09/30 05:03:19 | 007,706,423 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Final_Report[1].docx
[2010/09/30 05:03:18 | 002,976,977 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Replica Placement in CDN.pptx
[2010/09/30 04:59:23 | 001,629,124 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MS_Project_Report.docx
[2010/09/25 13:18:38 | 000,001,771 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2010/08/23 22:53:24 | 003,987,201 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Master's Project Papers.rar
[2010/08/23 22:06:03 | 000,828,095 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Congestion-Based Pricing Resource Management in Broadband Wireless Networks.pdf
[2010/08/15 17:36:14 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\user\Desktop\~$Papers.doc
[2010/08/08 15:27:19 | 000,028,672 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Papers.doc
[2010/07/26 22:24:23 | 000,007,258 | ---- | C] () -- C:\Documents and Settings\user\My Documents\AudioCD 1.cdm
[2010/07/25 17:21:46 | 000,409,830 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Data Throughput of CDMA-HDR a High Efficiency-High Data Rate Personal Communication Wireless System.pdf
[2010/01/09 13:13:54 | 000,126,464 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/11/16 22:25:17 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/07/01 23:46:33 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/05/10 22:18:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Isdbg.ini
[2008/09/28 18:17:18 | 000,029,752 | ---- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2008/09/28 18:16:46 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/07/23 21:35:26 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/23 21:31:58 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/07/23 21:31:58 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/07/23 21:22:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/16 09:32:32 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2008/07/16 09:26:18 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2008/07/16 09:26:15 | 000,013,227 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/16 09:22:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NT.INI
[2008/07/16 09:17:13 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2008/07/16 09:17:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SC_res.dll
[2008/07/16 09:17:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\EN_res.dll
[2008/07/16 09:17:13 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\TC_res.dll
[2008/07/16 09:17:13 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\MSNChatHook.dll
[2008/07/16 09:16:26 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
[2008/07/16 09:10:56 | 000,002,772 | ---- | C] () -- C:\WINDOWS\AntiV.INI
[2008/06/10 17:07:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/12/21 10:45:56 | 002,400,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2005/12/21 10:45:56 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/12/14 20:59:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005/12/02 14:14:56 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/10/31 03:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/10/25 23:59:46 | 000,037,774 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/07/25 00:48:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/25 00:05:28 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/07/24 23:16:14 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005/07/24 23:15:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005/07/24 23:15:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005/07/24 23:15:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005/07/24 23:15:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005/05/02 12:13:42 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\NETMNT.sys
[2005/03/28 00:45:26 | 000,000,091 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/12/17 01:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/13 03:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/12/29 20:45:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ServiceControl.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
 
4th part of OTL:

========== LOP Check ==========

[2008/07/16 09:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer
[2008/07/24 21:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/07/24 21:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/11 15:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/01/09 12:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
[2010/02/13 08:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2010/02/13 08:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/09/25 13:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/10/10 09:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/07/16 09:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Acer
[2008/07/24 21:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\acccore
[2008/10/03 17:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FrostWire
[2009/01/26 18:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Design Science
[2009/05/16 12:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\uTorrent
[2010/01/09 12:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/10/10 00:59:08 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2009/02/07 17:34:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/10/09 17:24:34 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2005/07/24 22:42:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005/07/24 23:15:48 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/07/24 22:42:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/07/24 22:42:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2005/07/25 01:11:14 | 000,000,076 | RHS- | M] () -- C:\Preload.aaa
[2010/10/08 23:09:26 | 000,000,390 | ---- | M] () -- C:\rkill.log
[2010/10/09 17:29:08 | 000,013,595 | ---- | M] () -- C:\ComboFix.txt
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/10/10 00:59:08 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys
[2008/07/16 09:15:34 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/10/09 21:45:58 | 000,055,204 | ---- | M] () -- C:\TDSSKiller.2.4.4.0_09.10.2010_21.25.21_log.txt
[2009/06/18 21:31:50 | 000,000,899 | -H-- | M] () -- C:\IPH.PH
[2008/07/26 13:28:38 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005/07/24 22:42:10 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2005/12/14 20:56:06 | 000,187,392 | ---- | M] () -- C:\WINDOWS\Acer.scr
[2010/09/07 08:12:18 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/07/24 22:33:16 | 000,901,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2005/07/24 22:33:16 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/07/24 22:33:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/02/07 17:40:46 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2008/07/16 09:16:52 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/01/09 12:35:36 | 010,112,919 | ---- | M] () -- C:\Documents and Settings\user\Desktop\free-dvd-ripper-setup.exe
[2010/10/09 17:21:12 | 003,876,407 | R--- | M] () -- C:\Documents and Settings\user\Desktop\broni.exe
[2010/01/24 10:26:16 | 010,417,688 | ---- | M] () -- C:\Documents and Settings\user\Desktop\VeohWebPlayerSetup_eng.exe
[2010/01/16 11:17:18 | 014,566,424 | ---- | M] () -- C:\Documents and Settings\user\Desktop\vlc-0.9.4-win32.exe
[2010/01/20 20:18:16 | 012,951,423 | ---- | M] (Dennis Meuwissen ) -- C:\Documents and Settings\user\Desktop\dvdflick_setup_1.3.0.7.exe
[2008/07/23 21:31:16 | 000,642,540 | ---- | M] (Xvid team ) -- C:\Documents and Settings\user\Desktop\Xvid-1.1.3-27042008.exe
[2010/10/07 19:17:14 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\user\Desktop\rkill.exe
[2010/01/20 20:20:02 | 000,149,815 | ---- | M] () -- C:\Documents and Settings\user\Desktop\XviD-Dec.exe
[2010/01/24 10:32:48 | 003,782,822 | ---- | M] (DownloadHelper ) -- C:\Documents and Settings\user\Desktop\ConvertHelperSetup.exe
[2010/01/29 23:12:06 | 001,146,696 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\user\Desktop\wlsetup-custom.exe
[2010/10/09 17:13:24 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\user\Desktop\lxbxc4pz.exe
[2010/05/14 20:32:18 | 033,524,019 | ---- | M] (R Development Core Team ) -- C:\Documents and Settings\user\Desktop\R-2.11.0-win32.exe
[2010/10/10 09:49:36 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2008/07/26 14:13:56 | 004,535,224 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Shockwave_Installer_Slim.exe
[2010/10/09 17:16:50 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Desktop\mbam-setup-1.46.exe
[2010/10/09 17:13:44 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MBRCheck.exe
[2010/10/04 09:08:00 | 001,325,656 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Desktop\TDSSKiller.exe
[2010/10/10 00:44:50 | 000,718,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\user\Desktop\avgremover.exe
[2009/01/26 18:50:18 | 005,357,360 | ---- | M] (Design Science, Inc.) -- C:\Documents and Settings\user\Desktop\MathType6.exe
[2009/07/01 17:55:58 | 008,087,396 | ---- | M] () -- C:\Documents and Settings\user\Desktop\CVPN4.6.03.0021.exe
[2009/09/23 20:13:56 | 000,288,560 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\user\Desktop\utorrent.exe
[2009/10/11 21:48:06 | 009,011,367 | ---- | M] (FrostWire, LLC) -- C:\Documents and Settings\user\Desktop\frostwire-4.18.3.windows.exe
[2009/11/22 18:39:32 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\user\Desktop\HJTInstall.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2008/01/16 22:08:34 | 000,942,213 | ---- | M] () -- C:\Documents and Settings\user\My Documents\140engc5.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 05:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/07/16 09:16:52 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\user\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/06/22 22:13:18 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\user\Cookies\desktop.ini
[2010/10/10 09:47:34 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\user\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2005/11/30 16:12:22 | 000,552,960 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2004/08/04 01:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 01:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 01:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm
[2008/04/13 16:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2008/04/13 09:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 16:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2008/05/02 06:01:50 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[1998/12/24 17:15:38 | 000,345,983 | ---- | M] () -- C:\WINDOWS\system\RCDsetup.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >
 
Here is the 1st part of the Extras log:

OTL Extras logfile created on: 10/10/2010 9:51:05 AM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\user\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 446.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 44.62 Gb Total Space | 17.67 Gb Free Space | 39.61% Space Free | Partition Type: FAT32
Drive D: | 44.62 Gb Total Space | 31.06 Gb Free Space | 69.61% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DHRUV
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:mad:xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:mad:xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:mad:xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:mad:xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" = C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:*:Disabled:CLI Application (Command Line Interface) -- (ATI Technologies Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Documents and Settings\USER\Application Data\Macromedia\Flash Player\" = C:\Documents and Settings\USER\Application Data\Macromedia\Flash Player\:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" = C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE:*:Enabled:SUPERAntiSpyware Free Edition -- (SUPERAntiSpyware.com)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware -- (Malwarebytes Corporation)
"C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE" = C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE:*:Enabled:SUPERAntiSpyware Alternate Start -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15B70821-7893-4607-805A-BB80F3EA8279}" = Acer Empowering Technology framework
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25F31730-1B6C-4E8E-A3B9-818DC0CD961D}" = Seagate Manager Installer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5EFDFC8B-D438-4792-A298-E87AA9ADA816}" = Acer eDataSecurity Management
"{642FCF93-54AE-4F75-A2E2-124DE3756C59}" = ATI Catalyst Control Center
"{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}" = Acer eLock Management
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76AC1AEB-1167-4ABC-8861-4E58392A5B7F}" = Acer OrbiCam Software
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}" = Acer Screensaver
"{DEE08946-40F0-4890-853E-60A6C3306041}" = Acer ePerformance Management
"{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder
"{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}" = Acer eSettings Management
"{E431C518-2EE2-471E-9234-BE995C36D513}" = Acer eDataSecurity Management 1.00.23
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC CIR HID V5.3.2600.2
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF6F491D-BC82-4DCC-A72F-1824957C6466}" = TIxx21
"AcerOrbiCamDrv" = Acer OrbiCam Driver
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.1.0 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"AskSBar Uninstall" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_AcrS1025" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DSMT6" = MathType 6
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ePresentation" = Acer ePresentation Management
"FrostWire" = FrostWire 4.18.3
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield for Microsoft Visual C++ 6" = InstallShield for Microsoft Visual C++ 6
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15B70821-7893-4607-805A-BB80F3EA8279}" = Acer Empowering Technology framework
"InstallShield_{25F31730-1B6C-4E8E-A3B9-818DC0CD961D}" = Seagate Manager Installer
"InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"InstallShield_{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}" = Acer eLock Management
"InstallShield_{DEE08946-40F0-4890-853E-60A6C3306041}" = Acer ePerformance Management
"InstallShield_{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}" = Acer eSettings Management
"InstallShield_{FF6F491D-BC82-4DCC-A72F-1824957C6466}" = Texas Instruments PCIxx21/x515 drivers.
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel(R) PROSet/Wireless Software
"R for Windows 2.11.0_is1" = R for Windows 2.11.0
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Visual C++ 6.0 Professional Edition" = Microsoft Visual C++ 6.0 Professional Edition
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent
 
2nd part of Extras:

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/7/2010 8:38:59 AM | Computer Name = DHRUV | Source = WmiAdapter | ID = 4099
Description = Open of service failed.

Error - 10/7/2010 8:39:39 AM | Computer Name = DHRUV | Source = WmiAdapter | ID = 4099
Description = Open of service failed.

Error - 10/7/2010 9:01:04 AM | Computer Name = DHRUV | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

Error - 10/7/2010 9:50:33 AM | Computer Name = DHRUV | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 9.0.0.855, faulting module
avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

Error - 10/7/2010 9:53:53 AM | Computer Name = DHRUV | Source = Application Error | ID = 1004
Description = Faulting application avgnsx.exe, version 9.0.0.855, faulting module
avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

Error - 10/7/2010 10:32:59 PM | Computer Name = DHRUV | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 9.0.0.855, faulting module
avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

Error - 10/7/2010 10:33:07 PM | Computer Name = DHRUV | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

Error - 10/7/2010 10:35:54 PM | Computer Name = DHRUV | Source = Application Error | ID = 1004
Description = Faulting application avgnsx.exe, version 9.0.0.855, faulting module
avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

Error - 10/7/2010 10:36:15 PM | Computer Name = DHRUV | Source = Application Error | ID = 1004
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

Error - 10/9/2010 2:35:08 AM | Computer Name = DHRUV | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 9.0.0.855, faulting module
avgxpl.dll, version 9.0.0.845, fault address 0x00046274.

[ System Events ]
Error - 10/9/2010 8:43:35 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 10/9/2010 9:20:42 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 10/9/2010 9:22:08 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 10/9/2010 9:22:42 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 10/9/2010 9:23:13 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 10/9/2010 9:24:23 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 10/9/2010 9:24:52 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avg9wd service.

Error - 10/9/2010 9:37:56 PM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 10/10/2010 3:59:25 AM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 10/10/2010 4:32:08 AM | Computer Name = DHRUV | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%183


< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/02/13 08:56:54 | 000,000,000 | ---D | M]
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found
[2010/10/10 00:49:24 | 000,718,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\user\Desktop\avgremover.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] 
[2009/06/11 15:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/02/13 08:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/07/24 21:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint


:Services

:Reg


:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

=========================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Status
Not open for further replies.

Similar threads

B
Windows 11 not connecting remotely to server
Replies
0
Views
456
blakhatter
B
AnilD
Instagram is not loading on any desktop browser - here's a fix
Replies
0
Views
2K
AnilD
AnilD
Daniel Sims
Google Chrome now targets ads based on your browser history, here's how to turn that off
Replies
10
Views
653
trieste1s
T

Latest posts

Back