TechSpot

Gen:Variant.Kazy.894 ( highjackthis included)

By Michigan313
Nov 2, 2010
  1. hi can someone help me..thru bit defender add on on firefox it shows this C:\Windows\system32\syncstream.dll(Gen:Variant.Kazy.894)as a virus however i cannot find the dll to remove it...thank you in advance for any help.I have ran malware bytes spybot and norton complete scans and it found no poblems at all

    [HJT log removed - Broni]
     
  2. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
     
  3. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    hi thank you for your response here are the logs.

    GMER 1.0.15.15477 - http://www.gmer.net
    Rootkit scan 2010-11-03 01:03:32
    Windows 6.0.6002 Service Pack 2
    Running: tu5i59ng.exe; Driver: C:\Users\jonathan\AppData\Local\Temp\fwlyrkow.sys


    ---- System - GMER 1.0.15 ----

    SSDT 87D50118 ZwAlertResumeThread
    SSDT 87D18120 ZwAlertThread
    SSDT 87CD87E0 ZwAllocateVirtualMemory
    SSDT 872BA3C8 ZwAlpcConnectPort
    SSDT 87C86068 ZwAssignProcessToJobObject
    SSDT 87DEBCF8 ZwCreateMutant
    SSDT 87CE1FC0 ZwCreateSymbolicLinkObject
    SSDT 87CD8D20 ZwCreateThread
    SSDT 87C85B08 ZwDebugActiveProcess
    SSDT 87CD8978 ZwDuplicateObject
    SSDT 87CD80C0 ZwFreeVirtualMemory
    SSDT 87670B98 ZwImpersonateAnonymousToken
    SSDT 87D77108 ZwImpersonateThread
    SSDT 872A92B8 ZwLoadDriver
    SSDT 87CD9F28 ZwMapViewOfSection
    SSDT 8758F068 ZwOpenEvent
    SSDT 87CD8BD8 ZwOpenProcess
    SSDT 8766C118 ZwOpenProcessToken
    SSDT 87C07370 ZwOpenSection
    SSDT 87CD8AC8 ZwOpenThread
    SSDT 87DEB3F0 ZwProtectVirtualMemory
    SSDT 87CF1110 ZwResumeThread
    SSDT 8766A118 ZwSetContextThread
    SSDT 87CDAFC0 ZwSetInformationProcess
    SSDT 87C85068 ZwSetSystemInformation
    SSDT 87BE2120 ZwSuspendProcess
    SSDT 87C27110 ZwSuspendThread
    SSDT 87666110 ZwTerminateProcess
    SSDT 87C11110 ZwTerminateThread
    SSDT 8759D2B0 ZwUnmapViewOfSection
    SSDT 87CD8450 ZwWriteVirtualMemory
    SSDT 87DEB0B0 ZwCreateThreadEx

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!KeSetEvent + 11D 81CFB880 8 Bytes [18, 01, D5, 87, 20, 81, D1, ...]
    .text ntkrnlpa.exe!KeSetEvent + 131 81CFB894 4 Bytes [E0, 87, CD, 87] {LOOPNZ 0xffffffffffffff89; INT 0x87}
    .text ntkrnlpa.exe!KeSetEvent + 13D 81CFB8A0 4 Bytes [C8, A3, 2B, 87] {ENTER 0x2ba3, 0x87}
    .text ntkrnlpa.exe!KeSetEvent + 191 81CFB8F4 4 Bytes [68, 60, C8, 87]
    .text ntkrnlpa.exe!KeSetEvent + 1F5 81CFB958 4 Bytes [F8, BC, DE, 87]
    .text ...

    ---- EOF - GMER 1.0.15 ----

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4841

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18975

    11/2/2010 11:41:23 PM
    mbam-log-2010-11-02 (23-41-23).txt

    Scan type: Quick scan
    Objects scanned: 136586
    Time elapsed: 6 minute(s), 24 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    DDS (Ver_10-11-01.01) - NTFSx86
    Run by jonathan at 0:55:51.71 on Wed 11/03/2010
    Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3002.1612 [GMT -4:00]

    SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\SMINST\BLService.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Users\jonathan\Downloads\tu5i59ng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\jonathan\Downloads\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.yahoo.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\norton security suite\engine\4.3.0.5\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\norton security suite\engine\4.3.0.5\IPSBHO.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\norton security suite\engine\4.3.0.5\coIEPlg.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
    uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
    mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    StartupFolder: c:\users\jonathan\appdata\roaming\micros~1\windows\startm~1\programs\startup\comcas~1.lnk - c:\program files\comcast universal caller id\Comcast Universal Caller ID.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    Notify: igfxcui - igfxdev.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\
    FF - prefs.js: browser.startup.homepage - yahoo.com
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
    FF - component: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\FFExternalAlert.dll
    FF - component: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\RadioWMPCore.dll
    FF - component: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npkimi.dll
    FF - plugin: c:\users\jonathan\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
    FF - plugin: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

    ============= SERVICES / DRIVERS ===============

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-10-13 64288]
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-10-28 328752]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-10-28 173104]
    R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20101029.001\BHDrvx86.sys [2010-11-2 692272]
    R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-10-28 501888]
    R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20101029.001\IDSvix86.sys [2010-10-19 353840]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-10-28 116784]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys [2010-10-28 339504]
    R2 N360;Norton Security Suite;c:\program files\norton security suite\norton security suite\engine\4.3.0.5\ccsvchst.exe [2010-10-28 126392]
    R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2008-10-23 365952]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-10-15 1153368]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-10-16 102448]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1357464]
    S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-10-23 193840]
    S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    =============== Created Last 30 ================

    2010-11-03 00:35:44 -------- d-----w- C:\$RECYCLE.BIN
    2010-11-03 00:31:53 -------- d-----w- c:\users\jonathan\appdata\local\temp
    2010-11-03 00:22:05 98816 ----a-w- c:\windows\sed.exe
    2010-11-03 00:22:05 86528 ----a-w- c:\windows\MBR.exe
    2010-11-03 00:22:05 256512 ----a-w- c:\windows\PEV.exe
    2010-11-03 00:22:05 161792 ----a-w- c:\windows\SWREG.exe
    2010-11-03 00:21:36 -------- d-----w- C:\ComboFix
    2010-11-02 22:38:12 -------- d-----w- C:\VundoFix Backups
    2010-10-28 21:04:56 43696 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtspx.sys
    2010-10-28 21:04:56 339504 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys
    2010-10-28 21:04:56 328752 ----a-r- c:\windows\system32\drivers\n360\0403000.005\symds.sys
    2010-10-28 21:04:56 325680 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtsp.sys
    2010-10-28 21:04:56 173104 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symefa.sys
    2010-10-28 21:04:56 116784 ----a-w- c:\windows\system32\drivers\n360\0403000.005\ironx86.sys
    2010-10-28 21:04:55 501888 ----a-w- c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys
    2010-10-28 21:04:31 -------- d-----w- c:\windows\system32\drivers\n360\0403000.005
    2010-10-27 21:06:55 -------- d-----w- c:\progra~2\QAJHFUQDXG
    2010-10-27 20:00:52 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-10-27 19:55:49 -------- d-----w- c:\users\jonathan\appdata\local\Apple
    2010-10-27 19:39:26 -------- d-----w- c:\program files\common files\scanner
    2010-10-27 19:39:14 -------- d-----w- c:\program files\CA
    2010-10-27 19:35:15 2048 ----a-w- c:\windows\system32\winrsmgr.dll
    2010-10-27 19:28:56 -------- d-----w- c:\windows\system32\x64
    2010-10-27 19:22:54 -------- d-----w- c:\users\jonathan\appdata\local\Immunet
    2010-10-27 19:22:53 -------- d-----w- c:\progra~2\Immunet
    2010-10-27 19:22:46 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
    2010-10-27 19:19:59 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
    2010-10-27 19:17:59 521216 ----a-w- c:\program files\internet explorer\jsdbgui.dll
    2010-10-26 17:32:18 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-10-26 17:32:18 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-10-26 17:32:17 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-10-23 20:19:17 -------- d-----w- c:\program files\Paint.NET
    2010-10-23 20:18:33 -------- d-----w- c:\users\jonathan\appdata\local\Paint.NET
    2010-10-21 05:29:07 -------- d-----w- c:\progra~2\EXIHFUQDXG
    2010-10-20 13:53:47 -------- d-----w- c:\users\jonathan\appdata\local\CrashDumps
    2010-10-19 06:23:06 -------- d-----w- c:\progra~2\BVIHFUQDXG
    2010-10-19 06:18:13 -------- d-----w- c:\program files\Ali Baba Buddy Pogo
    2010-10-17 21:36:46 -------- d-----w- c:\progra~2\AHIHFUQDXG
    2010-10-17 21:32:16 -------- d-----w- c:\program files\Stackem Buddy Pogo
    2010-10-16 03:32:32 107368 ----a-r- c:\windows\system32\GEARAspi.dll
    2010-10-16 03:32:31 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
    2010-10-16 03:32:28 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2010-10-16 03:32:12 -------- d-----w- c:\program files\Symantec
    2010-10-16 03:32:12 -------- d-----w- c:\program files\common files\Symantec Shared
    2010-10-16 03:31:23 -------- d-----w- c:\program files\NortonInstaller
    2010-10-16 03:09:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2010-10-16 03:09:25 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
    2010-10-15 23:43:43 -------- d-----w- c:\users\jonathan\appdata\roaming\Malwarebytes
    2010-10-15 23:43:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-15 23:43:25 -------- d-----w- c:\progra~2\Malwarebytes
    2010-10-15 23:43:24 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-15 23:43:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-10-15 23:23:38 -------- d-----w- c:\program files\Trend Micro
    2010-10-15 23:14:28 -------- d-----w- c:\windows\system32\drivers\N360
    2010-10-15 23:11:29 -------- d-----w- c:\users\jonathan\LimeWire
    2010-10-15 23:08:58 482304 --sh--w- c:\windows\system32\syncstream.dll
    2010-10-15 22:45:45 -------- d-----w- c:\progra~2\Fugazo
    2010-10-15 22:19:15 -------- d-----w- c:\users\jonathan\appdata\roaming\WildTangent
    2010-10-15 14:53:14 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{4105df84-183c-44fa-badc-e90aa047714d}\mpengine.dll
    2010-10-15 03:57:31 -------- d-----w- c:\progra~2\URIHFUQDXG
    2010-10-15 03:57:29 -------- d-----w- c:\program files\BadgeHelp
    2010-10-14 20:30:32 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-10-14 20:30:32 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
    2010-10-14 20:30:17 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2010-10-14 20:30:17 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-10-14 20:30:16 304128 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-10-14 20:30:16 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-10-14 20:30:16 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-10-14 20:30:08 274944 ----a-w- c:\windows\system32\schannel.dll
    2010-10-14 20:30:04 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
    2010-10-14 20:30:04 1316864 ----a-w- c:\windows\system32\ole32.dll
    2010-10-14 20:30:01 157184 ----a-w- c:\windows\system32\t2embed.dll
    2010-10-14 20:29:59 954752 ----a-w- c:\windows\system32\mfc40.dll
    2010-10-14 20:29:59 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2010-10-14 20:29:56 2038272 ----a-w- c:\windows\system32\win32k.sys
    2010-10-14 20:29:54 231424 ----a-w- c:\windows\system32\msshsq.dll
    2010-10-14 20:29:52 867328 ----a-w- c:\windows\system32\wmpmde.dll
    2010-10-14 20:29:49 531968 ----a-w- c:\windows\system32\comctl32.dll
    2010-10-14 04:11:54 -------- d-----w- c:\users\jonathan\appdata\roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
    2010-10-14 04:11:37 -------- d-----w- c:\program files\Comcast Universal Caller ID
    2010-10-14 04:11:07 -------- d-----w- c:\users\jonathan\appdata\local\Adobe
    2010-10-13 23:11:19 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-10-13 23:02:27 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-10-13 23:02:25 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-10-12 03:40:44 65536 ----a-w- c:\program files\mozilla firefox\plugins\npkimi.dll
    2010-10-12 03:40:43 -------- d-----w- c:\program files\Imikimi
    2010-10-11 23:53:07 -------- d-----w- c:\users\jonathan\appdata\roaming\QuickScan
    2010-10-11 22:30:17 -------- d-----w- c:\program files\common files\eSellerate
    2010-10-11 22:30:17 -------- d-----w- c:\progra~2\eSellerate
    2010-10-10 20:05:31 -------- d-----w- c:\program files\Windows Portable Devices
    2010-10-10 20:00:45 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2010-10-10 20:00:44 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2010-10-10 20:00:44 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2010-10-10 19:58:24 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
    2010-10-10 19:58:24 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
    2010-10-10 19:58:23 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
    2010-10-10 19:58:22 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
    2010-10-10 19:58:22 134144 ----a-w- c:\program files\windows portable devices\sqmapi.dll
    2010-10-10 19:58:21 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
    2010-10-10 19:58:21 546816 ----a-w- c:\windows\system32\wpd_ci.dll
    2010-10-10 19:58:21 350208 ----a-w- c:\windows\system32\WPDSp.dll
    2010-10-10 19:58:21 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
    2010-10-10 19:58:21 2537472 ----a-w- c:\windows\system32\wpdshext.dll
    2010-10-10 19:58:21 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
    2010-10-10 19:58:21 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
    2010-10-10 19:58:21 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
    2010-10-10 19:56:36 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2010-10-10 19:56:36 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2010-10-10 19:56:36 234496 ----a-w- c:\windows\system32\oleacc.dll
    2010-10-09 00:15:20 -------- d-----w- c:\windows\system32\vi-VN
    2010-10-09 00:15:20 -------- d-----w- c:\windows\system32\eu-ES
    2010-10-09 00:15:20 -------- d-----w- c:\windows\system32\ca-ES
    2010-10-08 23:56:01 -------- d-----w- c:\windows\system32\EventProviders
    2010-10-08 01:21:27 -------- d-----w- c:\users\jonathan\appdata\local\Yahoo!
    2010-10-07 22:19:58 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-10-07 22:19:58 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2010-10-07 22:19:58 297808 ----a-w- c:\windows\system32\mscoree.dll
    2010-10-07 22:19:58 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-10-07 22:19:57 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2010-10-07 22:12:29 -------- d-----w- c:\users\jonathan\appdata\local\LogiShrd
    2010-10-07 22:09:53 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
    2010-10-07 22:09:53 539160 ----a-w- c:\windows\system32\LVUI2.dll
    2010-10-07 22:09:53 34068 ----a-w- c:\windows\system32\Repository.reg
    2010-10-07 22:09:53 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
    2010-10-07 22:09:52 416280 ----a-w- c:\windows\system32\LVCodec2.dll
    2010-10-07 22:09:52 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
    2010-10-07 22:09:52 199192 ----a-w- c:\windows\system32\lvci1201278.dll
    2010-10-07 22:09:52 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
    2010-10-07 21:59:08 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
    2010-10-07 21:59:05 3408896 ----a-w- c:\windows\system32\SLsvc.exe
    2010-10-07 21:59:05 1081344 ----a-w- c:\windows\system32\SLCExt.dll
    2010-10-07 21:59:04 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
    2010-10-07 21:59:03 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
    2010-10-07 21:59:02 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
    2010-10-07 21:59:01 1480704 ----a-w- c:\windows\system32\mssrch.dll
    2010-10-07 21:57:59 90112 ----a-w- c:\windows\system32\wbem\WmiApRpl.dll
    2010-10-07 21:45:26 377344 ----a-w- c:\windows\system32\winhttp.dll
    2010-10-07 21:45:19 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2010-10-07 21:45:19 30720 ----a-w- c:\windows\system32\httpapi.dll
    2010-10-07 21:45:19 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2010-10-07 21:45:10 739328 ----a-w- c:\windows\system32\inetcomm.dll
    2010-10-06 23:33:10 -------- d-----w- c:\windows\pss
    2010-10-06 19:44:22 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-10-06 19:44:22 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-10-06 19:43:22 67072 ----a-w- c:\windows\system32\asycfilt.dll
    2010-10-06 19:43:11 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-10-06 19:43:10 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2010-10-06 19:43:00 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2010-10-06 19:43:00 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2010-10-06 19:43:00 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-10-06 19:42:51 60928 ----a-w- c:\windows\system32\msasn1.dll
    2010-10-06 19:42:25 1248768 ----a-w- c:\windows\system32\msxml3.dll
    2010-10-06 19:42:17 243712 ----a-w- c:\windows\system32\rastls.dll
    2010-10-06 19:42:04 81920 ----a-w- c:\windows\system32\iccvid.dll
    2010-10-06 19:41:49 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
    2010-10-06 19:41:49 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
    2010-10-06 19:41:49 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
    2010-10-06 19:41:48 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
    2010-10-06 19:41:16 62464 ----a-w- c:\windows\system32\l3codeca.acm
    2010-10-06 19:41:16 220672 ----a-w- c:\windows\system32\l3codecp.acm
    2010-10-06 19:41:05 1616384 ----a-w- c:\program files\windows mail\msoe.dll
    2010-10-06 19:40:56 714240 ----a-w- c:\windows\system32\timedate.cpl
    2010-10-06 19:40:39 53248 ----a-w- c:\windows\system32\tsgqec.dll
    2010-10-06 19:40:39 2066432 ----a-w- c:\windows\system32\mstscax.dll
    2010-10-06 19:40:39 136192 ----a-w- c:\windows\system32\aaclient.dll
    2010-10-06 19:40:30 71680 ----a-w- c:\windows\system32\atl.dll
    2010-10-06 19:38:08 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
    2010-10-06 19:38:08 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
    2010-10-06 19:38:08 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
    2010-10-06 19:38:08 19968 ----a-w- c:\windows\system32\ARP.EXE
    2010-10-06 19:38:08 17920 ----a-w- c:\windows\system32\ROUTE.EXE
    2010-10-06 19:38:08 11264 ----a-w- c:\windows\system32\MRINFO.EXE
    2010-10-06 19:38:08 105984 ----a-w- c:\windows\system32\netiohlp.dll
    2010-10-06 19:38:08 10240 ----a-w- c:\windows\system32\finger.exe
    2010-10-06 19:37:41 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
    2010-10-06 19:37:31 36864 ----a-w- c:\windows\system32\rtutils.dll
    2010-10-06 19:37:20 218624 ----a-w- c:\windows\system32\msv1_0.dll
    2010-10-06 19:36:39 502272 ----a-w- c:\windows\system32\usp10.dll
    2010-10-06 19:36:31 355328 ----a-w- c:\windows\system32\WSDApi.dll
    2010-10-06 19:36:22 160256 ----a-w- c:\windows\system32\wkssvc.dll
    2010-10-06 19:36:08 98816 ----a-w- c:\windows\system32\mfps.dll
    2010-10-06 19:36:08 53248 ----a-w- c:\windows\system32\rrinstaller.exe
    2010-10-06 19:36:08 2868224 ----a-w- c:\windows\system32\mf.dll
    2010-10-06 19:36:08 24576 ----a-w- c:\windows\system32\mfpmp.exe
    2010-10-06 19:36:08 2048 ----a-w- c:\windows\system32\mferror.dll
    2010-10-06 19:35:12 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-10-06 19:34:55 72704 ----a-w- c:\windows\system32\fontsub.dll
    2010-10-06 19:34:55 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-10-06 19:34:55 289792 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-06 19:34:55 23552 ----a-w- c:\windows\system32\lpk.dll
    2010-10-06 19:34:55 10240 ----a-w- c:\windows\system32\dciman32.dll
    2010-10-06 19:34:22 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
    2010-10-06 19:22:35 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
    2010-10-06 19:21:34 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
    2010-10-06 19:21:33 310784 ----a-w- c:\windows\system32\unregmp2.exe
    2010-10-06 19:21:30 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
    2010-10-06 19:21:16 221568 ------w- c:\windows\system32\MpSigStub.exe
    2010-10-06 19:21:13 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
    2010-10-06 19:21:10 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
    2010-10-06 19:21:08 7680 ----a-w- c:\windows\system32\spwmp.dll
    2010-10-06 19:21:08 4096 ----a-w- c:\windows\system32\msdxm.ocx
    2010-10-06 19:21:08 4096 ----a-w- c:\windows\system32\dxmasf.dll
    2010-10-06 19:09:59 -------- d-----w- c:\program files\MSXML 4.0
    2010-10-06 19:04:54 172032 ----a-w- c:\windows\system32\wintrust.dll
    2010-10-06 19:04:53 98304 ----a-w- c:\windows\system32\cabview.dll

    ==================== Find3M ====================

    2010-10-03 18:23:02 505392 ----a-w- c:\windows\system32\msvcp71.dll
    2010-10-03 18:23:02 353840 ----a-w- c:\windows\system32\msvcr71.dll
    2010-10-03 18:23:02 1053232 ----a-w- c:\windows\system32\MFC71u.dll
    2010-10-03 18:23:01 1066544 ----a-w- c:\windows\system32\MFC71.dll
    2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
    2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-08-26 16:33:06 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
    2010-08-26 16:33:04 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
    2010-08-26 16:33:04 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2010-08-26 16:33:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
    2010-08-25 23:46:02 8198680 ----a-w- c:\windows\system32\TVWSetup.exe
    2010-08-25 23:45:48 948760 ----a-w- c:\windows\system32\igxpun.exe
    2010-08-25 23:45:44 136216 ----a-w- c:\windows\system32\igfxtray.exe
    2010-08-25 23:45:42 266776 ----a-w- c:\windows\system32\igfxsrvc.exe
    2010-08-25 23:45:40 170520 ----a-w- c:\windows\system32\igfxpers.exe
    2010-08-25 23:45:38 179224 ----a-w- c:\windows\system32\igfxext.exe
    2010-08-25 23:45:36 171032 ----a-w- c:\windows\system32\hkcmd.exe
    2010-08-25 23:45:32 3156504 ----a-w- c:\windows\system32\GfxUI.exe
    2010-08-25 23:39:46 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll
    2010-08-25 23:31:30 4967424 ----a-w- c:\windows\system32\igdumd32.dll
    2010-08-25 23:30:02 439308 ----a-w- c:\windows\system32\igcompkrng500.bin
    2010-08-25 23:30:00 982240 ----a-w- c:\windows\system32\igkrng500.bin
    2010-08-25 23:30:00 92356 ----a-w- c:\windows\system32\igfcg500m.bin
    2010-08-25 23:28:22 571904 ----a-w- c:\windows\system32\igdumdx32.dll
    2010-08-25 23:23:14 4411904 ----a-w- c:\windows\system32\igd10umd32.dll
    2010-08-25 23:09:34 11040256 ----a-w- c:\windows\system32\ig4icd32.dll
    2010-08-25 23:00:00 23552 ----a-w- c:\windows\system32\igfxexps.dll
    2010-08-25 23:00:00 194560 ----a-w- c:\windows\system32\igfxpph.dll
    2010-08-25 22:59:58 261632 ----a-w- c:\windows\system32\igfxTMM.dll
    2010-08-25 22:59:58 115200 ----a-w- c:\windows\system32\igfxcpl.cpl
    2010-08-25 22:59:42 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
    2010-08-25 22:59:24 130048 ----a-w- c:\windows\system32\igfxdo.dll
    2010-08-25 22:59:16 94720 ----a-w- c:\windows\system32\hccutils.dll
    2010-08-25 22:59:10 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
    2010-08-25 22:59:08 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
    2010-08-25 22:59:06 85504 ----a-w- c:\windows\system32\igfxrenu.lrc
    2010-08-25 22:59:06 828928 ----a-w- c:\windows\system32\igfxress.dll
    2010-08-25 22:59:06 228864 ----a-w- c:\windows\system32\igfxdev.dll
    2010-08-25 22:52:00 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
    2010-08-25 22:52:00 208896 ----a-w- c:\windows\system32\iglhsip32.dll
    2010-08-25 22:52:00 143360 ----a-w- c:\windows\system32\iglhcp32.dll
    2010-08-17 14:11:37 128000 ----a-w- c:\windows\system32\spoolsv.exe

    ============= FINISH: 1:04:20.84 ===============

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-11-01.01)

    Microsoft® Windows Vista™ Home Basic
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/3/2010 2:09:43 PM
    System Uptime: 11/2/2010 11:46:57 PM (2 hours ago)

    Motherboard: Wistron | | 3612
    Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | CPU | 2166/667mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 223 GiB total, 159.177 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 1.731 GiB free.
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Description: Synaptics PS/2 Port TouchPad
    Device ID: ACPI\SYN0158\4&3533A443&0
    Manufacturer: Synaptics
    Name: Synaptics PS/2 Port TouchPad
    PNP Device ID: ACPI\SYN0158\4&3533A443&0
    Service: i8042prt

    ==== System Restore Points ===================


    ==== Installed Programs ======================

    Acrobat.com
    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Ad-Aware
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9
    Adobe Shockwave Player
    Atheros Driver Installation Program
    Build in Time
    Build It - Miami Beach Resort
    CCleaner
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Comcast Universal Caller ID
    Compatibility Pack for the 2007 Office system
    Conexant HD Audio
    Cooking Academy
    Cooking Academy 2 - World Cuisine
    CyberLink DVD Suite
    ESU for Microsoft Vista
    HDAUDIO Soft Data Fax Modem with SmartCP
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Doc Viewer
    HP DVD Play 3.7
    HP Games
    HP Help and Support
    HP Quick Launch Buttons 6.40 H2
    HP Update
    HP User Guides 0118
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    HPNetworkAssistant
    HPTCSSetup
    Imikimi Plugin
    IMVU Avatar Chat Software
    Intel(R) Graphics Media Accelerator Driver
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 7
    Logitech Vid HD
    Logitech Webcam Software
    Logitech Webcam Software Driver Package
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Works
    Mozilla Firefox (3.6.12)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Norton Security Suite
    Paint.NET v3.5.5
    Power2Go
    PowerDirector
    Realtek 8169 8168 8101E 8102E Ethernet Driver
    runtime
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Spybot - Search & Destroy
    Synaptics Pointing Device Driver
    The Weather Channel Desktop 6
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Office 2007 (KB934528)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Messenger
    Yahoo! Software Update

    ==== End Of File ===========================
     
  4. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    All looks fine, so far.

    Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    Enter N to exit.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.

    =====================================================================

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Make sure, you re-enable your security programs, when you're done with Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
  5. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows Vista Home Basic Edition
    Windows Information: Service Pack 2 (build 6002), 32-bit
    Base Board Manufacturer: Wistron
    BIOS Manufacturer: Hewlett-Packard
    System Manufacturer: Hewlett-Packard
    System Product Name: Compaq Presario CQ60 Notebook PC
    Logical Drives Mask: 0x0000001c

    Kernel Drivers (total 209):
    0x81C33000 \SystemRoot\system32\ntkrnlpa.exe
    0x81C00000 \SystemRoot\system32\hal.dll
    0x8040E000 \SystemRoot\system32\kdcom.dll
    0x80415000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x80485000 \SystemRoot\system32\PSHED.dll
    0x80496000 \SystemRoot\system32\BOOTVID.dll
    0x8049E000 \SystemRoot\system32\CLFS.SYS
    0x804DF000 \SystemRoot\system32\CI.dll
    0x8060C000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x80688000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x80695000 \SystemRoot\system32\drivers\acpi.sys
    0x806DB000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x806E4000 \SystemRoot\system32\drivers\msisadrv.sys
    0x806EC000 \SystemRoot\system32\drivers\pci.sys
    0x80713000 \SystemRoot\system32\drivers\isapnp.sys
    0x80722000 \SystemRoot\system32\drivers\mpio.sys
    0x8073E000 \SystemRoot\System32\drivers\partmgr.sys
    0x8074D000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x80750000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x8075A000 \SystemRoot\system32\drivers\volmgr.sys
    0x80769000 \SystemRoot\System32\drivers\volmgrx.sys
    0x807B3000 \SystemRoot\system32\drivers\intelide.sys
    0x807BA000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x807C8000 \SystemRoot\system32\drivers\aliide.sys
    0x807CF000 \SystemRoot\system32\drivers\amdide.sys
    0x807D6000 \SystemRoot\system32\drivers\cmdide.sys
    0x807DE000 \SystemRoot\System32\drivers\mountmgr.sys
    0x805BF000 \SystemRoot\system32\drivers\msdsm.sys
    0x805D9000 \SystemRoot\system32\drivers\nvraid.sys
    0x82202000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x82223000 \SystemRoot\system32\drivers\pciide.sys
    0x8222A000 \SystemRoot\system32\drivers\viaide.sys
    0x82232000 \SystemRoot\system32\drivers\iastorv.sys
    0x822D3000 \SystemRoot\system32\drivers\atapi.sys
    0x822DB000 \SystemRoot\system32\drivers\ataport.SYS
    0x822F9000 \SystemRoot\system32\drivers\lsi_scsi.sys
    0x82313000 \SystemRoot\system32\drivers\storport.sys
    0x82354000 \SystemRoot\system32\drivers\msahci.sys
    0x8235E000 \SystemRoot\system32\drivers\hpcisss.sys
    0x82369000 \SystemRoot\system32\drivers\adp94xx.sys
    0x8A202000 \SystemRoot\system32\drivers\adpahci.sys
    0x8A24E000 \SystemRoot\system32\drivers\adpu160m.sys
    0x8A269000 \SystemRoot\system32\drivers\SCSIPORT.SYS
    0x8A28F000 \SystemRoot\system32\drivers\adpu320.sys
    0x8A2B5000 \SystemRoot\system32\drivers\djsvs.sys
    0x8A2C9000 \SystemRoot\system32\drivers\arc.sys
    0x8A2DF000 \SystemRoot\system32\drivers\arcsas.sys
    0x8A2F5000 \SystemRoot\system32\drivers\elxstor.sys
    0x8A389000 \SystemRoot\system32\drivers\i2omp.sys
    0x8A393000 \SystemRoot\system32\drivers\iirsp.sys
    0x8A3A3000 \SystemRoot\system32\drivers\iteatapi.sys
    0x8A3AF000 \SystemRoot\system32\drivers\iteraid.sys
    0x8A3BB000 \SystemRoot\system32\drivers\lsi_fc.sys
    0x8A3D5000 \SystemRoot\system32\drivers\lsi_sas.sys
    0x8A3ED000 \SystemRoot\system32\drivers\megasas.sys
    0x8A40D000 \SystemRoot\system32\drivers\megasr.sys
    0x8A4C4000 \SystemRoot\system32\drivers\mraid35x.sys
    0x8A4CF000 \SystemRoot\system32\drivers\nfrd960.sys
    0x8A4DD000 \SystemRoot\system32\drivers\nvstor.sys
    0x8A60C000 \SystemRoot\system32\drivers\ql2300.sys
    0x8A744000 \SystemRoot\system32\drivers\ql40xx.sys
    0x8A799000 \SystemRoot\system32\drivers\sisraid2.sys
    0x8A7A6000 \SystemRoot\system32\drivers\sisraid4.sys
    0x8A7BB000 \SystemRoot\system32\drivers\symc8xx.sys
    0x8A7C7000 \SystemRoot\system32\drivers\sym_hi.sys
    0x8A7D2000 \SystemRoot\system32\drivers\sym_u3.sys
    0x8A4EA000 \SystemRoot\system32\drivers\uliahci.sys
    0x8A7DD000 \SystemRoot\system32\drivers\ulsata.sys
    0x8A526000 \SystemRoot\system32\drivers\ulsata2.sys
    0x8A552000 \SystemRoot\system32\drivers\vsmraid.sys
    0x8A573000 \SystemRoot\system32\drivers\fltmgr.sys
    0x8A5A5000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
    0x823D3000 \SystemRoot\system32\drivers\fileinfo.sys
    0x823E3000 \SystemRoot\system32\DRIVERS\Lbd.sys
    0x8A802000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
    0x8A82F000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x8A8A0000 \SystemRoot\system32\drivers\ndis.sys
    0x8A9AB000 \SystemRoot\system32\drivers\msrpc.sys
    0x8AA06000 \SystemRoot\system32\drivers\NETIO.SYS
    0x8AA41000 \SystemRoot\System32\drivers\tcpip.sys
    0x8AB2B000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x8AC0C000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x8AD1C000 \SystemRoot\system32\drivers\wd.sys
    0x8AD24000 \SystemRoot\system32\drivers\volsnap.sys
    0x8AD5D000 \SystemRoot\System32\Drivers\spldr.sys
    0x8AD65000 \SystemRoot\system32\drivers\sbp2port.sys
    0x8AD7A000 \SystemRoot\System32\Drivers\mup.sys
    0x8AD89000 \SystemRoot\System32\drivers\ecache.sys
    0x8ADB0000 \SystemRoot\system32\drivers\disk.sys
    0x8ADC1000 \SystemRoot\system32\drivers\crcdisk.sys
    0x8ADEC000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x8ADF7000 \SystemRoot\system32\DRIVERS\tunmp.sys
    0x8AB46000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x8AC00000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x8EE09000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
    0x8F726000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x8F7C7000 \SystemRoot\System32\drivers\watchdog.sys
    0x8F7D3000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x8AB55000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x8F7DE000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x8FA01000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x8FA8E000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
    0x8FAB4000 \SystemRoot\system32\DRIVERS\athr.sys
    0x8FBD4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x8FBE7000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
    0x8FBEC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x8AB93000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x8FBF7000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x8F7ED000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x8FBF9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x8ABC3000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x8F7F8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x8FC0C000 \SystemRoot\system32\DRIVERS\msiscsi.sys
    0x8FC3B000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8FC46000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x8FC5D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x8FC68000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x8FC8B000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8FC9A000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8FCAE000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x8FCC3000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x8FCD3000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x8FCD5000 \SystemRoot\system32\DRIVERS\ks.sys
    0x8FCFF000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x8FD09000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x8FD16000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x8FD4B000 \SystemRoot\system32\drivers\CHDRT32.sys
    0x8FD86000 \SystemRoot\system32\drivers\portcls.sys
    0x8FDB3000 \SystemRoot\system32\drivers\drmk.sys
    0x90403000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
    0x90441000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
    0x90544000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
    0x8FDD8000 \SystemRoot\system32\drivers\modem.sys
    0x8ABDB000 \SystemRoot\system32\drivers\IntcHdmi.sys
    0x8FDE5000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x8FDF6000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x8A9D6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x905F9000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x8FC00000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x8EE00000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0x8A9E6000 \SystemRoot\System32\Drivers\Null.SYS
    0x8A9ED000 \SystemRoot\System32\Drivers\Beep.SYS
    0x8A9F4000 \SystemRoot\System32\drivers\vga.sys
    0x9060B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x9062C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x90634000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x9063C000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x90647000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x90655000 \SystemRoot\System32\DRIVERS\rasacd.sys
    0x9065E000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x90674000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
    0x906CD000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
    0x906F2000 \SystemRoot\system32\DRIVERS\smb.sys
    0x90706000 \SystemRoot\system32\drivers\afd.sys
    0x9074E000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x90780000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x90796000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x907A4000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x907B7000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
    0x907D6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x91203000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
    0x91492000 \SystemRoot\system32\DRIVERS\lv302af.sys
    0x91494000 \SystemRoot\system32\drivers\usbaudio.sys
    0x914A6000 \SystemRoot\system32\DRIVERS\lvrs.sys
    0x914E6000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
    0x914F0000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x9152C000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x91536000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys
    0x91591000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    0x91E0D000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    0x91E2A000 \SystemRoot\System32\Drivers\dfsc.sys
    0x91E41000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
    0x91EC0000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
    0x91F6C000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x91F79000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x91F84000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x9A8D0000 \SystemRoot\System32\win32k.sys
    0x91F8E000 \SystemRoot\System32\drivers\Dxapi.sys
    0x91F98000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x9AAF0000 \SystemRoot\System32\TSDDD.dll
    0x9AB10000 \SystemRoot\System32\cdd.dll
    0x9AB20000 \SystemRoot\System32\ATMFD.DLL
    0x91FA7000 \SystemRoot\system32\drivers\luafv.sys
    0xABA06000 \SystemRoot\system32\drivers\spsys.sys
    0xABAB6000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0xABAC6000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0xABAF0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xABAFA000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0xABB0D000 \SystemRoot\system32\drivers\HTTP.sys
    0xABB7A000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0xABB97000 \SystemRoot\system32\DRIVERS\bowser.sys
    0xABBB0000 \SystemRoot\System32\drivers\mpsdrv.sys
    0xABBC5000 \SystemRoot\system32\drivers\mrxdav.sys
    0x91FC2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xADC08000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0xADC41000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0xADC59000 \SystemRoot\System32\DRIVERS\srv2.sys
    0xADC81000 \SystemRoot\System32\DRIVERS\srv.sys
    0xADCE7000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
    0xADCEB000 \SystemRoot\system32\drivers\peauth.sys
    0xADDC9000 \SystemRoot\System32\Drivers\secdrv.SYS
    0xADDD3000 \SystemRoot\System32\drivers\tcpipreg.sys
    0xADDDF000 \SystemRoot\system32\DRIVERS\xaudio.sys
    0xADDE7000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
    0xADCCF000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0xADDEC000 \??\C:\Users\jonathan\AppData\Local\Temp\mbr.sys
    0xADDF2000 \??\C:\Users\jonathan\AppData\Local\Temp\catchme.sys
    0xADDFA000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
    0x77860000 \Windows\System32\ntdll.dll

    Processes (total 56):
    0 System Idle Process
    4 System
    424 C:\Windows\System32\smss.exe
    520 csrss.exe
    564 C:\Windows\System32\wininit.exe
    572 csrss.exe
    608 C:\Windows\System32\services.exe
    644 C:\Windows\System32\lsass.exe
    652 C:\Windows\System32\lsm.exe
    720 C:\Windows\System32\winlogon.exe
    832 C:\Windows\System32\svchost.exe
    892 C:\Windows\System32\svchost.exe
    1016 C:\Windows\System32\svchost.exe
    1088 C:\Windows\System32\svchost.exe
    1112 C:\Windows\System32\svchost.exe
    1176 C:\Windows\System32\audiodg.exe
    1200 C:\Windows\System32\svchost.exe
    1220 C:\Windows\System32\SLsvc.exe
    1252 C:\Windows\System32\svchost.exe
    1468 C:\Windows\System32\svchost.exe
    1608 C:\Windows\System32\wlanext.exe
    1764 C:\Windows\System32\spoolsv.exe
    1788 C:\Windows\System32\svchost.exe
    496 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
    2020 C:\Windows\System32\svchost.exe
    328 C:\Program Files\SMINST\BLService.exe
    2060 C:\Program Files\CyberLink\Shared files\RichVideo.exe
    2124 C:\Windows\System32\svchost.exe
    2224 C:\Windows\System32\svchost.exe
    2252 C:\Windows\System32\SearchIndexer.exe
    2392 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    2464 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    2624 C:\Windows\System32\dwm.exe
    2656 C:\Windows\System32\taskeng.exe
    2948 C:\Windows\System32\taskeng.exe
    3292 WmiPrvSE.exe
    3472 dllhost.exe
    3548 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    3560 C:\Program Files\HP\QuickPlay\QPService.exe
    3764 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
    3900 C:\Windows\System32\igfxsrvc.exe
    2052 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    3356 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    3380 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    3556 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    1096 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    3276 C:\Windows\System32\hkcmd.exe
    2888 C:\Windows\System32\igfxpers.exe
    3676 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    3828 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    2484 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    3480 taskeng.exe
    964 C:\Windows\explorer.exe
    1056 C:\Windows\System32\notepad.exe
    3124 C:\Program Files\Mozilla Firefox\firefox.exe
    172 C:\Users\jonathan\Desktop\MBRCheck.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`a2900000 (NTFS)

    PhysicalDrive0 Model Number: ST9250320AS, Rev: HP07

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Unknown MBR code
    SHA1: E6CCDBFD8F5B3DAA80CE1AA64C67955A606A347D


    Found non-standard or infected MBR.
    Enter 'Y' and hit ENTER for more options, or 'N' to exit:

    Done!


    ComboFix 10-11-02.03 - jonathan 11/03/2010 1:49.3.2 - x86
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3002.2030 [GMT -4:00]
    Running from: c:\users\jonathan\Desktop\ComboFix.exe
    SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((( Files Created from 2010-10-03 to 2010-11-03 )))))))))))))))))))))))))))))))
    .

    2010-11-03 05:57 . 2010-11-03 05:58 -------- d-----w- c:\users\jonathan\AppData\Local\temp
    2010-11-03 05:57 . 2010-11-03 05:57 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Roaming\Tific
    2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Local\Symantec
    2010-11-02 22:38 . 2010-11-02 22:38 -------- d-----w- C:\VundoFix Backups
    2010-10-31 20:22 . 2010-10-31 20:22 -------- d-----w- c:\users\jonathan\AppData\Roaming\CyberLink
    2010-10-31 20:22 . 2010-10-31 20:22 -------- d-----w- c:\users\Public\CyberLink
    2010-10-27 21:06 . 2010-10-27 21:11 -------- d-----w- c:\programdata\QAJHFUQDXG
    2010-10-27 20:00 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-10-27 19:55 . 2010-10-27 19:55 -------- d-----w- c:\users\jonathan\AppData\Local\Apple
    2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\Common Files\scanner
    2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\CA
    2010-10-27 19:35 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
    2010-10-27 19:28 . 2010-10-27 19:28 -------- d-----w- c:\windows\system32\x64
    2010-10-27 19:22 . 2010-10-27 19:26 -------- d-----w- c:\users\jonathan\AppData\Local\Immunet
    2010-10-27 19:22 . 2010-10-27 19:37 -------- d-----w- c:\programdata\Immunet
    2010-10-27 19:22 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2010-10-27 19:19 . 2010-09-08 06:02 638232 ----a-w- c:\program files\Internet Explorer\iexplore.exe
    2010-10-27 19:17 . 2009-03-08 11:35 233984 ----a-w- c:\program files\Internet Explorer\jsprofilerui.dll
    2010-10-26 17:32 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-10-26 17:32 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-10-26 17:32 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-10-23 20:19 . 2010-10-23 20:20 -------- d-----w- c:\program files\Paint.NET
    2010-10-23 20:18 . 2010-10-24 17:35 -------- d-----w- c:\users\jonathan\AppData\Local\Paint.NET
    2010-10-21 05:29 . 2010-10-21 05:29 -------- d-----w- c:\programdata\EXIHFUQDXG
    2010-10-20 13:53 . 2010-11-03 03:54 -------- d-----w- c:\users\jonathan\AppData\Local\CrashDumps
    2010-10-19 06:23 . 2010-10-19 06:52 -------- d-----w- c:\programdata\BVIHFUQDXG
    2010-10-19 06:18 . 2010-10-19 06:54 -------- d-----w- c:\program files\Ali Baba Buddy Pogo
    2010-10-17 21:36 . 2010-10-17 21:38 -------- d-----w- c:\programdata\AHIHFUQDXG
    2010-10-17 21:32 . 2010-10-19 06:54 -------- d-----w- c:\program files\Stackem Buddy Pogo
    2010-10-16 03:32 . 2008-04-17 21:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
    2010-10-16 03:32 . 2009-05-18 22:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
    2010-10-16 03:32 . 2010-10-16 03:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2010-10-16 03:32 . 2010-10-16 16:08 -------- d-----w- c:\program files\Common Files\Symantec Shared
    2010-10-16 03:32 . 2010-10-16 03:32 -------- d-----w- c:\program files\Symantec
    2010-10-16 03:31 . 2010-10-16 03:31 -------- d-----w- c:\program files\NortonInstaller
    2010-10-16 03:09 . 2010-11-02 23:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2010-10-16 03:09 . 2010-10-16 03:12 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\users\jonathan\AppData\Roaming\Malwarebytes
    2010-10-15 23:43 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\programdata\Malwarebytes
    2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-10-15 23:43 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-15 23:23 . 2010-10-15 23:23 -------- d-----w- c:\program files\Trend Micro
    2010-10-15 23:14 . 2010-10-29 15:03 -------- d-----w- c:\windows\system32\drivers\N360
    2010-10-15 23:11 . 2010-10-15 23:11 -------- d-----w- c:\users\jonathan\LimeWire
    2010-10-15 23:08 . 2010-10-15 23:08 482304 --sh--w- c:\windows\system32\syncstream.dll
    2010-10-15 22:45 . 2010-10-15 23:01 -------- d-----w- c:\programdata\Fugazo
    2010-10-15 22:19 . 2010-10-15 22:19 -------- d-----w- c:\users\jonathan\AppData\Roaming\WildTangent
    2010-10-15 14:53 . 2010-09-16 17:24 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4105DF84-183C-44FA-BADC-E90AA047714D}\mpengine.dll
    2010-10-15 03:57 . 2010-10-15 06:13 -------- d-----w- c:\programdata\URIHFUQDXG
    2010-10-15 03:57 . 2010-10-27 21:07 -------- d-----w- c:\program files\BadgeHelp
    2010-10-14 21:34 . 2010-10-14 21:34 -------- d-----w- c:\users\jonathan\AppData\Roaming\InstallShield
    2010-10-14 20:30 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-10-14 20:30 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
    2010-10-14 20:30 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2010-10-14 20:30 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-10-14 20:30 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-10-14 20:30 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-10-14 20:30 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-10-14 20:30 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
    2010-10-14 20:30 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
    2010-10-14 20:30 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
    2010-10-14 20:30 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
    2010-10-14 20:29 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
    2010-10-14 20:29 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2010-10-14 20:29 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
    2010-10-14 20:29 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
    2010-10-14 20:29 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
    2010-10-14 20:29 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
    2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
    2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\program files\Comcast Universal Caller ID
    2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Local\Adobe
    2010-10-13 23:11 . 2010-08-12 12:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-10-13 23:02 . 2010-08-12 12:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-10-13 23:02 . 2010-10-27 19:37 -------- dc----w- c:\windows\system32\DRVSTORE
    2010-10-13 23:02 . 2010-10-13 23:02 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-10-12 03:40 . 2007-12-17 17:16 65536 ----a-w- c:\program files\Mozilla Firefox\plugins\npkimi.dll
    2010-10-12 03:40 . 2010-10-12 03:40 -------- d-----w- c:\program files\Imikimi
    2010-10-11 23:53 . 2010-11-03 04:54 -------- d-----w- c:\users\jonathan\AppData\Roaming\QuickScan
    2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\programdata\eSellerate
    2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\program files\Common Files\eSellerate
    2010-10-10 20:05 . 2010-10-10 20:05 -------- d-----w- c:\program files\Windows Portable Devices
    2010-10-10 20:00 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2010-10-10 20:00 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2010-10-10 20:00 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2010-10-10 19:58 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
    2010-10-10 19:58 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
    2010-10-10 19:58 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
    2010-10-10 19:58 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
    2010-10-10 19:58 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
    2010-10-10 19:58 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
    2010-10-10 19:58 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
    2010-10-10 19:58 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
    2010-10-10 19:58 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
    2010-10-10 19:58 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
    2010-10-10 19:58 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
    2010-10-10 19:58 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
    2010-10-10 19:56 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2010-10-10 19:56 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
    2010-10-10 19:56 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\ca-ES
    2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\eu-ES
    2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\vi-VN
    2010-10-08 23:56 . 2010-10-08 23:56 -------- d-----w- c:\windows\system32\EventProviders
    2010-10-08 01:21 . 2010-10-08 01:21 -------- d-----w- c:\users\jonathan\AppData\Local\Yahoo!
    2010-10-07 22:19 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-10-07 22:19 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2010-10-07 22:19 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
    2010-10-07 22:19 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-10-07 22:19 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Local\LogiShrd
    2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Roaming\Leadertech
    2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
    2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2.dll
    2010-10-07 22:09 . 2009-04-30 23:01 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
    2010-10-07 22:09 . 2009-04-30 22:39 34068 ----a-w- c:\windows\system32\Repository.reg
    2010-10-07 22:09 . 2009-10-07 08:43 416280 ----a-w- c:\windows\system32\LVCodec2.dll
    2010-10-07 22:09 . 2009-04-30 22:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
    2010-10-07 22:09 . 2009-04-30 22:55 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
    2010-10-07 22:09 . 2009-04-30 22:55 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
    2010-10-07 22:09 . 2010-10-07 22:22 -------- d-----w- c:\program files\Logitech
    2010-10-07 22:09 . 2010-10-07 22:13 -------- d-----w- c:\programdata\LogiShrd
    2010-10-07 22:09 . 2010-10-07 22:10 -------- d-----w- c:\program files\Common Files\LogiShrd
    2010-10-07 21:59 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-10-03 18:23 . 2008-10-23 06:35 1053232 ----a-w- c:\windows\system32\MFC71u.dll
    2010-10-03 18:23 . 2008-08-06 22:29 353840 ----a-w- c:\windows\system32\msvcr71.dll
    2010-10-03 18:23 . 2008-08-06 22:27 505392 ----a-w- c:\windows\system32\msvcp71.dll
    2010-10-03 18:23 . 2008-10-23 06:35 1066544 ----a-w- c:\windows\system32\MFC71.dll
    2010-09-15 08:50 . 2010-10-03 20:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-26 16:33 . 2010-10-26 17:32 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
    2010-08-26 16:33 . 2010-10-26 17:32 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
    2010-08-26 16:33 . 2010-10-26 17:32 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2010-08-26 16:33 . 2010-10-26 17:32 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
    2010-08-25 23:46 . 2010-08-25 23:46 8198680 ----a-w- c:\windows\system32\TVWSetup.exe
    2010-08-25 23:45 . 2010-10-03 18:17 948760 ----a-w- c:\windows\system32\igxpun.exe
    2010-08-25 23:45 . 2008-07-10 22:27 136216 ----a-w- c:\windows\system32\igfxtray.exe
    2010-08-25 23:45 . 2008-07-10 22:27 266776 ----a-w- c:\windows\system32\igfxsrvc.exe
    2010-08-25 23:45 . 2008-07-10 22:27 170520 ----a-w- c:\windows\system32\igfxpers.exe
    2010-08-25 23:45 . 2010-08-25 23:45 179224 ----a-w- c:\windows\system32\igfxext.exe
    2010-08-25 23:45 . 2008-07-10 22:27 171032 ----a-w- c:\windows\system32\hkcmd.exe
    2010-08-25 23:45 . 2010-08-25 23:45 3156504 ----a-w- c:\windows\system32\GfxUI.exe
    2010-08-25 23:39 . 2010-08-25 23:39 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll
    2010-08-25 23:31 . 2010-08-25 23:31 9024512 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
    2010-08-25 23:31 . 2008-07-06 20:15 4967424 ----a-w- c:\windows\system32\igdumd32.dll
    2010-08-25 23:28 . 2008-07-06 20:10 571904 ----a-w- c:\windows\system32\igdumdx32.dll
    2010-08-25 23:23 . 2010-08-25 23:23 4411904 ----a-w- c:\windows\system32\igd10umd32.dll
    2010-08-25 23:09 . 2010-08-25 23:09 11040256 ----a-w- c:\windows\system32\ig4icd32.dll
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrsky.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrslv.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxresn.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrtrk.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrsve.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrtha.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrrus.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrptg.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrplk.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrptb.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrnor.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrita.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrhun.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrheb.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrkor.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrjpn.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrfra.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrell.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrnld.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrdeu.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrfin.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrcsy.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrdan.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrara.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrcht.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrchs.lrc
    2010-08-25 23:00 . 2010-08-25 23:00 23552 ----a-w- c:\windows\system32\igfxexps.dll
    2010-08-25 23:00 . 2010-08-25 23:00 194560 ----a-w- c:\windows\system32\igfxpph.dll
    2010-08-25 22:59 . 2010-08-25 22:59 115200 ----a-w- c:\windows\system32\igfxcpl.cpl
    2010-08-25 22:59 . 2008-07-06 19:39 261632 ----a-w- c:\windows\system32\igfxTMM.dll
    2010-08-25 22:59 . 2008-07-06 19:38 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
    2010-08-25 22:59 . 2010-08-25 22:59 130048 ----a-w- c:\windows\system32\igfxdo.dll
    2010-08-25 22:59 . 2008-07-06 19:37 94720 ----a-w- c:\windows\system32\hccutils.dll
    2010-08-25 22:59 . 2010-08-25 22:59 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
    2010-08-25 22:59 . 2010-08-25 22:59 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
    2010-08-25 22:59 . 2008-07-06 19:37 228864 ----a-w- c:\windows\system32\igfxdev.dll
    2010-08-25 22:59 . 2008-07-06 19:37 828928 ----a-w- c:\windows\system32\igfxress.dll
    2010-08-25 22:59 . 2008-07-06 19:37 85504 ----a-w- c:\windows\system32\igfxrenu.lrc
    2010-08-25 22:52 . 2010-08-25 22:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
    2010-08-25 22:52 . 2010-08-25 22:52 208896 ----a-w- c:\windows\system32\iglhsip32.dll
    2010-08-25 22:52 . 2010-08-25 22:52 143360 ----a-w- c:\windows\system32\iglhcp32.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
    "DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
    "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

    c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Comcast Universal Caller ID.lnk - c:\program files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe [2010-10-14 74752]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
    path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
    backup=c:\windows\pss\IMVU.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
    path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
    backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
    2008-10-09 14:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
    2008-08-01 23:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 23:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
    2008-06-14 01:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-13 1357464]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys [2010-10-02 692272]
    S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys [2010-10-19 353840]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
    S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
    S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
    S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-13 102448]
    S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-29 112128]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder

    2010-11-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 23:02]

    2010-11-02 c:\windows\Tasks\HPCeeScheduleForjonathan.job
    - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-23 18:34]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.yahoo.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
    FF - ProfilePath - c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\
    FF - prefs.js: browser.startup.homepage - yahoo.com
    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
    FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\FFExternalAlert.dll
    FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\RadioWMPCore.dll
    FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
    FF - plugin: c:\users\jonathan\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
    FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .
    - - - - ORPHANS REMOVED - - - -

    WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
    MSConfigStartUp-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    MSConfigStartUp-{F7B125A3-0E65-446E-AC28-5B63AE7058DA} - c:\users\jonathan\AppData\Local\Temp\{F7B125A3-0E65-446E-AC28-5B63AE7058DA}\7ebd.dll



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-11-03 01:58
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
    "ImagePath"="\"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'Explorer.exe'(964)
    c:\program files\Spybot - Search & Destroy\SDHelper.dll
    c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\BuEng.dll
    c:\windows\System32\EhStorAPI.dll
    .
    Completion time: 2010-11-03 02:01:02
    ComboFix-quarantined-files.txt 2010-11-03 06:00

    Pre-Run: 170,539,663,360 bytes free
    Post-Run: 170,480,705,536 bytes free

    - - End Of File - - A53D03D6DBF94EAD2E456774579CC12B
     
  6. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    We need to fix your MBR.

    Please download NTBR by noahdfear and save it to your Desktop.
    File size: 2.44 MB (2,565,432 bytes)

    • Place a blank CD in your CD drive.
    • Double click on NTBR_CD.exe file and a folder of the same name will appear.
    • Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.
    • Follow the prompts to burn the CD.
    • Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
    • If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.
    • Insert the newly created CD into your infected PC and reboot your computer.
    • Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!
    • Read the warning and then continue as prompted.
    • You first need to select your keyboard layout - press Enter for English.
    • Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK
    • On the following screen enter 5 to select Install Standard MBR code.
    • Enter 1 to overwrite the infected MBR Code with the Standard MBR code.
    • When asked to confirm please do so.
    • Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.
    • Eject the disc and then press ctrl+alt+del to reboot the PC.
    Once rebooted, run MBRCheck again and post its log.
     
  7. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows Vista Home Basic Edition
    Windows Information: Service Pack 2 (build 6002), 32-bit
    Base Board Manufacturer: Wistron
    BIOS Manufacturer: Hewlett-Packard
    System Manufacturer: Hewlett-Packard
    System Product Name: Compaq Presario CQ60 Notebook PC
    Logical Drives Mask: 0x0000001c

    Kernel Drivers (total 209):
    0x81C4A000 \SystemRoot\system32\ntkrnlpa.exe
    0x81C17000 \SystemRoot\system32\hal.dll
    0x80400000 \SystemRoot\system32\kdcom.dll
    0x80407000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x80477000 \SystemRoot\system32\PSHED.dll
    0x80488000 \SystemRoot\system32\BOOTVID.dll
    0x80490000 \SystemRoot\system32\CLFS.SYS
    0x804D1000 \SystemRoot\system32\CI.dll
    0x80600000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x8067C000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x80689000 \SystemRoot\system32\drivers\acpi.sys
    0x806CF000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x806D8000 \SystemRoot\system32\drivers\msisadrv.sys
    0x806E0000 \SystemRoot\system32\drivers\pci.sys
    0x80707000 \SystemRoot\system32\drivers\isapnp.sys
    0x80716000 \SystemRoot\system32\drivers\mpio.sys
    0x80732000 \SystemRoot\System32\drivers\partmgr.sys
    0x80741000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x80744000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x8074E000 \SystemRoot\system32\drivers\volmgr.sys
    0x8075D000 \SystemRoot\System32\drivers\volmgrx.sys
    0x807A7000 \SystemRoot\system32\drivers\intelide.sys
    0x807AE000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x807BC000 \SystemRoot\system32\drivers\aliide.sys
    0x807C3000 \SystemRoot\system32\drivers\amdide.sys
    0x807CA000 \SystemRoot\system32\drivers\cmdide.sys
    0x807D2000 \SystemRoot\System32\drivers\mountmgr.sys
    0x807E2000 \SystemRoot\system32\drivers\msdsm.sys
    0x805B1000 \SystemRoot\system32\drivers\nvraid.sys
    0x805CC000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x805ED000 \SystemRoot\system32\drivers\pciide.sys
    0x805F4000 \SystemRoot\system32\drivers\viaide.sys
    0x82205000 \SystemRoot\system32\drivers\iastorv.sys
    0x822A6000 \SystemRoot\system32\drivers\atapi.sys
    0x822AE000 \SystemRoot\system32\drivers\ataport.SYS
    0x822CC000 \SystemRoot\system32\drivers\lsi_scsi.sys
    0x822E6000 \SystemRoot\system32\drivers\storport.sys
    0x82327000 \SystemRoot\system32\drivers\msahci.sys
    0x82331000 \SystemRoot\system32\drivers\hpcisss.sys
    0x8233C000 \SystemRoot\system32\drivers\adp94xx.sys
    0x823A6000 \SystemRoot\system32\drivers\adpahci.sys
    0x8A200000 \SystemRoot\system32\drivers\adpu160m.sys
    0x8A21B000 \SystemRoot\system32\drivers\SCSIPORT.SYS
    0x8A241000 \SystemRoot\system32\drivers\adpu320.sys
    0x8A267000 \SystemRoot\system32\drivers\djsvs.sys
    0x8A27B000 \SystemRoot\system32\drivers\arc.sys
    0x8A291000 \SystemRoot\system32\drivers\arcsas.sys
    0x8A2A7000 \SystemRoot\system32\drivers\elxstor.sys
    0x8A33B000 \SystemRoot\system32\drivers\i2omp.sys
    0x8A345000 \SystemRoot\system32\drivers\iirsp.sys
    0x8A355000 \SystemRoot\system32\drivers\iteatapi.sys
    0x8A361000 \SystemRoot\system32\drivers\iteraid.sys
    0x8A36D000 \SystemRoot\system32\drivers\lsi_fc.sys
    0x8A387000 \SystemRoot\system32\drivers\lsi_sas.sys
    0x8A39F000 \SystemRoot\system32\drivers\megasas.sys
    0x8A40E000 \SystemRoot\system32\drivers\megasr.sys
    0x8A4C5000 \SystemRoot\system32\drivers\mraid35x.sys
    0x8A4D0000 \SystemRoot\system32\drivers\nfrd960.sys
    0x8A4DE000 \SystemRoot\system32\drivers\nvstor.sys
    0x8A605000 \SystemRoot\system32\drivers\ql2300.sys
    0x8A73D000 \SystemRoot\system32\drivers\ql40xx.sys
    0x8A792000 \SystemRoot\system32\drivers\sisraid2.sys
    0x8A79F000 \SystemRoot\system32\drivers\sisraid4.sys
    0x8A7B4000 \SystemRoot\system32\drivers\symc8xx.sys
    0x8A7C0000 \SystemRoot\system32\drivers\sym_hi.sys
    0x8A7CB000 \SystemRoot\system32\drivers\sym_u3.sys
    0x8A4EB000 \SystemRoot\system32\drivers\uliahci.sys
    0x8A7D6000 \SystemRoot\system32\drivers\ulsata.sys
    0x8A527000 \SystemRoot\system32\drivers\ulsata2.sys
    0x8A553000 \SystemRoot\system32\drivers\vsmraid.sys
    0x8A574000 \SystemRoot\system32\drivers\fltmgr.sys
    0x8A5A6000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
    0x8A3A9000 \SystemRoot\system32\drivers\fileinfo.sys
    0x8A3B9000 \SystemRoot\system32\DRIVERS\Lbd.sys
    0x8A3C8000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
    0x8A80A000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x8A87B000 \SystemRoot\system32\drivers\ndis.sys
    0x8A986000 \SystemRoot\system32\drivers\msrpc.sys
    0x8A9B1000 \SystemRoot\system32\drivers\NETIO.SYS
    0x8AA01000 \SystemRoot\System32\drivers\tcpip.sys
    0x8AAEB000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x8AC06000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x8AD16000 \SystemRoot\system32\drivers\wd.sys
    0x8AD1E000 \SystemRoot\system32\drivers\volsnap.sys
    0x8AD57000 \SystemRoot\System32\Drivers\spldr.sys
    0x8AD5F000 \SystemRoot\system32\drivers\sbp2port.sys
    0x8AD74000 \SystemRoot\System32\Drivers\mup.sys
    0x8AD83000 \SystemRoot\System32\drivers\ecache.sys
    0x8ADAA000 \SystemRoot\system32\drivers\disk.sys
    0x8ADBB000 \SystemRoot\system32\drivers\crcdisk.sys
    0x8ADE6000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x8ADF1000 \SystemRoot\system32\DRIVERS\tunmp.sys
    0x8AB06000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x8AB15000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x8EE0F000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
    0x8F72C000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x8F7CD000 \SystemRoot\System32\drivers\watchdog.sys
    0x8F7D9000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x8AB1E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x8F7E4000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x8AB5C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x8F801000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
    0x8F827000 \SystemRoot\system32\DRIVERS\athr.sys
    0x8F947000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x8F95A000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
    0x8F95F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x8F96A000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x8F99A000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x8F99C000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x8F9A7000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x8F9AB000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x8F9C3000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x8F9C9000 \SystemRoot\system32\DRIVERS\msiscsi.sys
    0x8F7F3000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8ABE9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x8EE00000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x8FA07000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x8FA2A000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8FA39000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8FA4D000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x8FA62000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x8FA72000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x8FA74000 \SystemRoot\system32\DRIVERS\ks.sys
    0x8FA9E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x8FAA8000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x8FAB5000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x8FAEA000 \SystemRoot\system32\drivers\CHDRT32.sys
    0x8FB25000 \SystemRoot\system32\drivers\portcls.sys
    0x8FB52000 \SystemRoot\system32\drivers\drmk.sys
    0x8FB77000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
    0x9020C000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
    0x9030F000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
    0x903C4000 \SystemRoot\system32\drivers\modem.sys
    0x903D1000 \SystemRoot\system32\drivers\IntcHdmi.sys
    0x8FBB5000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x90400000 \SystemRoot\System32\Drivers\N360\0403000.005\SRTSP.SYS
    0x90457000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x90460000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x90470000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x90477000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
    0x90496000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x9049E000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x90C02000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
    0x90E91000 \SystemRoot\system32\DRIVERS\lv302af.sys
    0x90E93000 \SystemRoot\system32\drivers\usbaudio.sys
    0x90EA5000 \SystemRoot\system32\DRIVERS\lvrs.sys
    0x90EE5000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
    0x91A01000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVEX15.SYS
    0x91B4F000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
    0x91B74000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVENG.SYS
    0x91B88000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0x91B91000 \SystemRoot\System32\Drivers\Null.SYS
    0x91B98000 \SystemRoot\System32\Drivers\Beep.SYS
    0x91BA8000 \SystemRoot\System32\drivers\vga.sys
    0x91BB4000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x91BD5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x91BDD000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x91BE5000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x91BF0000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x91B9F000 \SystemRoot\System32\DRIVERS\rasacd.sys
    0x90EEF000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x90F05000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
    0x90F5E000 \SystemRoot\system32\DRIVERS\smb.sys
    0x90F72000 \SystemRoot\system32\drivers\afd.sys
    0x90FBA000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x904B5000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x90FEC000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x904CB000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x904DE000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x9051A000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x90524000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys
    0x9057F000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    0x905DD000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    0x8FBC6000 \SystemRoot\System32\Drivers\dfsc.sys
    0x98C00000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
    0x98C7F000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
    0x98D2B000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x98D38000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x98D43000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x9F490000 \SystemRoot\System32\win32k.sys
    0x98D4D000 \SystemRoot\System32\drivers\Dxapi.sys
    0x98D57000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x9F6B0000 \SystemRoot\System32\TSDDD.dll
    0x9F6D0000 \SystemRoot\System32\cdd.dll
    0x98D66000 \SystemRoot\system32\drivers\luafv.sys
    0x9F6E0000 \SystemRoot\System32\ATMFD.DLL
    0xB3606000 \SystemRoot\system32\drivers\spsys.sys
    0xB36B6000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0xB36C6000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0xB36F0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xB36FA000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0xB370D000 \SystemRoot\system32\drivers\HTTP.sys
    0xB377A000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0xB3797000 \SystemRoot\system32\DRIVERS\bowser.sys
    0xB37B0000 \SystemRoot\System32\drivers\mpsdrv.sys
    0xB37C5000 \SystemRoot\system32\drivers\mrxdav.sys
    0x98D81000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x98DA0000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0xB37E6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0xB5A06000 \SystemRoot\System32\DRIVERS\srv2.sys
    0xB5A2E000 \SystemRoot\System32\DRIVERS\srv.sys
    0xB5A94000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
    0xB5A98000 \SystemRoot\system32\drivers\peauth.sys
    0xB5B76000 \SystemRoot\System32\Drivers\secdrv.SYS
    0xB5B80000 \SystemRoot\System32\drivers\tcpipreg.sys
    0xB5B8C000 \SystemRoot\system32\DRIVERS\xaudio.sys
    0xB5B94000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
    0xB5B99000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0x772D0000 \Windows\System32\ntdll.dll

    Processes (total 68):
    0 System Idle Process
    4 System
    432 C:\Windows\System32\smss.exe
    512 csrss.exe
    556 C:\Windows\System32\wininit.exe
    564 csrss.exe
    604 C:\Windows\System32\winlogon.exe
    644 C:\Windows\System32\services.exe
    656 C:\Windows\System32\lsass.exe
    664 C:\Windows\System32\lsm.exe
    812 C:\Windows\System32\svchost.exe
    872 C:\Windows\System32\svchost.exe
    1004 C:\Windows\System32\svchost.exe
    1032 C:\Windows\System32\svchost.exe
    1044 C:\Windows\System32\svchost.exe
    1116 C:\Windows\System32\audiodg.exe
    1140 C:\Windows\System32\svchost.exe
    1164 C:\Windows\System32\SLsvc.exe
    1200 C:\Windows\System32\svchost.exe
    1332 C:\Windows\System32\svchost.exe
    1476 C:\Windows\System32\wlanext.exe
    1572 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    1696 C:\Windows\System32\spoolsv.exe
    1744 C:\Windows\System32\svchost.exe
    12 C:\Windows\System32\dwm.exe
    692 C:\Windows\System32\taskeng.exe
    980 C:\Windows\explorer.exe
    996 C:\Windows\System32\taskeng.exe
    212 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    808 C:\Program Files\HP\QuickPlay\QPService.exe
    1532 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    2076 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    2208 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    2232 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
    2260 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    2288 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    2304 C:\Windows\System32\svchost.exe
    2316 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    2332 C:\Program Files\SMINST\BLService.exe
    2400 C:\Windows\System32\hkcmd.exe
    2452 C:\Windows\System32\igfxpers.exe
    2492 C:\Program Files\CyberLink\Shared files\RichVideo.exe
    2536 C:\Windows\System32\svchost.exe
    2584 C:\Windows\System32\svchost.exe
    2620 C:\Windows\System32\SearchIndexer.exe
    2648 C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
    2748 C:\Windows\System32\drivers\XAudio.exe
    2776 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    2820 C:\Program Files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe
    2924 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

    I think i did that correctly....however on the bit defender quick scan firefox addon it still shows that as a virus

    QuickScan Beta 32-bit v0.9.9.50
    -------------------------------
    Scan date: Wed Nov 03 14:59:41 2010
    Machine ID: 9AE1519E



    Found 1 infected file!
    ----------------------

    C:\Windows\system32\syncstream.dll --> Gen:Variant.Kazy.894
     
  8. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    One thing at a time, please.

    Your MBRCheck log is incomplete.
    Re-run it and post new log.
     
  9. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows Vista Home Basic Edition
    Windows Information: Service Pack 2 (build 6002), 32-bit
    Base Board Manufacturer: Wistron
    BIOS Manufacturer: Hewlett-Packard
    System Manufacturer: Hewlett-Packard
    System Product Name: Compaq Presario CQ60 Notebook PC
    Logical Drives Mask: 0x0000001c

    Kernel Drivers (total 209):
    0x81C4B000 \SystemRoot\system32\ntkrnlpa.exe
    0x81C18000 \SystemRoot\system32\hal.dll
    0x8040B000 \SystemRoot\system32\kdcom.dll
    0x80412000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x80482000 \SystemRoot\system32\PSHED.dll
    0x80493000 \SystemRoot\system32\BOOTVID.dll
    0x8049B000 \SystemRoot\system32\CLFS.SYS
    0x804DC000 \SystemRoot\system32\CI.dll
    0x8060A000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x80686000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x80693000 \SystemRoot\system32\drivers\acpi.sys
    0x806D9000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x806E2000 \SystemRoot\system32\drivers\msisadrv.sys
    0x806EA000 \SystemRoot\system32\drivers\pci.sys
    0x80711000 \SystemRoot\system32\drivers\isapnp.sys
    0x80720000 \SystemRoot\system32\drivers\mpio.sys
    0x8073C000 \SystemRoot\System32\drivers\partmgr.sys
    0x8074B000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x8074E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x80758000 \SystemRoot\system32\drivers\volmgr.sys
    0x80767000 \SystemRoot\System32\drivers\volmgrx.sys
    0x807B1000 \SystemRoot\system32\drivers\intelide.sys
    0x807B8000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x807C6000 \SystemRoot\system32\drivers\aliide.sys
    0x807CD000 \SystemRoot\system32\drivers\amdide.sys
    0x807D4000 \SystemRoot\system32\drivers\cmdide.sys
    0x807DC000 \SystemRoot\System32\drivers\mountmgr.sys
    0x805BC000 \SystemRoot\system32\drivers\msdsm.sys
    0x805D6000 \SystemRoot\system32\drivers\nvraid.sys
    0x82202000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x82223000 \SystemRoot\system32\drivers\pciide.sys
    0x8222A000 \SystemRoot\system32\drivers\viaide.sys
    0x82232000 \SystemRoot\system32\drivers\iastorv.sys
    0x822D3000 \SystemRoot\system32\drivers\atapi.sys
    0x822DB000 \SystemRoot\system32\drivers\ataport.SYS
    0x822F9000 \SystemRoot\system32\drivers\lsi_scsi.sys
    0x82313000 \SystemRoot\system32\drivers\storport.sys
    0x82354000 \SystemRoot\system32\drivers\msahci.sys
    0x8235E000 \SystemRoot\system32\drivers\hpcisss.sys
    0x82369000 \SystemRoot\system32\drivers\adp94xx.sys
    0x8A202000 \SystemRoot\system32\drivers\adpahci.sys
    0x8A24E000 \SystemRoot\system32\drivers\adpu160m.sys
    0x8A269000 \SystemRoot\system32\drivers\SCSIPORT.SYS
    0x8A28F000 \SystemRoot\system32\drivers\adpu320.sys
    0x8A2B5000 \SystemRoot\system32\drivers\djsvs.sys
    0x8A2C9000 \SystemRoot\system32\drivers\arc.sys
    0x8A2DF000 \SystemRoot\system32\drivers\arcsas.sys
    0x8A2F5000 \SystemRoot\system32\drivers\elxstor.sys
    0x8A389000 \SystemRoot\system32\drivers\i2omp.sys
    0x8A393000 \SystemRoot\system32\drivers\iirsp.sys
    0x8A3A3000 \SystemRoot\system32\drivers\iteatapi.sys
    0x8A3AF000 \SystemRoot\system32\drivers\iteraid.sys
    0x8A3BB000 \SystemRoot\system32\drivers\lsi_fc.sys
    0x8A3D5000 \SystemRoot\system32\drivers\lsi_sas.sys
    0x8A3ED000 \SystemRoot\system32\drivers\megasas.sys
    0x8A405000 \SystemRoot\system32\drivers\megasr.sys
    0x8A4BC000 \SystemRoot\system32\drivers\mraid35x.sys
    0x8A4C7000 \SystemRoot\system32\drivers\nfrd960.sys
    0x8A4D5000 \SystemRoot\system32\drivers\nvstor.sys
    0x8A603000 \SystemRoot\system32\drivers\ql2300.sys
    0x8A73B000 \SystemRoot\system32\drivers\ql40xx.sys
    0x8A790000 \SystemRoot\system32\drivers\sisraid2.sys
    0x8A79D000 \SystemRoot\system32\drivers\sisraid4.sys
    0x8A7B2000 \SystemRoot\system32\drivers\symc8xx.sys
    0x8A7BE000 \SystemRoot\system32\drivers\sym_hi.sys
    0x8A7C9000 \SystemRoot\system32\drivers\sym_u3.sys
    0x8A4E2000 \SystemRoot\system32\drivers\uliahci.sys
    0x8A7D4000 \SystemRoot\system32\drivers\ulsata.sys
    0x8A51E000 \SystemRoot\system32\drivers\ulsata2.sys
    0x8A54A000 \SystemRoot\system32\drivers\vsmraid.sys
    0x8A56B000 \SystemRoot\system32\drivers\fltmgr.sys
    0x8A59D000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
    0x823D3000 \SystemRoot\system32\drivers\fileinfo.sys
    0x823E3000 \SystemRoot\system32\DRIVERS\Lbd.sys
    0x8A80B000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
    0x8A838000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x8A8A9000 \SystemRoot\system32\drivers\ndis.sys
    0x8A9B4000 \SystemRoot\system32\drivers\msrpc.sys
    0x8AA06000 \SystemRoot\system32\drivers\NETIO.SYS
    0x8AA41000 \SystemRoot\System32\drivers\tcpip.sys
    0x8AB2B000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x8AC07000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x8AD17000 \SystemRoot\system32\drivers\wd.sys
    0x8AD1F000 \SystemRoot\system32\drivers\volsnap.sys
    0x8AD58000 \SystemRoot\System32\Drivers\spldr.sys
    0x8AD60000 \SystemRoot\system32\drivers\sbp2port.sys
    0x8AD75000 \SystemRoot\System32\Drivers\mup.sys
    0x8AD84000 \SystemRoot\System32\drivers\ecache.sys
    0x8ADAB000 \SystemRoot\system32\drivers\disk.sys
    0x8ADBC000 \SystemRoot\system32\drivers\crcdisk.sys
    0x8ADE7000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x8ADF2000 \SystemRoot\system32\DRIVERS\tunmp.sys
    0x8AB46000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x8AB55000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x8E606000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
    0x8EF23000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x8EFC4000 \SystemRoot\System32\drivers\watchdog.sys
    0x8EFD0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x8AB5E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x8EFDB000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x8F206000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x8F293000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
    0x8F2B9000 \SystemRoot\system32\DRIVERS\athr.sys
    0x8F3D9000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x8F3EC000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
    0x8F3F1000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x8AB9C000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x8F3FC000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x8EFEA000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x8F200000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x8ABCC000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x8EFF5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x8F60F000 \SystemRoot\system32\DRIVERS\msiscsi.sys
    0x8F63E000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8F649000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x8F660000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x8F66B000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x8F68E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8F69D000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8F6B1000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x8F6C6000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x8F6D6000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x8F6D8000 \SystemRoot\system32\DRIVERS\ks.sys
    0x8F702000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x8F70C000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x8F719000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x8F74E000 \SystemRoot\system32\drivers\CHDRT32.sys
    0x8F789000 \SystemRoot\system32\drivers\portcls.sys
    0x8F7B6000 \SystemRoot\system32\drivers\drmk.sys
    0x8FA0E000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
    0x8FA4C000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
    0x8FC01000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
    0x8FCB6000 \SystemRoot\system32\drivers\modem.sys
    0x8FCC3000 \SystemRoot\system32\drivers\IntcHdmi.sys
    0x8FCE4000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x8FCF5000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x8FCFE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x8FD0E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x8FD15000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x8FD1D000 \SystemRoot\System32\Drivers\N360\0403000.005\SRTSP.SYS
    0x8FD74000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
    0x8FD93000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x90E03000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
    0x91092000 \SystemRoot\system32\DRIVERS\lv302af.sys
    0x91094000 \SystemRoot\system32\drivers\usbaudio.sys
    0x910A6000 \SystemRoot\system32\DRIVERS\lvrs.sys
    0x910E6000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
    0x91406000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVEX15.SYS
    0x91554000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
    0x91579000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVENG.SYS
    0x9158D000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0x91596000 \SystemRoot\System32\Drivers\Null.SYS
    0x9159D000 \SystemRoot\System32\Drivers\Beep.SYS
    0x915AD000 \SystemRoot\System32\drivers\vga.sys
    0x915B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x915DA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x915E2000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x915EA000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x910F0000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x915F5000 \SystemRoot\System32\DRIVERS\rasacd.sys
    0x910FE000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x91114000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
    0x9116D000 \SystemRoot\system32\DRIVERS\smb.sys
    0x91181000 \SystemRoot\system32\drivers\afd.sys
    0x911C9000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x8FDAA000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x8FDC0000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x8FDCE000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x8FB4F000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x8FDE1000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x8FB8B000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys
    0x95206000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    0x95264000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    0x95281000 \SystemRoot\System32\Drivers\dfsc.sys
    0x95298000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
    0x95317000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
    0x953C3000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x953D0000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x953DB000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x9E000000 \SystemRoot\System32\win32k.sys
    0x953E5000 \SystemRoot\System32\drivers\Dxapi.sys
    0x953EF000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x9E220000 \SystemRoot\System32\TSDDD.dll
    0x9E250000 \SystemRoot\System32\ATMFD.DLL
    0x8F7DB000 \SystemRoot\system32\drivers\luafv.sys
    0xB0807000 \SystemRoot\system32\drivers\spsys.sys
    0xB08B7000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0xB08C7000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0xB08F1000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xB08FB000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0xB090E000 \SystemRoot\system32\drivers\HTTP.sys
    0xB097B000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0xB0998000 \SystemRoot\system32\DRIVERS\bowser.sys
    0xB09B1000 \SystemRoot\System32\drivers\mpsdrv.sys
    0xB09C6000 \SystemRoot\system32\drivers\mrxdav.sys
    0x8ADC5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xB240E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0xB2447000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0xB245F000 \SystemRoot\System32\DRIVERS\srv2.sys
    0xB2487000 \SystemRoot\System32\DRIVERS\srv.sys
    0xB24ED000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
    0xB24F1000 \SystemRoot\system32\drivers\peauth.sys
    0xB25CF000 \SystemRoot\System32\Drivers\secdrv.SYS
    0xB25D9000 \SystemRoot\System32\drivers\tcpipreg.sys
    0xB25E5000 \SystemRoot\system32\DRIVERS\xaudio.sys
    0xB25ED000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
    0xB24D5000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0x9E2D0000 \SystemRoot\System32\cdd.dll
    0x77210000 \Windows\System32\ntdll.dll

    Processes (total 64):
    0 System Idle Process
    4 System
    496 C:\Windows\System32\smss.exe
    576 csrss.exe
    620 C:\Windows\System32\wininit.exe
    664 C:\Windows\System32\services.exe
    676 C:\Windows\System32\lsass.exe
    684 C:\Windows\System32\lsm.exe
    876 C:\Windows\System32\svchost.exe
    936 C:\Windows\System32\svchost.exe
    1076 C:\Windows\System32\svchost.exe
    1104 C:\Windows\System32\svchost.exe
    1116 C:\Windows\System32\svchost.exe
    1192 C:\Windows\System32\audiodg.exe
    1212 C:\Windows\System32\svchost.exe
    1228 C:\Windows\System32\SLsvc.exe
    1260 C:\Windows\System32\svchost.exe
    1380 C:\Windows\System32\svchost.exe
    1632 C:\Windows\System32\wlanext.exe
    1824 C:\Windows\System32\spoolsv.exe
    1848 C:\Windows\System32\svchost.exe
    1576 C:\Windows\System32\taskeng.exe
    2272 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    2448 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
    2524 C:\Windows\System32\svchost.exe
    2736 C:\Program Files\SMINST\BLService.exe
    2776 C:\Program Files\CyberLink\Shared files\RichVideo.exe
    2836 C:\Windows\System32\svchost.exe
    2876 C:\Windows\System32\svchost.exe
    2976 C:\Windows\System32\SearchIndexer.exe
    3040 C:\Windows\System32\drivers\XAudio.exe
    3064 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    3176 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    3460 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    3544 WmiPrvSE.exe
    4024 dllhost.exe
    4368 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    6036 csrss.exe
    3868 C:\Windows\System32\winlogon.exe
    2064 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
    3848 C:\Windows\System32\dwm.exe
    5760 C:\Windows\System32\taskeng.exe
    4000 C:\Windows\explorer.exe
    2960 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    4684 C:\Program Files\HP\QuickPlay\QPService.exe
    2156 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    2304 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    4376 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    1468 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    2784 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    4192 C:\Windows\System32\hkcmd.exe
    3084 C:\Windows\System32\igfxpers.exe
    4340 C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
    4720 C:\Program Files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe
    2908 C:\Windows\System32\igfxsrvc.exe
    1748 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    5404 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    2468 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
    2936 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    5052 C:\Windows\System32\taskeng.exe
    1588 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    5940 C:\Program Files\Mozilla Firefox\firefox.exe
    5704 C:\Program Files\Mozilla Firefox\plugin-container.exe
    5540 C:\Users\jonathan\Desktop\Scanners\MBRCheck.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`a2900000 (NTFS)

    PhysicalDrive0 Model Number: ST9250320AS, Rev: HP07

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


    Done!
     
  10. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    Looks good :)

    Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders.
    Upload following files to http://www.virustotal.com/ for security check:
    - C:\Windows\system32\syncstream.dll
    IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.
    Post scan results.
     
  11. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    i hope this is what i needed to paste?

    Antivirus Version Last update Result
    AhnLab-V3 2010.11.04.00 2010.11.03 -
    AntiVir 7.10.13.114 2010.11.03 TR/Crypt.XPACK.Gen3
    Antiy-AVL 2.0.3.7 2010.11.03 -
    Authentium 5.2.0.5 2010.11.03 -
    Avast 4.8.1351.0 2010.11.03 -
    Avast5 5.0.594.0 2010.11.03 -
    AVG 9.0.0.851 2010.11.03 -
    BitDefender 7.2 2010.11.03 Gen:Variant.Kazy.894
    CAT-QuickHeal 11.00 2010.10.26 -
    ClamAV 0.96.2.0-git 2010.11.03 -
    Comodo 6606 2010.11.03 -
    DrWeb 5.0.2.03300 2010.11.03 -
    Emsisoft 5.0.0.50 2010.11.03 Trojan-Downloader.Win32.Vundo!IK
    eSafe 7.0.17.0 2010.11.03 -
    eTrust-Vet 36.1.7954 2010.11.03 -
    F-Prot 4.6.2.117 2010.11.03 -
    F-Secure 9.0.16160.0 2010.11.03 Gen:Variant.Kazy.894
    Fortinet 4.2.249.0 2010.11.03 -
    GData 21 2010.11.03 Gen:Variant.Kazy.894
    Ikarus T3.1.1.90.0 2010.11.03 Trojan-Downloader.Win32.Vundo
    Jiangmin 13.0.900 2010.11.03 -
    K7AntiVirus 9.67.2903 2010.11.03 -
    Kaspersky 7.0.0.125 2010.11.03 -
    McAfee 5.400.0.1158 2010.11.03 -
    McAfee-GW-Edition 2010.1C 2010.11.03 -
    Microsoft 1.6301 2010.11.03 -
    NOD32 5589 2010.11.03 -
    Norman 6.06.10 2010.11.03 -
    nProtect 2010-11-03.01 2010.11.03 Gen:Variant.Kazy.894
    Panda 10.0.2.7 2010.11.03 Trj/CI.A
    PCTools 7.0.3.5 2010.11.03 -
    Prevx 3.0 2010.11.03 -
    Rising 22.72.01.04 2010.11.03 -
    Sophos 4.59.0 2010.11.03 Sus/UnkPack-C
    Sunbelt 7209 2010.11.03 -
    SUPERAntiSpyware 4.40.0.1006 2010.11.03 -
    Symantec 20101.2.0.161 2010.11.03 -
    TheHacker 6.7.0.1.075 2010.11.02 -
    TrendMicro 9.120.0.1004 2010.11.03 -
    TrendMicro-HouseCall 9.120.0.1004 2010.11.03 -
    VBA32 3.12.14.1 2010.11.03 BScope.FearGen.xf
    ViRobot 2010.10.4.4074 2010.11.03 -
    VirusBuster 12.71.4.0 2010.11.03 -
    MD5: c6dc2a6498106bc6236eac4d19391fea
    SHA1: a3007862a025b5f86c8639129d3f02f658e6ef4e
    SHA256: 7eabf2b9786ff2459c9b8a3403231dbdbac0485504616a570627631aaa23d0a2
    File size: 482304 bytes
    Scan date: 2010-11-03 21:29:37 (UTC)
     
  12. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    1. Please open Notepad
    • Click Start , then Run
    • Type notepad .exe in the Run Box.

    2. Now copy/paste the entire content of the codebox below into the Notepad window:

    Code:
    File::
    C:\Windows\system32\syncstream.dll
    
    
    Folder::
    c:\programdata\QAJHFUQDXG
    c:\programdata\EXIHFUQDXG
    c:\programdata\BVIHFUQDXG
    c:\programdata\AHIHFUQDXG
    c:\programdata\URIHFUQDXG
    

    3. Save the above as CFScript.txt

    4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

    5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

    [​IMG]


    6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
    • Combofix.txt
     
  13. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    ComboFix 10-11-02.03 - jonathan 11/03/2010 18:59:30.5.2 - x86
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3002.1807 [GMT -4:00]
    Running from: c:\users\jonathan\Desktop\ComboFix.exe
    Command switches used :: c:\users\jonathan\Desktop\CFScript.txt
    SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    FILE ::
    "c:\windows\system32\syncstream.dll"
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\programdata\AHIHFUQDXG
    c:\programdata\AHIHFUQDXG\2050.Dat
    c:\programdata\BVIHFUQDXG
    c:\programdata\BVIHFUQDXG\2415.Dat
    c:\programdata\EXIHFUQDXG
    c:\programdata\EXIHFUQDXG\2470.Dat
    c:\programdata\QAJHFUQDXG
    c:\programdata\QAJHFUQDXG\2560.Dat
    c:\programdata\URIHFUQDXG
    c:\programdata\URIHFUQDXG\2330.Dat
    c:\windows\system32\syncstream.dll

    .
    ((((((((((((((((((((((((( Files Created from 2010-10-03 to 2010-11-03 )))))))))))))))))))))))))))))))
    .

    2010-11-03 23:05 . 2010-11-03 23:06 -------- d-----w- c:\users\jonathan\AppData\Local\temp
    2010-11-03 23:05 . 2010-11-03 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-11-03 21:00 . 2010-11-03 21:00 -------- d-----w- c:\users\john
    2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Roaming\Tific
    2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Local\Symantec
    2010-11-02 22:38 . 2010-11-02 22:38 -------- d-----w- C:\VundoFix Backups
    2010-10-31 20:22 . 2010-11-03 18:25 -------- d-----w- c:\users\jonathan\AppData\Roaming\CyberLink
    2010-10-31 20:22 . 2010-11-03 18:25 -------- d-----w- c:\users\Public\CyberLink
    2010-10-27 20:00 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-10-27 19:55 . 2010-10-27 19:55 -------- d-----w- c:\users\jonathan\AppData\Local\Apple
    2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\Common Files\scanner
    2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\CA
    2010-10-27 19:35 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
    2010-10-27 19:28 . 2010-10-27 19:28 -------- d-----w- c:\windows\system32\x64
    2010-10-27 19:22 . 2010-10-27 19:26 -------- d-----w- c:\users\jonathan\AppData\Local\Immunet
    2010-10-27 19:22 . 2010-10-27 19:37 -------- d-----w- c:\programdata\Immunet
    2010-10-27 19:22 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2010-10-27 19:19 . 2010-09-08 06:02 638232 ----a-w- c:\program files\Internet Explorer\iexplore.exe
    2010-10-27 19:17 . 2009-03-08 11:35 233984 ----a-w- c:\program files\Internet Explorer\jsprofilerui.dll
    2010-10-26 17:32 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-10-26 17:32 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-10-26 17:32 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-10-23 20:19 . 2010-10-23 20:20 -------- d-----w- c:\program files\Paint.NET
    2010-10-23 20:18 . 2010-10-24 17:35 -------- d-----w- c:\users\jonathan\AppData\Local\Paint.NET
    2010-10-20 13:53 . 2010-11-03 03:54 -------- d-----w- c:\users\jonathan\AppData\Local\CrashDumps
    2010-10-19 06:18 . 2010-10-19 06:54 -------- d-----w- c:\program files\Ali Baba Buddy Pogo
    2010-10-17 21:32 . 2010-10-19 06:54 -------- d-----w- c:\program files\Stackem Buddy Pogo
    2010-10-16 03:32 . 2008-04-17 21:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
    2010-10-16 03:32 . 2009-05-18 22:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
    2010-10-16 03:32 . 2010-10-16 03:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2010-10-16 03:32 . 2010-10-16 16:08 -------- d-----w- c:\program files\Common Files\Symantec Shared
    2010-10-16 03:32 . 2010-10-16 03:32 -------- d-----w- c:\program files\Symantec
    2010-10-16 03:31 . 2010-10-16 03:31 -------- d-----w- c:\program files\NortonInstaller
    2010-10-16 03:09 . 2010-11-03 19:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2010-10-16 03:09 . 2010-10-16 03:12 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\users\jonathan\AppData\Roaming\Malwarebytes
    2010-10-15 23:43 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\programdata\Malwarebytes
    2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-10-15 23:43 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-15 23:23 . 2010-10-15 23:23 -------- d-----w- c:\program files\Trend Micro
    2010-10-15 23:14 . 2010-10-29 15:03 -------- d-----w- c:\windows\system32\drivers\N360
    2010-10-15 23:11 . 2010-10-15 23:11 -------- d-----w- c:\users\jonathan\LimeWire
    2010-10-15 22:45 . 2010-10-15 23:01 -------- d-----w- c:\programdata\Fugazo
    2010-10-15 22:19 . 2010-10-15 22:19 -------- d-----w- c:\users\jonathan\AppData\Roaming\WildTangent
    2010-10-15 14:53 . 2010-09-16 17:24 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4105DF84-183C-44FA-BADC-E90AA047714D}\mpengine.dll
    2010-10-15 03:57 . 2010-10-27 21:07 -------- d-----w- c:\program files\BadgeHelp
    2010-10-14 21:34 . 2010-10-14 21:34 -------- d-----w- c:\users\jonathan\AppData\Roaming\InstallShield
    2010-10-14 20:30 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-10-14 20:30 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
    2010-10-14 20:30 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2010-10-14 20:30 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-10-14 20:30 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-10-14 20:30 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-10-14 20:30 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-10-14 20:30 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
    2010-10-14 20:30 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
    2010-10-14 20:30 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
    2010-10-14 20:30 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
    2010-10-14 20:29 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
    2010-10-14 20:29 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2010-10-14 20:29 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
    2010-10-14 20:29 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
    2010-10-14 20:29 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
    2010-10-14 20:29 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
    2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
    2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\program files\Comcast Universal Caller ID
    2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Local\Adobe
    2010-10-13 23:11 . 2010-08-12 12:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-10-13 23:02 . 2010-08-12 12:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-10-13 23:02 . 2010-10-27 19:37 -------- dc----w- c:\windows\system32\DRVSTORE
    2010-10-13 23:02 . 2010-10-13 23:02 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-10-12 03:40 . 2007-12-17 17:16 65536 ----a-w- c:\program files\Mozilla Firefox\plugins\npkimi.dll
    2010-10-12 03:40 . 2010-10-12 03:40 -------- d-----w- c:\program files\Imikimi
    2010-10-11 23:53 . 2010-11-03 20:50 -------- d-----w- c:\users\jonathan\AppData\Roaming\QuickScan
    2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\programdata\eSellerate
    2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\program files\Common Files\eSellerate
    2010-10-10 20:05 . 2010-10-10 20:05 -------- d-----w- c:\program files\Windows Portable Devices
    2010-10-10 20:00 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2010-10-10 20:00 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2010-10-10 20:00 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2010-10-10 19:58 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
    2010-10-10 19:58 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
    2010-10-10 19:58 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
    2010-10-10 19:58 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
    2010-10-10 19:58 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
    2010-10-10 19:58 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
    2010-10-10 19:58 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
    2010-10-10 19:58 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
    2010-10-10 19:58 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
    2010-10-10 19:58 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
    2010-10-10 19:58 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
    2010-10-10 19:58 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
    2010-10-10 19:56 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2010-10-10 19:56 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
    2010-10-10 19:56 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\ca-ES
    2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\eu-ES
    2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\vi-VN
    2010-10-08 23:56 . 2010-10-08 23:56 -------- d-----w- c:\windows\system32\EventProviders
    2010-10-08 01:21 . 2010-10-08 01:21 -------- d-----w- c:\users\jonathan\AppData\Local\Yahoo!
    2010-10-07 22:19 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-10-07 22:19 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2010-10-07 22:19 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
    2010-10-07 22:19 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-10-07 22:19 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Local\LogiShrd
    2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Roaming\Leadertech
    2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
    2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2.dll
    2010-10-07 22:09 . 2009-04-30 23:01 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
    2010-10-07 22:09 . 2009-04-30 22:39 34068 ----a-w- c:\windows\system32\Repository.reg
    2010-10-07 22:09 . 2009-10-07 08:43 416280 ----a-w- c:\windows\system32\LVCodec2.dll
    2010-10-07 22:09 . 2009-04-30 22:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
    2010-10-07 22:09 . 2009-04-30 22:55 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
    2010-10-07 22:09 . 2009-04-30 22:55 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
    2010-10-07 22:09 . 2010-10-07 22:22 -------- d-----w- c:\program files\Logitech
    2010-10-07 22:09 . 2010-10-07 22:13 -------- d-----w- c:\programdata\LogiShrd
    2010-10-07 22:09 . 2010-10-07 22:10 -------- d-----w- c:\program files\Common Files\LogiShrd
    2010-10-07 21:59 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
    2010-10-07 21:59 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
    2010-10-07 21:59 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
    2010-10-07 21:59 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
    2010-10-07 21:59 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
    2010-10-07 21:59 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-10-03 18:23 . 2008-10-23 06:35 1053232 ----a-w- c:\windows\system32\MFC71u.dll
    2010-10-03 18:23 . 2008-08-06 22:29 353840 ----a-w- c:\windows\system32\msvcr71.dll
    2010-10-03 18:23 . 2008-08-06 22:27 505392 ----a-w- c:\windows\system32\msvcp71.dll
    2010-10-03 18:23 . 2008-10-23 06:35 1066544 ----a-w- c:\windows\system32\MFC71.dll
    2010-09-15 08:50 . 2010-10-03 20:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-08-26 16:33 . 2010-10-26 17:32 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
    2010-08-26 16:33 . 2010-10-26 17:32 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
    2010-08-26 16:33 . 2010-10-26 17:32 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2010-08-26 16:33 . 2010-10-26 17:32 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
    2010-08-25 23:46 . 2010-08-25 23:46 8198680 ----a-w- c:\windows\system32\TVWSetup.exe
    2010-08-25 23:45 . 2010-10-03 18:17 948760 ----a-w- c:\windows\system32\igxpun.exe
    2010-08-25 23:45 . 2008-07-10 22:27 136216 ----a-w- c:\windows\system32\igfxtray.exe
    2010-08-25 23:45 . 2008-07-10 22:27 266776 ----a-w- c:\windows\system32\igfxsrvc.exe
    2010-08-25 23:45 . 2008-07-10 22:27 170520 ----a-w- c:\windows\system32\igfxpers.exe
    2010-08-25 23:45 . 2010-08-25 23:45 179224 ----a-w- c:\windows\system32\igfxext.exe
    2010-08-25 23:45 . 2008-07-10 22:27 171032 ----a-w- c:\windows\system32\hkcmd.exe
    2010-08-25 23:45 . 2010-08-25 23:45 3156504 ----a-w- c:\windows\system32\GfxUI.exe
    2010-08-25 23:39 . 2010-08-25 23:39 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll
    2010-08-25 23:31 . 2010-08-25 23:31 9024512 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
    2010-08-25 23:31 . 2008-07-06 20:15 4967424 ----a-w- c:\windows\system32\igdumd32.dll
    2010-08-25 23:28 . 2008-07-06 20:10 571904 ----a-w- c:\windows\system32\igdumdx32.dll
    2010-08-25 23:23 . 2010-08-25 23:23 4411904 ----a-w- c:\windows\system32\igd10umd32.dll
    2010-08-25 23:09 . 2010-08-25 23:09 11040256 ----a-w- c:\windows\system32\ig4icd32.dll
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrsky.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrslv.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxresn.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrtrk.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrsve.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrtha.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrrus.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrptg.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrplk.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrptb.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrnor.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrita.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrhun.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrheb.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrkor.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrjpn.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrfra.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrell.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrnld.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrdeu.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrfin.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrcsy.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrdan.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrara.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrcht.lrc
    2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrchs.lrc
    2010-08-25 23:00 . 2010-08-25 23:00 23552 ----a-w- c:\windows\system32\igfxexps.dll
    2010-08-25 23:00 . 2010-08-25 23:00 194560 ----a-w- c:\windows\system32\igfxpph.dll
    2010-08-25 22:59 . 2010-08-25 22:59 115200 ----a-w- c:\windows\system32\igfxcpl.cpl
    2010-08-25 22:59 . 2008-07-06 19:39 261632 ----a-w- c:\windows\system32\igfxTMM.dll
    2010-08-25 22:59 . 2008-07-06 19:38 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
    2010-08-25 22:59 . 2010-08-25 22:59 130048 ----a-w- c:\windows\system32\igfxdo.dll
    2010-08-25 22:59 . 2008-07-06 19:37 94720 ----a-w- c:\windows\system32\hccutils.dll
    2010-08-25 22:59 . 2010-08-25 22:59 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
    2010-08-25 22:59 . 2010-08-25 22:59 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
    2010-08-25 22:59 . 2008-07-06 19:37 228864 ----a-w- c:\windows\system32\igfxdev.dll
    2010-08-25 22:59 . 2008-07-06 19:37 828928 ----a-w- c:\windows\system32\igfxress.dll
    2010-08-25 22:59 . 2008-07-06 19:37 85504 ----a-w- c:\windows\system32\igfxrenu.lrc
    2010-08-25 22:52 . 2010-08-25 22:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
    2010-08-25 22:52 . 2010-08-25 22:52 208896 ----a-w- c:\windows\system32\iglhsip32.dll
    2010-08-25 22:52 . 2010-08-25 22:52 143360 ----a-w- c:\windows\system32\iglhcp32.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
    "DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
    "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

    c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Comcast Universal Caller ID.lnk - c:\program files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe [2010-10-14 74752]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
    path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
    backup=c:\windows\pss\IMVU.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
    path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
    backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
    2008-10-09 14:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
    2008-08-01 23:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 23:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
    2008-06-14 01:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-13 1357464]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys [2010-10-02 692272]
    S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys [2010-10-19 353840]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
    S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
    S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
    S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-13 102448]
    S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-29 112128]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contents of the 'Scheduled Tasks' folder

    2010-11-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 23:02]

    2010-11-02 c:\windows\Tasks\HPCeeScheduleForjonathan.job
    - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-23 18:34]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.yahoo.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
    FF - ProfilePath - c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\
    FF - prefs.js: browser.startup.homepage - yahoo.com
    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
    FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\FFExternalAlert.dll
    FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\RadioWMPCore.dll
    FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
    FF - plugin: c:\users\jonathan\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
    FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-11-03 19:05
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
    "ImagePath"="\"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Completion time: 2010-11-03 19:08:07
    ComboFix-quarantined-files.txt 2010-11-03 23:08
    ComboFix2.txt 2010-11-03 06:01

    Pre-Run: 170,854,318,080 bytes free
    Post-Run: 170,835,693,568 bytes free

    - - End Of File - - 3F854CD43B8A7AC09901D9568270422F
     
  14. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    Good :)

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /i " " /c
    dir /b "%systemroot%\*.exe" | find /i " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  15. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    OTL Extras logfile created on: 11/3/2010 7:36:09 PM - Run 1
    OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\jonathan\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
    6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 222.54 Gb Total Space | 158.75 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
    Drive D: | 10.34 Gb Total Space | 1.73 Gb Free Space | 16.74% Space Free | Partition Type: NTFS

    Computer Name: JONATHAN-PC | User Name: jonathan | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\iCall\iCall.exe" = C:\Program Files\iCall\iCall.exe:*:Enabled:iCall -- File not found


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{40EF4697-A71E-439F-A071-97153A6E41C5}" = rport=445 | protocol=6 | dir=out | app=system |
    "{4C2DA32B-B85F-4A12-AF6F-086EC6F2CE4D}" = lport=445 | protocol=6 | dir=in | app=system |
    "{98584A7B-E2B3-448E-AFEC-E74BDB2DDC69}" = lport=138 | protocol=17 | dir=in | app=system |
    "{A2B77A2C-9294-433E-B95C-1CDD75D973DB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{CCE2E913-D807-4752-A342-5AD4C57BDECA}" = lport=137 | protocol=17 | dir=in | app=system |
    "{D101C5A6-8477-44B8-BDC1-D58483A0999A}" = rport=139 | protocol=6 | dir=out | app=system |
    "{D87EB1F1-9A36-4FD2-95D7-765E3E16FF12}" = lport=139 | protocol=6 | dir=in | app=system |
    "{E49DA6BF-1AB4-4188-97C2-E1E97EBC3226}" = rport=137 | protocol=17 | dir=out | app=system |
    "{E624F1F4-54F4-4B57-AA32-57B05E1BA604}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{FC071BC6-F234-4710-AD38-C8ED7C595D39}" = rport=138 | protocol=17 | dir=out | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00F1A93B-502C-449E-AA33-4161A25D37DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{0FA277AD-DF13-442B-AA33-CBCFFECB972F}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
    "{17DB8151-9F5B-4CAB-805C-AAB6DBB4E498}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{185363CE-56CC-4969-8A97-550000FDE313}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{27296544-3CA3-4A13-BD0F-E8F4E549DCC2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{63A3839A-3292-4334-B003-40BBC4A6E53A}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
    "{9A374D62-B49E-4316-BF26-4B503D4C9808}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
    "{BF560D0C-34FE-4CCA-A6C2-57FE00223C4E}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
    "{C7EBC944-FC8A-45C9-8827-6A7D7DDA6CF8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "{D53B8B7E-D3B8-4479-B152-393894654F29}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
    "{E1B765ED-33FF-46D1-B0AC-DF421B5EE637}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "{F3B215A1-F050-4DEE-932D-30EA7D61BEBD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{F7EF098C-DA97-4F28-8931-B57F1BE0D105}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{FA6E4D6E-5262-47C9-AF6F-9DC7A147A0F7}" = dir=in | app=c:\users\jonathan\appdata\local\temp\{f7b125a3-0e65-446e-ac28-5b63ae7058da}\bin\javaw.exe |
    "TCP Query User{E1F41214-A8FA-4751-93A3-C52ABB81ADDD}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "TCP Query User{F1E045DB-CB28-4AEF-9732-23FE5AC6E7C9}C:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe |
    "UDP Query User{534AE68D-3A9F-4B70-A719-B06EAEA38932}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
    "UDP Query User{E2D67B6B-5C89-4492-A2B7-E6C0985D4F71}C:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
    "{0B72559F-4EBC-FCBB-BF23-6D96D9AC423D}" = Comcast Universal Caller ID
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
    "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
    "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
    "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
    "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
    "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
    "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
    "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
    "{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
    "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
    "{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Ad-Aware" = Ad-Aware
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "CCleaner" = CCleaner
    "CNXT_AUDIO_HDA" = Conexant HD Audio
    "CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1" = Comcast Universal Caller ID
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HijackThis" = HijackThis 2.0.2
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "Imikimi Plugin" = Imikimi Plugin
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "Logitech Vid" = Logitech Vid HD
    "lvdrivers_12.10" = Logitech Webcam Software Driver Package
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
    "N360" = Norton Security Suite
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "The Weather Channel Desktop 6" = The Weather Channel Desktop 6
    "WildTangent hp Master Uninstall" = HP Games
    "WTA-141a66d7-81a7-443f-a85f-3e81d47ed561" = Cooking Academy
    "WTA-289b2901-23fa-4528-81f8-06e03b45b3d6" = Cooking Academy 2 - World Cuisine
    "WTA-6db2ff2f-0e24-4029-b0ed-446aff7854d0" = Build It - Miami Beach Resort
    "WTA-f9a7688d-8c00-48e8-854f-d3ca69bf2f58" = Build in Time
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 11/2/2010 11:44:13 PM | Computer Name = jonathan-PC | Source = Application Error | ID = 1000
    Description = Faulting application tu5i59ng.exe, version 1.0.15.15477, time stamp
    0x4cbda469, faulting module tu5i59ng.exe, version 1.0.15.15477, time stamp 0x4cbda469,
    exception code 0xc0000005, fault offset 0x0000c551, process id 0xdf8, application
    start time 0x01cb7b088550aa28.

    Error - 11/2/2010 11:47:38 PM | Computer Name = jonathan-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 11/2/2010 11:54:01 PM | Computer Name = jonathan-PC | Source = Application Error | ID = 1000
    Description = Faulting application tu5i59ng.exe, version 1.0.15.15477, time stamp
    0x4cbda469, faulting module tu5i59ng.exe, version 1.0.15.15477, time stamp 0x4cbda469,
    exception code 0xc0000005, fault offset 0x0000c551, process id 0x1574, application
    start time 0x01cb7b0a3ca60db7.

    Error - 11/2/2010 11:58:50 PM | Computer Name = jonathan-PC | Source = Perflib | ID = 1010
    Description =

    Error - 11/3/2010 1:44:35 AM | Computer Name = jonathan-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 11/3/2010 2:09:33 AM | Computer Name = jonathan-PC | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 10/24/2010 9:39:43 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/24/2010 9:38:45 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/25/2010 11:38:57 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/26/2010 1:04:45 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/27/2010 1:50:04 AM | Computer Name = jonathan-PC | Source = DCOM | ID = 10010
    Description =

    Error - 10/27/2010 10:39:00 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/27/2010 3:45:27 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/27/2010 4:12:34 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/27/2010 9:47:12 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/28/2010 9:53:24 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >
     
  16. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    OTL logfile created on: 11/3/2010 7:36:09 PM - Run 1
    OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\jonathan\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
    6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 222.54 Gb Total Space | 158.75 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
    Drive D: | 10.34 Gb Total Space | 1.73 Gb Free Space | 16.74% Space Free | Partition Type: NTFS

    Computer Name: JONATHAN-PC | User Name: jonathan | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
    PRC - [2010/10/13 19:02:20 | 000,913,544 | ---- | M] (Lavasoft ) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    PRC - [2010/06/01 13:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
    PRC - [2009/10/14 16:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    PRC - [2009/10/14 16:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    PRC - [2009/10/07 04:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/01/26 18:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
    MOD - [2010/10/23 16:21:37 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
    MOD - [2010/10/23 16:21:37 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
    MOD - [2010/09/20 15:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\asoehook.dll
    MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/10/13 19:02:19 | 001,357,464 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
    SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
    SRV - [2009/10/07 04:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
    SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/01/26 18:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
    SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
    SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\jonathan\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - [2010/10/19 16:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys -- (IDSVix86)
    DRV - [2010/10/15 23:32:12 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
    DRV - [2010/10/13 04:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVEX15.SYS -- (NAVEX15)
    DRV - [2010/10/13 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
    DRV - [2010/10/13 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2010/10/13 04:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVENG.SYS -- (NAVENG)
    DRV - [2010/10/02 03:00:02 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys -- (BHDrvx86)
    DRV - [2010/08/25 19:31:30 | 009,024,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2010/08/12 08:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
    DRV - [2010/05/06 00:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
    DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
    DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
    DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
    DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
    DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
    DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
    DRV - [2009/10/07 04:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
    DRV - [2009/05/19 18:52:20 | 001,166,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/04/30 19:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
    DRV - [2009/04/30 18:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
    DRV - [2009/04/30 18:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
    DRV - [2009/04/11 00:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
    DRV - [2009/01/20 06:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2008/10/23 01:54:22 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/10/23 01:54:22 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/10/23 01:54:22 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
    DRV - [2008/06/29 10:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
     
  17. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    DRV - [2008/04/17 14:05:16 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
    DRV - [2008/01/20 22:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2008/01/20 22:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2008/01/20 22:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
    DRV - [2008/01/20 22:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2008/01/20 22:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2008/01/20 22:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2008/01/20 22:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2008/01/20 22:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2008/01/20 22:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2008/01/20 22:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2008/01/20 22:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2008/01/20 22:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2008/01/20 22:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2008/01/20 22:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2008/01/20 22:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2008/01/20 22:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2008/01/20 22:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2008/01/20 22:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2008/01/20 22:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2008/01/20 22:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
    DRV - [2008/01/20 22:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2007/10/31 21:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
    DRV - [2007/10/31 21:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
    DRV - [2007/10/31 21:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
    DRV - [2007/10/17 19:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
    DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/11/02 03:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "yahoo.com"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
    FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
    FF - prefs.js..extensions.enabledItems: {90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
    FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
    FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50
    FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
    FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
    FF - prefs.js..extensions.enabledItems: {771f3037-9885-4423-b50f-a5ede4854e26}:1.300.306

    FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/10/17 16:27:34 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/10/15 23:32:58 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 00:35:46 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/28 00:35:46 | 000,000,000 | ---D | M]

    [2010/10/10 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Extensions
    [2010/10/03 13:33:33 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
    [2010/10/10 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
    [2010/11/03 17:05:15 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions
    [2010/10/07 20:15:42 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
    [2010/11/01 13:50:50 | 000,000,000 | ---D | M] (InboxDollars) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{771f3037-9885-4423-b50f-a5ede4854e26}
    [2010/10/06 19:40:07 | 000,000,000 | ---D | M] (IMVU Inc Toolbar) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
    [2010/10/06 19:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
    [2010/11/03 17:05:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/10/11 19:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
    [2010/10/26 13:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
    [2010/10/07 18:06:25 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\DeviceDetection@logitech.com
    [2010/11/01 13:51:01 | 000,001,734 | ---- | M] () -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\searchplugins\search-the-web.xml
    [2010/10/27 18:22:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/10/03 16:44:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/10/27 18:22:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2007/12/17 13:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
    [2008/12/01 12:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

    O1 HOSTS File: ([2010/11/03 19:05:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
    O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
    O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk = C:\Program Files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    O24 - Desktop BackupWallPaper: C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/11/03 19:21:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2010/11/03 19:17:24 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
    [2010/11/03 19:08:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2010/11/03 19:08:10 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\temp
    [2010/11/03 18:52:57 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2010/11/03 18:52:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
    [2010/11/03 01:54:46 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\Tific
    [2010/11/03 01:54:44 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Symantec
    [2010/11/02 23:47:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2010/11/02 20:22:05 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2010/11/02 20:22:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2010/11/02 20:22:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2010/11/02 20:21:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010/11/02 20:21:05 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/11/02 18:38:12 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
    [2010/10/31 16:22:11 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\CyberLink
    [2010/10/30 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\videos
    [2010/10/28 17:04:56 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symtdiv.sys
    [2010/10/28 17:04:56 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symds.sys
    [2010/10/28 17:04:56 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.sys
    [2010/10/28 17:04:56 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symefa.sys
    [2010/10/28 17:04:56 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\ironx86.sys
    [2010/10/28 17:04:56 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.sys
    [2010/10/28 17:04:55 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.sys
    [2010/10/28 17:04:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0403000.005
    [2010/10/27 18:22:38 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2010/10/27 18:22:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2010/10/27 18:22:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2010/10/27 16:00:52 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2010/10/27 16:00:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010/10/27 15:55:49 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Apple
    [2010/10/27 15:42:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
    [2010/10/27 15:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
    [2010/10/27 15:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\CA
    [2010/10/27 15:35:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
    [2010/10/27 15:34:38 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
    [2010/10/27 15:34:38 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
    [2010/10/27 15:34:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
    [2010/10/27 15:34:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
    [2010/10/27 15:34:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
    [2010/10/27 15:34:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
    [2010/10/27 15:34:26 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
    [2010/10/27 15:34:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
    [2010/10/27 15:34:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
    [2010/10/27 15:34:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
    [2010/10/27 15:34:06 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
    [2010/10/27 15:34:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
    [2010/10/27 15:34:06 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
    [2010/10/27 15:34:06 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
    [2010/10/27 15:34:06 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
    [2010/10/27 15:28:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
    [2010/10/27 15:22:54 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Immunet
    [2010/10/27 15:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
    [2010/10/27 15:20:06 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2010/10/27 15:20:06 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2010/10/27 15:20:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2010/10/27 15:20:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2010/10/27 15:20:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2010/10/27 15:20:04 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2010/10/27 15:20:04 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2010/10/27 15:20:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2010/10/27 15:20:04 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010/10/27 15:20:03 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010/10/27 15:20:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2010/10/27 15:20:02 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2010/10/27 15:20:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2010/10/27 15:20:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2010/10/27 15:20:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2010/10/27 15:20:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2010/10/27 15:20:01 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2010/10/27 15:18:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2010/10/27 15:18:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2010/10/27 15:18:04 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2010/10/27 15:18:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2010/10/27 15:18:04 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2010/10/27 15:18:04 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2010/10/27 15:18:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
    [2010/10/27 15:18:03 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2010/10/27 15:18:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2010/10/27 15:18:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2010/10/27 15:18:03 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2010/10/27 15:18:02 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
    [2010/10/27 15:18:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2010/10/27 15:18:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2010/10/27 15:18:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2010/10/27 15:18:01 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2010/10/27 15:18:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2010/10/27 15:18:00 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2010/10/27 15:18:00 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2010/10/27 15:17:59 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
    [2010/10/27 15:17:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2010/10/27 15:17:59 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2010/10/27 15:17:59 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
    [2010/10/26 13:32:18 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
    [2010/10/26 13:32:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
    [2010/10/26 13:32:17 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
    [2010/10/25 12:11:11 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\Scanners
    [2010/10/24 14:47:47 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\textures
    [2010/10/23 16:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
    [2010/10/23 16:18:33 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Paint.NET
    [2010/10/20 09:53:47 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\CrashDumps
    [2010/10/19 02:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ali Baba Buddy Pogo
    [2010/10/17 17:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\Stackem Buddy Pogo
    [2010/10/17 14:27:46 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\screenshots
    [2010/10/15 23:32:32 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
    [2010/10/15 23:32:28 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
    [2010/10/15 23:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
    [2010/10/15 23:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
    [2010/10/15 23:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
    [2010/10/15 23:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2010/10/15 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
    [2010/10/15 19:43:43 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\Malwarebytes
    [2010/10/15 19:43:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/10/15 19:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/10/15 19:43:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/10/15 19:43:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/10/15 19:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2010/10/15 19:14:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
    [2010/10/15 19:11:29 | 000,000,000 | ---D | C] -- C:\Users\jonathan\LimeWire
    [2010/10/15 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Fugazo
    [2010/10/15 18:19:15 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\WildTangent
    [2010/10/14 23:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\BadgeHelp
    [2010/10/14 17:34:50 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\InstallShield
    [2010/10/14 16:30:32 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
    [2010/10/14 16:30:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
    [2010/10/14 16:30:01 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
    [2010/10/14 16:29:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
    [2010/10/14 16:29:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
    [2010/10/14 16:29:56 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2010/10/14 16:29:54 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
    [2010/10/14 16:29:52 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
    [2010/10/14 00:11:54 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
    [2010/10/14 00:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast Universal Caller ID
    [2010/10/14 00:11:07 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Adobe
    [2010/10/13 19:02:27 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
    [2010/10/13 19:02:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
    [2010/10/13 19:02:25 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
    [2010/10/11 23:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Imikimi
    [2010/10/11 23:37:42 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\imvu
    [2010/10/11 19:53:07 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\QuickScan
    [2010/10/11 18:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
    [2010/10/11 18:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eSellerate
    [2010/10/10 16:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
    [2010/10/10 16:00:45 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
    [2010/10/10 16:00:44 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
    [2010/10/10 16:00:44 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
    [2010/10/10 15:59:30 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
    [2010/10/10 15:59:30 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
    [2010/10/10 15:59:29 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
    [2010/10/10 15:59:29 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2010/10/10 15:59:29 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
    [2010/10/10 15:59:29 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
    [2010/10/10 15:59:29 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
    [2010/10/10 15:59:29 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2010/10/10 15:59:29 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
    [2010/10/10 15:59:29 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
    [2010/10/10 15:59:29 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
    [2010/10/10 15:59:29 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
    [2010/10/10 15:59:29 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
    [2010/10/10 15:59:29 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
    [2010/10/10 15:59:29 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
    [2010/10/10 15:59:29 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2010/10/10 15:59:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
    [2010/10/10 15:59:29 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
    [2010/10/10 15:59:29 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
    [2010/10/10 15:59:29 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
    [2010/10/10 15:59:29 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
    [2010/10/10 15:59:29 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
    [2010/10/10 15:59:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
    [2010/10/10 15:59:28 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
    [2010/10/10 15:59:28 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
    [2010/10/10 15:58:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
    [2010/10/10 15:58:24 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
    [2010/10/10 15:58:22 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
    [2010/10/10 15:58:21 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
    [2010/10/10 15:58:21 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
    [2010/10/10 15:58:21 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
    [2010/10/10 15:58:21 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
    [2010/10/10 15:58:21 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
    [2010/10/10 15:58:21 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
    [2010/10/10 15:56:36 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
    [2010/10/10 15:56:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
    [2010/10/09 20:27:55 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Documents\IMVU Projects
    [2010/10/08 20:15:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
    [2010/10/08 20:15:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
    [2010/10/08 20:15:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
    [2010/10/08 19:56:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
    [2010/10/07 21:21:27 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Yahoo!
    [2010/10/07 18:19:58 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
    [2010/10/07 18:19:58 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
    [2010/10/07 18:19:58 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
    [2010/10/07 18:12:29 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\LogiShrd
    [2010/10/07 18:12:12 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\Leadertech
    [2010/10/07 18:09:53 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVUI2RC.dll
    [2010/10/07 18:09:53 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVUI2.dll
    [2010/10/07 18:09:53 | 000,265,496 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lvrs.sys
    [2010/10/07 18:09:52 | 002,687,512 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\LV302V32.SYS
    [2010/10/07 18:09:52 | 000,416,280 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVCodec2.dll
    [2010/10/07 18:09:52 | 000,199,192 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\lvci1201278.dll
    [2010/10/07 18:09:52 | 000,013,976 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lv302af.sys
    [2010/10/07 18:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
    [2010/10/07 18:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
    [2010/10/07 18:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
    [2010/10/07 17:59:08 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
    [2010/10/07 17:59:05 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
    [2010/10/07 17:59:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
    [2010/10/07 17:59:03 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
    [2010/10/07 17:59:02 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
    [2010/10/07 17:59:01 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
    [2010/10/07 17:58:59 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
    [2010/10/07 17:58:59 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
    [2010/10/07 17:58:58 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
    [2010/10/07 17:58:58 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
    [2010/10/07 17:58:56 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
    [2010/10/07 17:58:56 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
    [2010/10/07 17:58:56 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
    [2010/10/07 17:58:55 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
    [2010/10/07 17:58:54 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
    [2010/10/07 17:58:53 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
    [2010/10/07 17:58:53 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
    [2010/10/07 17:58:53 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
    [2010/10/07 17:58:53 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
    [2010/10/07 17:58:52 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
    [2010/10/07 17:58:51 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
    [2010/10/07 17:58:51 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
    [2010/10/07 17:58:51 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
    [2010/10/07 17:58:51 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
    [2010/10/07 17:58:50 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
    [2010/10/07 17:58:49 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
    [2010/10/07 17:58:49 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
    [2010/10/07 17:58:49 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
    [2010/10/07 17:58:48 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
    [2010/10/07 17:58:48 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
    [2010/10/07 17:58:48 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
    [2010/10/07 17:58:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
    [2010/10/07 17:58:46 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
    [2010/10/07 17:58:45 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
    [2010/10/07 17:58:45 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
    [2010/10/07 17:58:45 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
    [2010/10/07 17:58:45 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
    [2010/10/07 17:58:45 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
    [2010/10/07 17:58:44 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
    [2010/10/07 17:58:44 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
    [2010/10/07 17:58:44 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
    [2010/10/07 17:58:43 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
    [2010/10/07 17:58:43 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
    [2010/10/07 17:58:43 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
    [2010/10/07 17:58:43 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
    [2010/10/07 17:58:43 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
    [2010/10/07 17:58:43 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
    [2010/10/07 17:58:42 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
    [2010/10/07 17:58:42 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
    [2010/10/07 17:58:42 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
    [2010/10/07 17:58:41 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
    [2010/10/07 17:58:41 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
    [2010/10/07 17:58:41 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
    [2010/10/07 17:58:41 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
    [2010/10/07 17:58:40 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
    [2010/10/07 17:58:40 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
    [2010/10/07 17:58:40 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
    [2010/10/07 17:58:40 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
    [2010/10/07 17:58:39 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
    [2010/10/07 17:58:39 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
    [2010/10/07 17:58:39 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
    [2010/10/07 17:58:39 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
    [2010/10/07 17:58:39 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
    [2010/10/07 17:58:39 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
    [2010/10/07 17:58:39 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
    [2010/10/07 17:58:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
    [2010/10/07 17:58:38 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
    [2010/10/07 17:58:37 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2010/10/07 17:58:37 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
    [2010/10/07 17:58:37 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
    [2010/10/07 17:58:37 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
    [2010/10/07 17:58:37 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
    [2010/10/07 17:58:37 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
    [2010/10/07 17:58:37 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    [2010/10/07 17:58:36 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
    [2010/10/07 17:58:36 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
    [2010/10/07 17:58:35 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
    [2010/10/07 17:58:35 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
    [2010/10/07 17:58:35 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
    [2010/10/07 17:58:35 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
    [2010/10/07 17:58:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
    [2010/10/07 17:58:35 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
    [2010/10/07 17:58:34 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
    [2010/10/07 17:58:34 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
    [2010/10/07 17:58:33 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
    [2010/10/07 17:58:33 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
    [2010/10/07 17:58:33 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
    [2010/10/07 17:58:33 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
    [2010/10/07 17:58:33 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
    [2010/10/07 17:58:32 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
    [2010/10/07 17:58:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
    [2010/10/07 17:58:31 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
    [2010/10/07 17:58:31 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
    [2010/10/07 17:58:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
    [2010/10/07 17:58:30 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
    [2010/10/07 17:58:30 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
    [2010/10/07 17:58:30 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
    [2010/10/07 17:58:30 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
    [2010/10/07 17:58:30 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
    [2010/10/07 17:58:29 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
    [2010/10/07 17:58:29 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
    [2010/10/07 17:58:29 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
    [2010/10/07 17:58:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
    [2010/10/07 17:58:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
    [2010/10/07 17:58:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
     
  18. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    [2010/10/07 17:58:26 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
    [2010/10/07 17:58:26 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
    [2010/10/07 17:58:26 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
    [2010/10/07 17:58:26 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
    [2010/10/07 17:58:26 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
    [2010/10/07 17:58:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
    [2010/10/07 17:58:26 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
    [2010/10/07 17:58:26 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
    [2010/10/07 17:58:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
    [2010/10/07 17:58:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
    [2010/10/07 17:58:25 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
    [2010/10/07 17:58:25 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
    [2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
    [2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
    [2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
    [2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
    [2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
    [2010/10/07 17:58:24 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
    [2010/10/07 17:58:24 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
    [2010/10/07 17:58:24 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
    [2010/10/07 17:58:24 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
    [2010/10/07 17:58:24 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
    [2010/10/07 17:58:24 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
    [2010/10/07 17:58:24 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
    [2010/10/07 17:58:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
    [2010/10/07 17:58:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
    [2010/10/07 17:58:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
    [2010/10/07 17:58:24 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
    [2010/10/07 17:58:24 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
    [2010/10/07 17:58:23 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
    [2010/10/07 17:58:23 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
    [2010/10/07 17:58:23 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
    [2010/10/07 17:58:23 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
    [2010/10/07 17:58:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
    [2010/10/07 17:58:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
    [2010/10/07 17:58:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
    [2010/10/07 17:58:22 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
    [2010/10/07 17:58:22 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
    [2010/10/07 17:58:22 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
    [2010/10/07 17:58:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
    [2010/10/07 17:58:22 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
    [2010/10/07 17:58:22 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
    [2010/10/07 17:58:22 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
    [2010/10/07 17:58:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
    [2010/10/07 17:58:22 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
    [2010/10/07 17:58:21 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
    [2010/10/07 17:58:21 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
    [2010/10/07 17:58:21 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
    [2010/10/07 17:58:21 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
    [2010/10/07 17:58:21 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
    [2010/10/07 17:58:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
    [2010/10/07 17:58:21 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
    [2010/10/07 17:58:20 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
    [2010/10/07 17:58:20 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
    [2010/10/07 17:58:20 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
    [2010/10/07 17:58:20 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
    [2010/10/07 17:58:19 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
    [2010/10/07 17:58:19 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
    [2010/10/07 17:58:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
    [2010/10/07 17:58:19 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
    [2010/10/07 17:58:19 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
    [2010/10/07 17:58:19 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
    [2010/10/07 17:58:18 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
    [2010/10/07 17:58:18 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
    [2010/10/07 17:58:17 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
    [2010/10/07 17:58:16 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
    [2010/10/07 17:58:16 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
    [2010/10/07 17:58:16 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
    [2010/10/07 17:58:16 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
    [2010/10/07 17:58:16 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
    [2010/10/07 17:58:16 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
    [2010/10/07 17:58:16 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
    [2010/10/07 17:58:16 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
    [2010/10/07 17:58:16 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
    [2010/10/07 17:58:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
    [2010/10/07 17:58:15 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
    [2010/10/07 17:58:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
    [2010/10/07 17:58:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
    [2010/10/07 17:58:15 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
    [2010/10/07 17:58:15 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
    [2010/10/07 17:58:14 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
    [2010/10/07 17:58:14 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
    [2010/10/07 17:58:14 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
    [2010/10/07 17:58:14 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
    [2010/10/07 17:58:14 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
    [2010/10/07 17:58:14 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
    [2010/10/07 17:58:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
    [2010/10/07 17:58:14 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
    [2010/10/07 17:58:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
    [2010/10/07 17:58:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
    [2010/10/07 17:58:14 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
    [2010/10/07 17:58:14 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
    [2010/10/07 17:58:14 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
    [2010/10/07 17:58:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
    [2010/10/07 17:58:13 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
    [2010/10/07 17:58:13 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
    [2010/10/07 17:58:13 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
    [2010/10/07 17:58:13 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
    [2010/10/07 17:58:13 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
    [2010/10/07 17:58:13 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
    [2010/10/07 17:58:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
    [2010/10/07 17:58:12 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
    [2010/10/07 17:58:12 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
    [2010/10/07 17:58:12 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
    [2010/10/07 17:58:12 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
    [2010/10/07 17:58:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
    [2010/10/07 17:58:12 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
    [2010/10/07 17:58:12 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
    [2010/10/07 17:58:12 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
    [2010/10/07 17:58:12 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
    [2010/10/07 17:58:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
    [2010/10/07 17:58:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
    [2010/10/07 17:58:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
    [2010/10/07 17:58:12 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
    [2010/10/07 17:58:11 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
    [2010/10/07 17:58:11 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
    [2010/10/07 17:58:11 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
    [2010/10/07 17:58:11 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
    [2010/10/07 17:58:11 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
    [2010/10/07 17:58:11 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
    [2010/10/07 17:58:11 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
    [2010/10/07 17:58:11 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
    [2010/10/07 17:58:11 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
    [2010/10/07 17:58:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
    [2010/10/07 17:58:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
    [2010/10/07 17:58:11 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
    [2010/10/07 17:58:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
    [2010/10/07 17:58:10 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
    [2010/10/07 17:58:10 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
    [2010/10/07 17:58:10 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
    [2010/10/07 17:58:10 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
    [2010/10/07 17:58:10 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
    [2010/10/07 17:58:10 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
     
  19. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    [2010/10/07 17:58:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
    [2010/10/07 17:58:09 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
    [2010/10/07 17:58:09 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
    [2010/10/07 17:58:09 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
    [2010/10/07 17:58:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
    [2010/10/07 17:58:09 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
    [2010/10/07 17:58:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
    [2010/10/07 17:58:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
    [2010/10/07 17:58:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
    [2010/10/07 17:58:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
    [2010/10/07 17:58:09 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
    [2010/10/07 17:58:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
    [2010/10/07 17:58:08 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
    [2010/10/07 17:58:08 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
    [2010/10/07 17:58:08 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
    [2010/10/07 17:58:08 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
    [2010/10/07 17:58:08 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
    [2010/10/07 17:58:08 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
    [2010/10/07 17:58:08 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
    [2010/10/07 17:58:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
    [2010/10/07 17:58:08 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
    [2010/10/07 17:58:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
    [2010/10/07 17:58:08 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
    [2010/10/07 17:58:07 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
    [2010/10/07 17:58:07 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
    [2010/10/07 17:58:07 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
    [2010/10/07 17:58:07 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
    [2010/10/07 17:58:07 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
    [2010/10/07 17:58:07 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
    [2010/10/07 17:58:07 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
    [2010/10/07 17:58:07 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
    [2010/10/07 17:58:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
    [2010/10/07 17:58:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
    [2010/10/07 17:58:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
    [2010/10/07 17:58:07 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
    [2010/10/07 17:58:06 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
    [2010/10/07 17:58:06 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
    [2010/10/07 17:58:06 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
    [2010/10/07 17:58:06 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
    [2010/10/07 17:58:06 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
    [2010/10/07 17:58:06 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
    [2010/10/07 17:58:06 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
    [2010/10/07 17:58:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
    [2010/10/07 17:58:06 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
    [2010/10/07 17:58:06 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
    [2010/10/07 17:58:06 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
    [2010/10/07 17:58:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
    [2010/10/07 17:58:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
    [2010/10/07 17:58:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
    [2010/10/07 17:58:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
    [2010/10/07 17:58:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
    [2010/10/07 17:58:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
    [2010/10/07 17:58:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
    [2010/10/07 17:58:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
    [2010/10/07 17:58:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
    [2010/10/07 17:58:05 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
    [2010/10/07 17:58:05 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
    [2010/10/07 17:58:05 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
    [2010/10/07 17:58:05 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
    [2010/10/07 17:58:05 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
    [2010/10/07 17:58:05 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
    [2010/10/07 17:58:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
    [2010/10/07 17:58:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
    [2010/10/07 17:58:05 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
    [2010/10/07 17:58:05 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
    [2010/10/07 17:58:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
    [2010/10/07 17:58:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
    [2010/10/07 17:58:05 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
    [2010/10/07 17:58:05 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
    [2010/10/07 17:58:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
    [2010/10/07 17:58:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
    [2010/10/07 17:58:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
    [2010/10/07 17:58:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
    [2010/10/07 17:58:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
    [2010/10/07 17:58:04 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
    [2010/10/07 17:58:04 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
    [2010/10/07 17:58:04 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
    [2010/10/07 17:58:04 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
    [2010/10/07 17:58:04 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
    [2010/10/07 17:58:04 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
    [2010/10/07 17:58:04 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
    [2010/10/07 17:58:04 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
    [2010/10/07 17:58:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
    [2010/10/07 17:58:04 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
    [2010/10/07 17:58:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
    [2010/10/07 17:58:04 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
    [2010/10/07 17:58:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
    [2010/10/07 17:58:03 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
    [2010/10/07 17:58:03 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
    [2010/10/07 17:58:03 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
    [2010/10/07 17:58:03 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
    [2010/10/07 17:58:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
    [2010/10/07 17:58:03 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
    [2010/10/07 17:58:03 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
    [2010/10/07 17:58:03 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
    [2010/10/07 17:58:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
    [2010/10/07 17:58:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
    [2010/10/07 17:58:03 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
    [2010/10/07 17:58:03 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
    [2010/10/07 17:58:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
    [2010/10/07 17:58:02 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
    [2010/10/07 17:58:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
    [2010/10/07 17:58:02 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
    [2010/10/07 17:58:01 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
    [2010/10/07 17:58:01 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
    [2010/10/07 17:58:01 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
    [2010/10/07 17:58:01 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
    [2010/10/07 17:58:01 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
    [2010/10/07 17:58:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
    [2010/10/07 17:58:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
    [2010/10/07 17:58:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
    [2010/10/07 17:58:00 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
    [2010/10/07 17:58:00 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
    [2010/10/07 17:58:00 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
    [2010/10/07 17:58:00 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
    [2010/10/07 17:58:00 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
    [2010/10/07 17:58:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
    [2010/10/07 17:58:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
    [2010/10/07 17:58:00 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
    [2010/10/07 17:58:00 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
    [2010/10/07 17:58:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
    [2010/10/07 17:58:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
    [2010/10/07 17:57:59 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
    [2010/10/07 17:57:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
    [2010/10/07 17:57:59 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
    [2010/10/07 17:57:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
    [2010/10/07 17:57:59 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
    [2010/10/07 17:57:59 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
    [2010/10/07 17:57:59 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
    [2010/10/07 17:57:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
    [2010/10/07 17:57:59 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
    [2010/10/07 17:57:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
    [2010/10/07 17:57:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
    [2010/10/07 17:57:59 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
    [2010/10/07 17:57:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
    [2010/10/07 17:57:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
    [2010/10/07 17:57:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
    [2010/10/07 17:57:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
    [2010/10/07 17:57:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
    [2010/10/07 17:57:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
    [2010/10/07 17:57:58 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
    [2010/10/07 17:57:58 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
    [2010/10/07 17:57:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
    [2010/10/07 17:57:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
    [2010/10/07 17:57:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
    [2010/10/07 17:57:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
    [2010/10/07 17:57:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
    [2010/10/07 17:57:58 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
    [2010/10/07 17:57:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
    [2010/10/07 17:57:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
    [2010/10/07 17:57:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
    [2010/10/07 17:57:57 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
    [2010/10/07 17:57:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
    [2010/10/07 17:57:57 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
    [2010/10/07 17:57:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
    [2010/10/07 17:57:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
    [2010/10/07 17:57:57 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
    [2010/10/07 17:57:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
    [2010/10/07 17:57:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
    [2010/10/07 17:57:56 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
    [2010/10/07 17:57:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
    [2010/10/07 17:57:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
    [2010/10/07 17:57:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
    [2010/10/07 17:57:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
    [2010/10/07 17:57:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
    [2010/10/07 17:57:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
    [2010/10/07 17:57:55 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
    [2010/10/07 17:57:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
    [2010/10/07 17:57:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
    [2010/10/07 17:57:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
    [2010/10/07 17:57:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
    [2010/10/07 17:57:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
    [2010/10/07 17:57:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
    [2010/10/07 17:57:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
    [2010/10/07 17:57:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
    [2010/10/07 17:57:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
    [2010/10/07 17:57:44 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
    [2010/10/07 17:57:40 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
    [2010/10/07 17:57:40 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
    [2010/10/07 17:57:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
    [2010/10/07 17:45:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
    [2010/10/07 17:45:19 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
    [2010/10/06 19:33:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
    [2010/10/06 15:44:22 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010/10/06 15:44:22 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010/10/06 15:43:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
    [2010/10/06 15:42:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
    [2010/10/06 15:42:04 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
    [2010/10/06 15:41:16 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
    [2010/10/06 15:41:16 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
    [2010/10/06 15:40:56 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
    [2010/10/06 15:40:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
    [2010/10/06 15:40:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
    [2010/10/06 15:39:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
    [2010/10/06 15:39:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
    [2010/10/06 15:39:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
    [2010/10/06 15:39:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
    [2010/10/06 15:39:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
    [2010/10/06 15:39:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
    [2010/10/06 15:39:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
    [2010/10/06 15:39:24 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
    [2010/10/06 15:39:11 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
    [2010/10/06 15:39:11 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010/10/06 15:39:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010/10/06 15:39:10 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010/10/06 15:38:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
    [2010/10/06 15:38:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
    [2010/10/06 15:38:08 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
    [2010/10/06 15:38:08 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
    [2010/10/06 15:38:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
    [2010/10/06 15:38:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
    [2010/10/06 15:38:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
    [2010/10/06 15:37:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
    [2010/10/06 15:37:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
    [2010/10/06 15:36:31 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
    [2010/10/06 15:36:09 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
    [2010/10/06 15:36:08 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
    [2010/10/06 15:36:08 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
    [2010/10/06 15:36:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
    [2010/10/06 15:36:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
    [2010/10/06 15:36:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
    [2010/10/06 15:35:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/10/06 15:34:55 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2010/10/06 15:34:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
    [2010/10/06 15:34:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2010/10/06 15:34:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
    [2010/10/06 15:33:43 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010/10/06 15:33:43 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010/10/06 15:33:42 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010/10/06 15:33:42 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010/10/06 15:33:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010/10/06 15:33:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010/10/06 15:33:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010/10/06 15:33:41 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010/10/06 15:33:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
    [2010/10/06 15:33:17 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
    [2010/10/06 15:22:35 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
    [2010/10/06 15:21:33 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unr
     
  20. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    egmp2.exe
    [2010/10/06 15:21:16 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010/10/06 15:21:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
    [2010/10/06 15:21:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
    [2010/10/06 15:21:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
    [2010/10/06 15:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2010/08/25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

    ========== Files - Modified Within 30 Days ==========

    [2010/11/03 19:36:45 | 001,822,270 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
    [2010/11/03 19:29:39 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/11/03 19:29:39 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/11/03 19:23:31 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
    [2010/11/03 19:22:19 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/11/03 19:22:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/11/03 19:22:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
    [2010/11/03 19:05:46 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2010/11/03 16:31:59 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2010/11/03 01:33:06 | 003,899,533 | R--- | M] () -- C:\Users\jonathan\Desktop\ComboFix.exe
    [2010/11/02 19:49:53 | 000,309,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/11/02 19:43:01 | 000,007,728 | ---- | M] () -- C:\Users\jonathan\AppData\Local\d3d9caps.dat
    [2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/11/02 13:43:10 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForjonathan.job
    [2010/11/02 02:08:46 | 000,086,528 | ---- | M] () -- C:\Windows\MBR.exe
    [2010/11/01 00:31:46 | 000,007,680 | ---- | M] () -- C:\Users\jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/30 14:18:15 | 000,000,938 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2010/10/29 11:02:58 | 000,002,556 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
    [2010/10/27 15:48:19 | 000,000,943 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/10/23 16:21:59 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
    [2010/10/21 14:02:16 | 000,001,798 | ---- | M] () -- C:\Users\jonathan\Desktop\IMVU.lnk
    [2010/10/15 23:32:12 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
    [2010/10/15 23:32:12 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
    [2010/10/15 23:32:12 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
    [2010/10/15 23:09:34 | 000,001,079 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/10/15 23:04:41 | 000,000,036 | ---- | M] () -- C:\Users\jonathan\AppData\Local\housecall.guid.cache
    [2010/10/15 21:17:29 | 000,058,880 | ---- | M] () -- C:\Users\jonathan\limewire.props
    [2010/10/15 21:17:29 | 000,000,259 | ---- | M] () -- C:\Users\jonathan\mojito.props
    [2010/10/15 19:18:34 | 001,059,831 | ---- | M] () -- C:\Users\jonathan\library5.dat
    [2010/10/15 19:18:33 | 000,702,949 | ---- | M] () -- C:\Users\jonathan\createtimes.cache
    [2010/10/15 19:18:32 | 001,208,136 | ---- | M] () -- C:\Users\jonathan\fileurns.cache
    [2010/10/14 00:11:41 | 000,000,978 | ---- | M] () -- C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk
    [2010/10/14 00:11:37 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Comcast Universal Caller ID.lnk
    [2010/10/13 19:02:24 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
    [2010/10/13 18:52:13 | 000,001,031 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
    [2010/10/07 18:09:15 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
    [2010/10/04 20:33:55 | 000,022,215 | ---- | M] () -- C:\Users\jonathan\Documents\l_ef889272d8804d32bee0c0eb6492600c.jpg

    ========== Files Created - No Company Name ==========

    [2010/11/03 14:47:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2010/11/03 01:31:43 | 003,899,533 | R--- | C] () -- C:\Users\jonathan\Desktop\ComboFix.exe
    [2010/11/02 20:22:05 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
    [2010/11/02 20:22:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2010/11/02 20:22:05 | 000,086,528 | ---- | C] () -- C:\Windows\MBR.exe
    [2010/11/02 20:22:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2010/11/02 20:22:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2010/11/02 19:29:57 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
    [2010/11/02 19:29:57 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
    [2010/10/30 14:18:15 | 000,000,938 | ---- | C] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
    [2010/10/30 14:17:45 | 000,007,680 | ---- | C] () -- C:\Users\jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/29 11:02:12 | 001,822,270 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
    [2010/10/28 17:04:56 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.cat
    [2010/10/28 17:04:56 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.cat
    [2010/10/28 17:04:56 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.cat
    [2010/10/28 17:04:56 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.cat
    [2010/10/28 17:04:56 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.cat
    [2010/10/28 17:04:56 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.cat
    [2010/10/28 17:04:56 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.inf
    [2010/10/28 17:04:56 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.inf
    [2010/10/28 17:04:56 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.inf
    [2010/10/28 17:04:56 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.inf
    [2010/10/28 17:04:56 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.inf
    [2010/10/28 17:04:56 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.inf
    [2010/10/28 17:04:56 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.inf
    [2010/10/28 17:04:55 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.cat
    [2010/10/28 17:04:55 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.cat
    [2010/10/28 17:04:55 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.inf
    [2010/10/28 17:04:31 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\isolate.ini
    [2010/10/27 15:34:12 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
    [2010/10/27 15:34:12 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
    [2010/10/27 15:34:12 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
    [2010/10/27 15:20:03 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
    [2010/10/23 16:21:57 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
    [2010/10/15 23:32:28 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
    [2010/10/15 23:32:28 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
    [2010/10/15 23:32:01 | 000,002,556 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
    [2010/10/15 23:09:34 | 000,001,079 | ---- | C] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/10/15 23:04:41 | 000,000,036 | ---- | C] () -- C:\Users\jonathan\AppData\Local\housecall.guid.cache
    [2010/10/15 19:17:29 | 001,208,136 | ---- | C] () -- C:\Users\jonathan\fileurns.cache
    [2010/10/15 19:11:29 | 001,059,831 | ---- | C] () -- C:\Users\jonathan\library5.dat
    [2010/10/15 19:11:29 | 000,702,949 | ---- | C] () -- C:\Users\jonathan\createtimes.cache
    [2010/10/15 19:11:29 | 000,058,880 | ---- | C] () -- C:\Users\jonathan\limewire.props
    [2010/10/15 19:11:29 | 000,000,259 | ---- | C] () -- C:\Users\jonathan\mojito.props
    [2010/10/14 00:11:41 | 000,000,978 | ---- | C] () -- C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk
    [2010/10/14 00:11:37 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Comcast Universal Caller ID.lnk
    [2010/10/13 19:11:19 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
    [2010/10/13 18:52:13 | 000,001,031 | ---- | C] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
    [2010/10/09 14:50:21 | 000,007,728 | ---- | C] () -- C:\Users\jonathan\AppData\Local\d3d9caps.dat
    [2010/10/07 18:09:53 | 000,034,068 | ---- | C] () -- C:\Windows\System32\Repository.reg
    [2010/10/07 18:09:52 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
    [2010/10/07 18:09:15 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
    [2010/10/07 17:58:43 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
    [2010/10/07 17:58:41 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
    [2010/10/07 17:58:37 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
    [2010/10/07 17:58:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2010/10/07 17:58:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2010/10/07 17:58:33 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
    [2010/10/07 17:58:30 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
     
  21. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    [2010/10/07 17:58:21 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
    [2010/10/07 17:58:19 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
    [2010/10/07 17:57:55 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
    [2010/10/06 15:39:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
    [2010/10/04 20:33:53 | 000,022,215 | ---- | C] () -- C:\Users\jonathan\Documents\l_ef889272d8804d32bee0c0eb6492600c.jpg
    [2010/10/03 14:26:08 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
    [2010/10/03 14:26:00 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    [2010/10/03 14:25:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    [2010/10/03 14:24:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    [2010/10/03 14:23:31 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    [2010/10/03 14:22:25 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini
    [2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
    [2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
    [2009/10/07 04:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
    [2009/10/07 04:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
    [2008/10/23 02:44:13 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    [2008/10/23 02:38:23 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    [2008/10/23 02:36:27 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    [2008/10/23 02:35:06 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    [2008/07/06 16:29:46 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
    [2008/06/29 10:52:14 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
    [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2010/11/03 19:21:41 | 000,015,388 | ---- | M] () -- C:\aaw7boot.log
    [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
    [2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
    [2010/11/03 19:08:08 | 000,029,295 | ---- | M] () -- C:\ComboFix.txt
    [2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
    [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
    [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
    [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
    [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
    [2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
    [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
    [2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
    [2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
    [2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
    [2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
    [2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
    [2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
    [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
    [2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2010/11/03 19:21:41 | 3462,864,896 | -HS- | M] () -- C:\pagefile.sys
    [2010/10/14 17:37:18 | 000,000,184 | ---- | M] () -- C:\setup.log
    [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
    [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
    [2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

    < %systemroot%\Fonts\*.com >
    [2006/11/02 08:35:34 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2006/11/02 08:35:34 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2006/11/02 08:35:34 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2010/10/08 20:03:44 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2006/09/18 17:37:34 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >
    [2008/01/20 22:57:01 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2008/01/20 23:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
    [2008/01/20 23:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
    [2008/01/20 23:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
    [2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
    [2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2010/10/30 14:18:15 | 000,000,286 | -HS- | M] () -- C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

    < %USERPROFILE%\Desktop\*.exe >
    [2010/11/03 01:33:06 | 003,899,533 | R--- | M] () -- C:\Users\jonathan\Desktop\ComboFix.exe
    [2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >
     
  22. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >
    [2010/10/08 20:21:19 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
    [2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
    [2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
    [2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
    [2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
    [2010/10/08 20:20:49 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2010/10/03 16:12:53 | 000,000,402 | -HS- | M] () -- C:\Users\jonathan\Favorites\desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2010/11/03 19:23:31 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
    [2010/10/03 14:26:00 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    [2008/10/23 02:44:34 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    [2010/10/03 14:24:41 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    [2008/10/23 02:38:11 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    [2010/10/03 14:23:31 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    [2010/10/03 14:25:39 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    [2008/10/23 02:36:16 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    [2008/10/23 02:44:03 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    [2010/10/03 14:26:09 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:40751495
    @Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:E37F3E40
    @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:4D5855E9
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:F43628AB

    < End of report >
     
  23. Broni

    Broni Malware Annihilator Posts: 52,884   +344

    We need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.

    =======================================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
      @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:40751495
      @Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:E37F3E40
      @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:4D5855E9
      @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:F43628AB
      
      :Services
      
      :Reg
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    =====================================================================

    Last scans....

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • IMPORTANT! UN-check Remove found threats
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
     
  24. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    All processes killed
    ========== OTL ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
    ADS C:\ProgramData\Temp:40751495 deleted successfully.
    ADS C:\ProgramData\Temp:E37F3E40 deleted successfully.
    ADS C:\ProgramData\Temp:4D5855E9 deleted successfully.
    ADS C:\ProgramData\Temp:F43628AB deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: john
    ->Temp folder emptied: 39581 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->FireFox cache emptied: 4526318 bytes
    ->Flash cache emptied: 456 bytes

    User: jonathan
    ->Temp folder emptied: 415074 bytes
    ->Temporary Internet Files folder emptied: 2221773 bytes
    ->Java cache emptied: 7588391 bytes
    ->FireFox cache emptied: 86209507 bytes
    ->Flash cache emptied: 668 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 109080 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 96.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: john
    ->Flash cache emptied: 0 bytes

    User: jonathan
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.17.2 log created on 11032010_202023

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...


    working on the other two now
     
  25. Michigan313

    Michigan313 TS Rookie Topic Starter Posts: 21

    Results of screen317's Security Check version 0.99.5
    Windows Vista Service Pack 2 (UAC is enabled)
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Firewall Disabled!
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Ad-Aware
    Malwarebytes' Anti-Malware
    HijackThis 2.0.2
    CCleaner
    Java(TM) 6 Update 22
    Out of date Java installed!
    Adobe Flash Player 10.1.85.3
    Adobe Reader 9
    Out of date Adobe Reader installed!
    Mozilla Firefox (3.6.12) Firefox Out of Date!
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Norton ccSvcHst.exe
    Ad-Aware AAWService.exe
    Ad-Aware AAWTray.exe
    Spybot Teatimer.exe is disabled!
    ````````````````````````````````
    DNS Vulnerability Check:


    ``````````End of Log````````````
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...