Solved Gen:Variant.Kazy.894 ( highjackthis included)

Status
Not open for further replies.

Michigan313

Posts: 21   +0
hi can someone help me..thru bit defender add on on firefox it shows this C:\Windows\system32\syncstream.dll(Gen:Variant.Kazy.894)as a virus however i cannot find the dll to remove it...thank you in advance for any help.I have ran malware bytes spybot and norton complete scans and it found no poblems at all

[HJT log removed - Broni]
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
 
hi thank you for your response here are the logs.

GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-11-03 01:03:32
Windows 6.0.6002 Service Pack 2
Running: tu5i59ng.exe; Driver: C:\Users\jonathan\AppData\Local\Temp\fwlyrkow.sys


---- System - GMER 1.0.15 ----

SSDT 87D50118 ZwAlertResumeThread
SSDT 87D18120 ZwAlertThread
SSDT 87CD87E0 ZwAllocateVirtualMemory
SSDT 872BA3C8 ZwAlpcConnectPort
SSDT 87C86068 ZwAssignProcessToJobObject
SSDT 87DEBCF8 ZwCreateMutant
SSDT 87CE1FC0 ZwCreateSymbolicLinkObject
SSDT 87CD8D20 ZwCreateThread
SSDT 87C85B08 ZwDebugActiveProcess
SSDT 87CD8978 ZwDuplicateObject
SSDT 87CD80C0 ZwFreeVirtualMemory
SSDT 87670B98 ZwImpersonateAnonymousToken
SSDT 87D77108 ZwImpersonateThread
SSDT 872A92B8 ZwLoadDriver
SSDT 87CD9F28 ZwMapViewOfSection
SSDT 8758F068 ZwOpenEvent
SSDT 87CD8BD8 ZwOpenProcess
SSDT 8766C118 ZwOpenProcessToken
SSDT 87C07370 ZwOpenSection
SSDT 87CD8AC8 ZwOpenThread
SSDT 87DEB3F0 ZwProtectVirtualMemory
SSDT 87CF1110 ZwResumeThread
SSDT 8766A118 ZwSetContextThread
SSDT 87CDAFC0 ZwSetInformationProcess
SSDT 87C85068 ZwSetSystemInformation
SSDT 87BE2120 ZwSuspendProcess
SSDT 87C27110 ZwSuspendThread
SSDT 87666110 ZwTerminateProcess
SSDT 87C11110 ZwTerminateThread
SSDT 8759D2B0 ZwUnmapViewOfSection
SSDT 87CD8450 ZwWriteVirtualMemory
SSDT 87DEB0B0 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 81CFB880 8 Bytes [18, 01, D5, 87, 20, 81, D1, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 81CFB894 4 Bytes [E0, 87, CD, 87] {LOOPNZ 0xffffffffffffff89; INT 0x87}
.text ntkrnlpa.exe!KeSetEvent + 13D 81CFB8A0 4 Bytes [C8, A3, 2B, 87] {ENTER 0x2ba3, 0x87}
.text ntkrnlpa.exe!KeSetEvent + 191 81CFB8F4 4 Bytes [68, 60, C8, 87]
.text ntkrnlpa.exe!KeSetEvent + 1F5 81CFB958 4 Bytes [F8, BC, DE, 87]
.text ...

---- EOF - GMER 1.0.15 ----

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4841

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/2/2010 11:41:23 PM
mbam-log-2010-11-02 (23-41-23).txt

Scan type: Quick scan
Objects scanned: 136586
Time elapsed: 6 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DDS (Ver_10-11-01.01) - NTFSx86
Run by jonathan at 0:55:51.71 on Wed 11/03/2010
Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3002.1612 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Users\jonathan\Downloads\tu5i59ng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\jonathan\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\norton security suite\engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\norton security suite\engine\4.3.0.5\IPSBHO.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\norton security suite\engine\4.3.0.5\coIEPlg.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\users\jonathan\appdata\roaming\micros~1\windows\startm~1\programs\startup\comcas~1.lnk - c:\program files\comcast universal caller id\Comcast Universal Caller ID.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\FFExternalAlert.dll
FF - component: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\RadioWMPCore.dll
FF - component: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkimi.dll
FF - plugin: c:\users\jonathan\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\jonathan\appdata\roaming\mozilla\firefox\profiles\1oked8k0.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-10-13 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-10-28 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-10-28 173104]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20101029.001\BHDrvx86.sys [2010-11-2 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-10-28 501888]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20101029.001\IDSvix86.sys [2010-10-19 353840]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-10-28 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys [2010-10-28 339504]
R2 N360;Norton Security Suite;c:\program files\norton security suite\norton security suite\engine\4.3.0.5\ccsvchst.exe [2010-10-28 126392]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2008-10-23 365952]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-10-15 1153368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-10-16 102448]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1357464]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-10-23 193840]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-11-03 00:35:44 -------- d-----w- C:\$RECYCLE.BIN
2010-11-03 00:31:53 -------- d-----w- c:\users\jonathan\appdata\local\temp
2010-11-03 00:22:05 98816 ----a-w- c:\windows\sed.exe
2010-11-03 00:22:05 86528 ----a-w- c:\windows\MBR.exe
2010-11-03 00:22:05 256512 ----a-w- c:\windows\PEV.exe
2010-11-03 00:22:05 161792 ----a-w- c:\windows\SWREG.exe
2010-11-03 00:21:36 -------- d-----w- C:\ComboFix
2010-11-02 22:38:12 -------- d-----w- C:\VundoFix Backups
2010-10-28 21:04:56 43696 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtspx.sys
2010-10-28 21:04:56 339504 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys
2010-10-28 21:04:56 328752 ----a-r- c:\windows\system32\drivers\n360\0403000.005\symds.sys
2010-10-28 21:04:56 325680 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtsp.sys
2010-10-28 21:04:56 173104 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symefa.sys
2010-10-28 21:04:56 116784 ----a-w- c:\windows\system32\drivers\n360\0403000.005\ironx86.sys
2010-10-28 21:04:55 501888 ----a-w- c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys
2010-10-28 21:04:31 -------- d-----w- c:\windows\system32\drivers\n360\0403000.005
2010-10-27 21:06:55 -------- d-----w- c:\progra~2\QAJHFUQDXG
2010-10-27 20:00:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-10-27 19:55:49 -------- d-----w- c:\users\jonathan\appdata\local\Apple
2010-10-27 19:39:26 -------- d-----w- c:\program files\common files\scanner
2010-10-27 19:39:14 -------- d-----w- c:\program files\CA
2010-10-27 19:35:15 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-10-27 19:28:56 -------- d-----w- c:\windows\system32\x64
2010-10-27 19:22:54 -------- d-----w- c:\users\jonathan\appdata\local\Immunet
2010-10-27 19:22:53 -------- d-----w- c:\progra~2\Immunet
2010-10-27 19:22:46 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-10-27 19:19:59 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2010-10-27 19:17:59 521216 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2010-10-26 17:32:18 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-26 17:32:18 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-26 17:32:17 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-23 20:19:17 -------- d-----w- c:\program files\Paint.NET
2010-10-23 20:18:33 -------- d-----w- c:\users\jonathan\appdata\local\Paint.NET
2010-10-21 05:29:07 -------- d-----w- c:\progra~2\EXIHFUQDXG
2010-10-20 13:53:47 -------- d-----w- c:\users\jonathan\appdata\local\CrashDumps
2010-10-19 06:23:06 -------- d-----w- c:\progra~2\BVIHFUQDXG
2010-10-19 06:18:13 -------- d-----w- c:\program files\Ali Baba Buddy Pogo
2010-10-17 21:36:46 -------- d-----w- c:\progra~2\AHIHFUQDXG
2010-10-17 21:32:16 -------- d-----w- c:\program files\Stackem Buddy Pogo
2010-10-16 03:32:32 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-10-16 03:32:31 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-16 03:32:28 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-10-16 03:32:12 -------- d-----w- c:\program files\Symantec
2010-10-16 03:32:12 -------- d-----w- c:\program files\common files\Symantec Shared
2010-10-16 03:31:23 -------- d-----w- c:\program files\NortonInstaller
2010-10-16 03:09:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-16 03:09:25 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2010-10-15 23:43:43 -------- d-----w- c:\users\jonathan\appdata\roaming\Malwarebytes
2010-10-15 23:43:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-15 23:43:25 -------- d-----w- c:\progra~2\Malwarebytes
2010-10-15 23:43:24 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-15 23:43:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 23:23:38 -------- d-----w- c:\program files\Trend Micro
2010-10-15 23:14:28 -------- d-----w- c:\windows\system32\drivers\N360
2010-10-15 23:11:29 -------- d-----w- c:\users\jonathan\LimeWire
2010-10-15 23:08:58 482304 --sh--w- c:\windows\system32\syncstream.dll
2010-10-15 22:45:45 -------- d-----w- c:\progra~2\Fugazo
2010-10-15 22:19:15 -------- d-----w- c:\users\jonathan\appdata\roaming\WildTangent
2010-10-15 14:53:14 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{4105df84-183c-44fa-badc-e90aa047714d}\mpengine.dll
2010-10-15 03:57:31 -------- d-----w- c:\progra~2\URIHFUQDXG
2010-10-15 03:57:29 -------- d-----w- c:\program files\BadgeHelp
2010-10-14 20:30:32 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-14 20:30:32 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-14 20:30:17 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-14 20:30:17 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-14 20:30:16 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-14 20:30:16 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-14 20:30:16 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-14 20:30:08 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-14 20:30:04 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-14 20:30:04 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-14 20:30:01 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-14 20:29:59 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-14 20:29:59 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-14 20:29:56 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-14 20:29:54 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-14 20:29:52 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-14 20:29:49 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-14 04:11:54 -------- d-----w- c:\users\jonathan\appdata\roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
2010-10-14 04:11:37 -------- d-----w- c:\program files\Comcast Universal Caller ID
2010-10-14 04:11:07 -------- d-----w- c:\users\jonathan\appdata\local\Adobe
2010-10-13 23:11:19 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-10-13 23:02:27 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-10-13 23:02:25 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-10-12 03:40:44 65536 ----a-w- c:\program files\mozilla firefox\plugins\npkimi.dll
2010-10-12 03:40:43 -------- d-----w- c:\program files\Imikimi
2010-10-11 23:53:07 -------- d-----w- c:\users\jonathan\appdata\roaming\QuickScan
2010-10-11 22:30:17 -------- d-----w- c:\program files\common files\eSellerate
2010-10-11 22:30:17 -------- d-----w- c:\progra~2\eSellerate
2010-10-10 20:05:31 -------- d-----w- c:\program files\Windows Portable Devices
2010-10-10 20:00:45 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-10-10 20:00:44 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-10-10 20:00:44 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-10-10 19:58:24 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-10-10 19:58:24 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-10-10 19:58:23 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-10-10 19:58:22 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-10-10 19:58:22 134144 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2010-10-10 19:58:21 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-10-10 19:58:21 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-10-10 19:58:21 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-10-10 19:58:21 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-10-10 19:58:21 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-10-10 19:58:21 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-10-10 19:58:21 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-10-10 19:58:21 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-10-10 19:56:36 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-10-10 19:56:36 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-10-10 19:56:36 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-10-09 00:15:20 -------- d-----w- c:\windows\system32\vi-VN
2010-10-09 00:15:20 -------- d-----w- c:\windows\system32\eu-ES
2010-10-09 00:15:20 -------- d-----w- c:\windows\system32\ca-ES
2010-10-08 23:56:01 -------- d-----w- c:\windows\system32\EventProviders
2010-10-08 01:21:27 -------- d-----w- c:\users\jonathan\appdata\local\Yahoo!
2010-10-07 22:19:58 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-07 22:19:58 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-07 22:19:58 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-07 22:19:58 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-07 22:19:57 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-07 22:12:29 -------- d-----w- c:\users\jonathan\appdata\local\LogiShrd
2010-10-07 22:09:53 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2010-10-07 22:09:53 539160 ----a-w- c:\windows\system32\LVUI2.dll
2010-10-07 22:09:53 34068 ----a-w- c:\windows\system32\Repository.reg
2010-10-07 22:09:53 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
2010-10-07 22:09:52 416280 ----a-w- c:\windows\system32\LVCodec2.dll
2010-10-07 22:09:52 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
2010-10-07 22:09:52 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2010-10-07 22:09:52 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
2010-10-07 21:59:08 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-10-07 21:59:05 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2010-10-07 21:59:05 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2010-10-07 21:59:04 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2010-10-07 21:59:03 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2010-10-07 21:59:02 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-10-07 21:59:01 1480704 ----a-w- c:\windows\system32\mssrch.dll
2010-10-07 21:57:59 90112 ----a-w- c:\windows\system32\wbem\WmiApRpl.dll
2010-10-07 21:45:26 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-10-07 21:45:19 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-10-07 21:45:19 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-10-07 21:45:19 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-10-07 21:45:10 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-10-06 23:33:10 -------- d-----w- c:\windows\pss
2010-10-06 19:44:22 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-10-06 19:44:22 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-10-06 19:43:22 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-10-06 19:43:11 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-10-06 19:43:10 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-10-06 19:43:00 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-10-06 19:43:00 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-10-06 19:43:00 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-10-06 19:42:51 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-10-06 19:42:25 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-10-06 19:42:17 243712 ----a-w- c:\windows\system32\rastls.dll
2010-10-06 19:42:04 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-10-06 19:41:49 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2010-10-06 19:41:49 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2010-10-06 19:41:49 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2010-10-06 19:41:48 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2010-10-06 19:41:16 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-10-06 19:41:16 220672 ----a-w- c:\windows\system32\l3codecp.acm
2010-10-06 19:41:05 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2010-10-06 19:40:56 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-10-06 19:40:39 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-10-06 19:40:39 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-10-06 19:40:39 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-10-06 19:40:30 71680 ----a-w- c:\windows\system32\atl.dll
2010-10-06 19:38:08 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-10-06 19:38:08 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-10-06 19:38:08 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-10-06 19:38:08 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-10-06 19:38:08 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-10-06 19:38:08 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-10-06 19:38:08 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-10-06 19:38:08 10240 ----a-w- c:\windows\system32\finger.exe
2010-10-06 19:37:41 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-10-06 19:37:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-10-06 19:37:20 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-10-06 19:36:39 502272 ----a-w- c:\windows\system32\usp10.dll
2010-10-06 19:36:31 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-10-06 19:36:22 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-10-06 19:36:08 98816 ----a-w- c:\windows\system32\mfps.dll
2010-10-06 19:36:08 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-10-06 19:36:08 2868224 ----a-w- c:\windows\system32\mf.dll
2010-10-06 19:36:08 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-10-06 19:36:08 2048 ----a-w- c:\windows\system32\mferror.dll
2010-10-06 19:35:12 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-06 19:34:55 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-10-06 19:34:55 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-06 19:34:55 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-10-06 19:34:55 23552 ----a-w- c:\windows\system32\lpk.dll
2010-10-06 19:34:55 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-10-06 19:34:22 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2010-10-06 19:22:35 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-10-06 19:21:34 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2010-10-06 19:21:33 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-10-06 19:21:30 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2010-10-06 19:21:16 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-10-06 19:21:13 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2010-10-06 19:21:10 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2010-10-06 19:21:08 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-10-06 19:21:08 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-10-06 19:21:08 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-10-06 19:09:59 -------- d-----w- c:\program files\MSXML 4.0
2010-10-06 19:04:54 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-10-06 19:04:53 98304 ----a-w- c:\windows\system32\cabview.dll

==================== Find3M ====================

2010-10-03 18:23:02 505392 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-03 18:23:02 353840 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-03 18:23:02 1053232 ----a-w- c:\windows\system32\MFC71u.dll
2010-10-03 18:23:01 1066544 ----a-w- c:\windows\system32\MFC71.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-08-26 16:33:06 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33:04 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33:04 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-25 23:46:02 8198680 ----a-w- c:\windows\system32\TVWSetup.exe
2010-08-25 23:45:48 948760 ----a-w- c:\windows\system32\igxpun.exe
2010-08-25 23:45:44 136216 ----a-w- c:\windows\system32\igfxtray.exe
2010-08-25 23:45:42 266776 ----a-w- c:\windows\system32\igfxsrvc.exe
2010-08-25 23:45:40 170520 ----a-w- c:\windows\system32\igfxpers.exe
2010-08-25 23:45:38 179224 ----a-w- c:\windows\system32\igfxext.exe
2010-08-25 23:45:36 171032 ----a-w- c:\windows\system32\hkcmd.exe
2010-08-25 23:45:32 3156504 ----a-w- c:\windows\system32\GfxUI.exe
2010-08-25 23:39:46 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll
2010-08-25 23:31:30 4967424 ----a-w- c:\windows\system32\igdumd32.dll
2010-08-25 23:30:02 439308 ----a-w- c:\windows\system32\igcompkrng500.bin
2010-08-25 23:30:00 982240 ----a-w- c:\windows\system32\igkrng500.bin
2010-08-25 23:30:00 92356 ----a-w- c:\windows\system32\igfcg500m.bin
2010-08-25 23:28:22 571904 ----a-w- c:\windows\system32\igdumdx32.dll
2010-08-25 23:23:14 4411904 ----a-w- c:\windows\system32\igd10umd32.dll
2010-08-25 23:09:34 11040256 ----a-w- c:\windows\system32\ig4icd32.dll
2010-08-25 23:00:00 23552 ----a-w- c:\windows\system32\igfxexps.dll
2010-08-25 23:00:00 194560 ----a-w- c:\windows\system32\igfxpph.dll
2010-08-25 22:59:58 261632 ----a-w- c:\windows\system32\igfxTMM.dll
2010-08-25 22:59:58 115200 ----a-w- c:\windows\system32\igfxcpl.cpl
2010-08-25 22:59:42 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
2010-08-25 22:59:24 130048 ----a-w- c:\windows\system32\igfxdo.dll
2010-08-25 22:59:16 94720 ----a-w- c:\windows\system32\hccutils.dll
2010-08-25 22:59:10 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
2010-08-25 22:59:08 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2010-08-25 22:59:06 85504 ----a-w- c:\windows\system32\igfxrenu.lrc
2010-08-25 22:59:06 828928 ----a-w- c:\windows\system32\igfxress.dll
2010-08-25 22:59:06 228864 ----a-w- c:\windows\system32\igfxdev.dll
2010-08-25 22:52:00 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-08-25 22:52:00 208896 ----a-w- c:\windows\system32\iglhsip32.dll
2010-08-25 22:52:00 143360 ----a-w- c:\windows\system32\iglhcp32.dll
2010-08-17 14:11:37 128000 ----a-w- c:\windows\system32\spoolsv.exe

============= FINISH: 1:04:20.84 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-01.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 10/3/2010 2:09:43 PM
System Uptime: 11/2/2010 11:46:57 PM (2 hours ago)

Motherboard: Wistron | | 3612
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | CPU | 2166/667mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 223 GiB total, 159.177 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.731 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Synaptics PS/2 Port TouchPad
Device ID: ACPI\SYN0158\4&3533A443&0
Manufacturer: Synaptics
Name: Synaptics PS/2 Port TouchPad
PNP Device ID: ACPI\SYN0158\4&3533A443&0
Service: i8042prt

==== System Restore Points ===================


==== Installed Programs ======================

Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Adobe Shockwave Player
Atheros Driver Installation Program
Build in Time
Build It - Miami Beach Resort
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Comcast Universal Caller ID
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Cooking Academy
Cooking Academy 2 - World Cuisine
CyberLink DVD Suite
ESU for Microsoft Vista
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP DVD Play 3.7
HP Games
HP Help and Support
HP Quick Launch Buttons 6.40 H2
HP Update
HP User Guides 0118
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
HPTCSSetup
Imikimi Plugin
IMVU Avatar Chat Software
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 7
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Works
Mozilla Firefox (3.6.12)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Security Suite
Paint.NET v3.5.5
Power2Go
PowerDirector
Realtek 8169 8168 8101E 8102E Ethernet Driver
runtime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Spybot - Search & Destroy
Synaptics Pointing Device Driver
The Weather Channel Desktop 6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB934528)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update

==== End Of File ===========================
 
All looks fine, so far.

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

=====================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ60 Notebook PC
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 209):
0x81C33000 \SystemRoot\system32\ntkrnlpa.exe
0x81C00000 \SystemRoot\system32\hal.dll
0x8040E000 \SystemRoot\system32\kdcom.dll
0x80415000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80485000 \SystemRoot\system32\PSHED.dll
0x80496000 \SystemRoot\system32\BOOTVID.dll
0x8049E000 \SystemRoot\system32\CLFS.SYS
0x804DF000 \SystemRoot\system32\CI.dll
0x8060C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80688000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80695000 \SystemRoot\system32\drivers\acpi.sys
0x806DB000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806E4000 \SystemRoot\system32\drivers\msisadrv.sys
0x806EC000 \SystemRoot\system32\drivers\pci.sys
0x80713000 \SystemRoot\system32\drivers\isapnp.sys
0x80722000 \SystemRoot\system32\drivers\mpio.sys
0x8073E000 \SystemRoot\System32\drivers\partmgr.sys
0x8074D000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80750000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8075A000 \SystemRoot\system32\drivers\volmgr.sys
0x80769000 \SystemRoot\System32\drivers\volmgrx.sys
0x807B3000 \SystemRoot\system32\drivers\intelide.sys
0x807BA000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x807C8000 \SystemRoot\system32\drivers\aliide.sys
0x807CF000 \SystemRoot\system32\drivers\amdide.sys
0x807D6000 \SystemRoot\system32\drivers\cmdide.sys
0x807DE000 \SystemRoot\System32\drivers\mountmgr.sys
0x805BF000 \SystemRoot\system32\drivers\msdsm.sys
0x805D9000 \SystemRoot\system32\drivers\nvraid.sys
0x82202000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x82223000 \SystemRoot\system32\drivers\pciide.sys
0x8222A000 \SystemRoot\system32\drivers\viaide.sys
0x82232000 \SystemRoot\system32\drivers\iastorv.sys
0x822D3000 \SystemRoot\system32\drivers\atapi.sys
0x822DB000 \SystemRoot\system32\drivers\ataport.SYS
0x822F9000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x82313000 \SystemRoot\system32\drivers\storport.sys
0x82354000 \SystemRoot\system32\drivers\msahci.sys
0x8235E000 \SystemRoot\system32\drivers\hpcisss.sys
0x82369000 \SystemRoot\system32\drivers\adp94xx.sys
0x8A202000 \SystemRoot\system32\drivers\adpahci.sys
0x8A24E000 \SystemRoot\system32\drivers\adpu160m.sys
0x8A269000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x8A28F000 \SystemRoot\system32\drivers\adpu320.sys
0x8A2B5000 \SystemRoot\system32\drivers\djsvs.sys
0x8A2C9000 \SystemRoot\system32\drivers\arc.sys
0x8A2DF000 \SystemRoot\system32\drivers\arcsas.sys
0x8A2F5000 \SystemRoot\system32\drivers\elxstor.sys
0x8A389000 \SystemRoot\system32\drivers\i2omp.sys
0x8A393000 \SystemRoot\system32\drivers\iirsp.sys
0x8A3A3000 \SystemRoot\system32\drivers\iteatapi.sys
0x8A3AF000 \SystemRoot\system32\drivers\iteraid.sys
0x8A3BB000 \SystemRoot\system32\drivers\lsi_fc.sys
0x8A3D5000 \SystemRoot\system32\drivers\lsi_sas.sys
0x8A3ED000 \SystemRoot\system32\drivers\megasas.sys
0x8A40D000 \SystemRoot\system32\drivers\megasr.sys
0x8A4C4000 \SystemRoot\system32\drivers\mraid35x.sys
0x8A4CF000 \SystemRoot\system32\drivers\nfrd960.sys
0x8A4DD000 \SystemRoot\system32\drivers\nvstor.sys
0x8A60C000 \SystemRoot\system32\drivers\ql2300.sys
0x8A744000 \SystemRoot\system32\drivers\ql40xx.sys
0x8A799000 \SystemRoot\system32\drivers\sisraid2.sys
0x8A7A6000 \SystemRoot\system32\drivers\sisraid4.sys
0x8A7BB000 \SystemRoot\system32\drivers\symc8xx.sys
0x8A7C7000 \SystemRoot\system32\drivers\sym_hi.sys
0x8A7D2000 \SystemRoot\system32\drivers\sym_u3.sys
0x8A4EA000 \SystemRoot\system32\drivers\uliahci.sys
0x8A7DD000 \SystemRoot\system32\drivers\ulsata.sys
0x8A526000 \SystemRoot\system32\drivers\ulsata2.sys
0x8A552000 \SystemRoot\system32\drivers\vsmraid.sys
0x8A573000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A5A5000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
0x823D3000 \SystemRoot\system32\drivers\fileinfo.sys
0x823E3000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x8A802000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
0x8A82F000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8A8A0000 \SystemRoot\system32\drivers\ndis.sys
0x8A9AB000 \SystemRoot\system32\drivers\msrpc.sys
0x8AA06000 \SystemRoot\system32\drivers\NETIO.SYS
0x8AA41000 \SystemRoot\System32\drivers\tcpip.sys
0x8AB2B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8AC0C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8AD1C000 \SystemRoot\system32\drivers\wd.sys
0x8AD24000 \SystemRoot\system32\drivers\volsnap.sys
0x8AD5D000 \SystemRoot\System32\Drivers\spldr.sys
0x8AD65000 \SystemRoot\system32\drivers\sbp2port.sys
0x8AD7A000 \SystemRoot\System32\Drivers\mup.sys
0x8AD89000 \SystemRoot\System32\drivers\ecache.sys
0x8ADB0000 \SystemRoot\system32\drivers\disk.sys
0x8ADC1000 \SystemRoot\system32\drivers\crcdisk.sys
0x8ADEC000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8ADF7000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8AB46000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8AC00000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8EE09000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8F726000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8F7C7000 \SystemRoot\System32\drivers\watchdog.sys
0x8F7D3000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8AB55000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F7DE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8FA01000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8FA8E000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8FAB4000 \SystemRoot\system32\DRIVERS\athr.sys
0x8FBD4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8FBE7000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x8FBEC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8AB93000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8FBF7000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F7ED000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8FBF9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8ABC3000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8F7F8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8FC0C000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8FC3B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8FC46000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8FC5D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8FC68000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8FC8B000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8FC9A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8FCAE000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8FCC3000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8FCD3000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8FCD5000 \SystemRoot\system32\DRIVERS\ks.sys
0x8FCFF000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8FD09000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8FD16000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8FD4B000 \SystemRoot\system32\drivers\CHDRT32.sys
0x8FD86000 \SystemRoot\system32\drivers\portcls.sys
0x8FDB3000 \SystemRoot\system32\drivers\drmk.sys
0x90403000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x90441000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x90544000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x8FDD8000 \SystemRoot\system32\drivers\modem.sys
0x8ABDB000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x8FDE5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8FDF6000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8A9D6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x905F9000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8FC00000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8EE00000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8A9E6000 \SystemRoot\System32\Drivers\Null.SYS
0x8A9ED000 \SystemRoot\System32\Drivers\Beep.SYS
0x8A9F4000 \SystemRoot\System32\drivers\vga.sys
0x9060B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x9062C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x90634000 \SystemRoot\system32\drivers\rdpencdd.sys
0x9063C000 \SystemRoot\System32\Drivers\Msfs.SYS
0x90647000 \SystemRoot\System32\Drivers\Npfs.SYS
0x90655000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9065E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90674000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
0x906CD000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x906F2000 \SystemRoot\system32\DRIVERS\smb.sys
0x90706000 \SystemRoot\system32\drivers\afd.sys
0x9074E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90780000 \SystemRoot\system32\DRIVERS\pacer.sys
0x90796000 \SystemRoot\system32\DRIVERS\netbios.sys
0x907A4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x907B7000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
0x907D6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x91203000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0x91492000 \SystemRoot\system32\DRIVERS\lv302af.sys
0x91494000 \SystemRoot\system32\drivers\usbaudio.sys
0x914A6000 \SystemRoot\system32\DRIVERS\lvrs.sys
0x914E6000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
0x914F0000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x9152C000 \SystemRoot\system32\drivers\nsiproxy.sys
0x91536000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys
0x91591000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x91E0D000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x91E2A000 \SystemRoot\System32\Drivers\dfsc.sys
0x91E41000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
0x91EC0000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
0x91F6C000 \SystemRoot\System32\Drivers\crashdmp.sys
0x91F79000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x91F84000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9A8D0000 \SystemRoot\System32\win32k.sys
0x91F8E000 \SystemRoot\System32\drivers\Dxapi.sys
0x91F98000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9AAF0000 \SystemRoot\System32\TSDDD.dll
0x9AB10000 \SystemRoot\System32\cdd.dll
0x9AB20000 \SystemRoot\System32\ATMFD.DLL
0x91FA7000 \SystemRoot\system32\drivers\luafv.sys
0xABA06000 \SystemRoot\system32\drivers\spsys.sys
0xABAB6000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xABAC6000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xABAF0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xABAFA000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xABB0D000 \SystemRoot\system32\drivers\HTTP.sys
0xABB7A000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xABB97000 \SystemRoot\system32\DRIVERS\bowser.sys
0xABBB0000 \SystemRoot\System32\drivers\mpsdrv.sys
0xABBC5000 \SystemRoot\system32\drivers\mrxdav.sys
0x91FC2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xADC08000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xADC41000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xADC59000 \SystemRoot\System32\DRIVERS\srv2.sys
0xADC81000 \SystemRoot\System32\DRIVERS\srv.sys
0xADCE7000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xADCEB000 \SystemRoot\system32\drivers\peauth.sys
0xADDC9000 \SystemRoot\System32\Drivers\secdrv.SYS
0xADDD3000 \SystemRoot\System32\drivers\tcpipreg.sys
0xADDDF000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xADDE7000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xADCCF000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xADDEC000 \??\C:\Users\jonathan\AppData\Local\Temp\mbr.sys
0xADDF2000 \??\C:\Users\jonathan\AppData\Local\Temp\catchme.sys
0xADDFA000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x77860000 \Windows\System32\ntdll.dll

Processes (total 56):
0 System Idle Process
4 System
424 C:\Windows\System32\smss.exe
520 csrss.exe
564 C:\Windows\System32\wininit.exe
572 csrss.exe
608 C:\Windows\System32\services.exe
644 C:\Windows\System32\lsass.exe
652 C:\Windows\System32\lsm.exe
720 C:\Windows\System32\winlogon.exe
832 C:\Windows\System32\svchost.exe
892 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\svchost.exe
1088 C:\Windows\System32\svchost.exe
1112 C:\Windows\System32\svchost.exe
1176 C:\Windows\System32\audiodg.exe
1200 C:\Windows\System32\svchost.exe
1220 C:\Windows\System32\SLsvc.exe
1252 C:\Windows\System32\svchost.exe
1468 C:\Windows\System32\svchost.exe
1608 C:\Windows\System32\wlanext.exe
1764 C:\Windows\System32\spoolsv.exe
1788 C:\Windows\System32\svchost.exe
496 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
2020 C:\Windows\System32\svchost.exe
328 C:\Program Files\SMINST\BLService.exe
2060 C:\Program Files\CyberLink\Shared files\RichVideo.exe
2124 C:\Windows\System32\svchost.exe
2224 C:\Windows\System32\svchost.exe
2252 C:\Windows\System32\SearchIndexer.exe
2392 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2464 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
2624 C:\Windows\System32\dwm.exe
2656 C:\Windows\System32\taskeng.exe
2948 C:\Windows\System32\taskeng.exe
3292 WmiPrvSE.exe
3472 dllhost.exe
3548 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3560 C:\Program Files\HP\QuickPlay\QPService.exe
3764 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
3900 C:\Windows\System32\igfxsrvc.exe
2052 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3356 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
3380 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3556 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
1096 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
3276 C:\Windows\System32\hkcmd.exe
2888 C:\Windows\System32\igfxpers.exe
3676 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
3828 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2484 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
3480 taskeng.exe
964 C:\Windows\explorer.exe
1056 C:\Windows\System32\notepad.exe
3124 C:\Program Files\Mozilla Firefox\firefox.exe
172 C:\Users\jonathan\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`a2900000 (NTFS)

PhysicalDrive0 Model Number: ST9250320AS, Rev: HP07

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: E6CCDBFD8F5B3DAA80CE1AA64C67955A606A347D


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!


ComboFix 10-11-02.03 - jonathan 11/03/2010 1:49.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3002.2030 [GMT -4:00]
Running from: c:\users\jonathan\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-10-03 to 2010-11-03 )))))))))))))))))))))))))))))))
.

2010-11-03 05:57 . 2010-11-03 05:58 -------- d-----w- c:\users\jonathan\AppData\Local\temp
2010-11-03 05:57 . 2010-11-03 05:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Roaming\Tific
2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Local\Symantec
2010-11-02 22:38 . 2010-11-02 22:38 -------- d-----w- C:\VundoFix Backups
2010-10-31 20:22 . 2010-10-31 20:22 -------- d-----w- c:\users\jonathan\AppData\Roaming\CyberLink
2010-10-31 20:22 . 2010-10-31 20:22 -------- d-----w- c:\users\Public\CyberLink
2010-10-27 21:06 . 2010-10-27 21:11 -------- d-----w- c:\programdata\QAJHFUQDXG
2010-10-27 20:00 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-10-27 19:55 . 2010-10-27 19:55 -------- d-----w- c:\users\jonathan\AppData\Local\Apple
2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\Common Files\scanner
2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\CA
2010-10-27 19:35 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-10-27 19:28 . 2010-10-27 19:28 -------- d-----w- c:\windows\system32\x64
2010-10-27 19:22 . 2010-10-27 19:26 -------- d-----w- c:\users\jonathan\AppData\Local\Immunet
2010-10-27 19:22 . 2010-10-27 19:37 -------- d-----w- c:\programdata\Immunet
2010-10-27 19:22 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-10-27 19:19 . 2010-09-08 06:02 638232 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2010-10-27 19:17 . 2009-03-08 11:35 233984 ----a-w- c:\program files\Internet Explorer\jsprofilerui.dll
2010-10-26 17:32 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-26 17:32 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-26 17:32 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-23 20:19 . 2010-10-23 20:20 -------- d-----w- c:\program files\Paint.NET
2010-10-23 20:18 . 2010-10-24 17:35 -------- d-----w- c:\users\jonathan\AppData\Local\Paint.NET
2010-10-21 05:29 . 2010-10-21 05:29 -------- d-----w- c:\programdata\EXIHFUQDXG
2010-10-20 13:53 . 2010-11-03 03:54 -------- d-----w- c:\users\jonathan\AppData\Local\CrashDumps
2010-10-19 06:23 . 2010-10-19 06:52 -------- d-----w- c:\programdata\BVIHFUQDXG
2010-10-19 06:18 . 2010-10-19 06:54 -------- d-----w- c:\program files\Ali Baba Buddy Pogo
2010-10-17 21:36 . 2010-10-17 21:38 -------- d-----w- c:\programdata\AHIHFUQDXG
2010-10-17 21:32 . 2010-10-19 06:54 -------- d-----w- c:\program files\Stackem Buddy Pogo
2010-10-16 03:32 . 2008-04-17 21:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-10-16 03:32 . 2009-05-18 22:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-16 03:32 . 2010-10-16 03:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-10-16 03:32 . 2010-10-16 16:08 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-10-16 03:32 . 2010-10-16 03:32 -------- d-----w- c:\program files\Symantec
2010-10-16 03:31 . 2010-10-16 03:31 -------- d-----w- c:\program files\NortonInstaller
2010-10-16 03:09 . 2010-11-02 23:37 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-10-16 03:09 . 2010-10-16 03:12 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\users\jonathan\AppData\Roaming\Malwarebytes
2010-10-15 23:43 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\programdata\Malwarebytes
2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 23:43 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-15 23:23 . 2010-10-15 23:23 -------- d-----w- c:\program files\Trend Micro
2010-10-15 23:14 . 2010-10-29 15:03 -------- d-----w- c:\windows\system32\drivers\N360
2010-10-15 23:11 . 2010-10-15 23:11 -------- d-----w- c:\users\jonathan\LimeWire
2010-10-15 23:08 . 2010-10-15 23:08 482304 --sh--w- c:\windows\system32\syncstream.dll
2010-10-15 22:45 . 2010-10-15 23:01 -------- d-----w- c:\programdata\Fugazo
2010-10-15 22:19 . 2010-10-15 22:19 -------- d-----w- c:\users\jonathan\AppData\Roaming\WildTangent
2010-10-15 14:53 . 2010-09-16 17:24 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4105DF84-183C-44FA-BADC-E90AA047714D}\mpengine.dll
2010-10-15 03:57 . 2010-10-15 06:13 -------- d-----w- c:\programdata\URIHFUQDXG
2010-10-15 03:57 . 2010-10-27 21:07 -------- d-----w- c:\program files\BadgeHelp
2010-10-14 21:34 . 2010-10-14 21:34 -------- d-----w- c:\users\jonathan\AppData\Roaming\InstallShield
2010-10-14 20:30 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-14 20:30 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-14 20:30 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-14 20:30 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-14 20:30 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-14 20:30 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-14 20:30 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-14 20:30 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-14 20:30 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-14 20:30 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-14 20:30 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-14 20:29 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-14 20:29 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-14 20:29 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-14 20:29 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-14 20:29 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-14 20:29 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\program files\Comcast Universal Caller ID
2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Local\Adobe
2010-10-13 23:11 . 2010-08-12 12:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-10-13 23:02 . 2010-08-12 12:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-10-13 23:02 . 2010-10-27 19:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-10-13 23:02 . 2010-10-13 23:02 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-10-12 03:40 . 2007-12-17 17:16 65536 ----a-w- c:\program files\Mozilla Firefox\plugins\npkimi.dll
2010-10-12 03:40 . 2010-10-12 03:40 -------- d-----w- c:\program files\Imikimi
2010-10-11 23:53 . 2010-11-03 04:54 -------- d-----w- c:\users\jonathan\AppData\Roaming\QuickScan
2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\programdata\eSellerate
2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\program files\Common Files\eSellerate
2010-10-10 20:05 . 2010-10-10 20:05 -------- d-----w- c:\program files\Windows Portable Devices
2010-10-10 20:00 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-10-10 20:00 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-10-10 20:00 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-10-10 19:58 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-10-10 19:58 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-10-10 19:58 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-10-10 19:58 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-10-10 19:58 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-10-10 19:58 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-10-10 19:58 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-10-10 19:58 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-10-10 19:58 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-10-10 19:58 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-10-10 19:58 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-10-10 19:58 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-10-10 19:56 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-10-10 19:56 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-10-10 19:56 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\ca-ES
2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\eu-ES
2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\vi-VN
2010-10-08 23:56 . 2010-10-08 23:56 -------- d-----w- c:\windows\system32\EventProviders
2010-10-08 01:21 . 2010-10-08 01:21 -------- d-----w- c:\users\jonathan\AppData\Local\Yahoo!
2010-10-07 22:19 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-07 22:19 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-07 22:19 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-07 22:19 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-07 22:19 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Local\LogiShrd
2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Roaming\Leadertech
2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2.dll
2010-10-07 22:09 . 2009-04-30 23:01 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
2010-10-07 22:09 . 2009-04-30 22:39 34068 ----a-w- c:\windows\system32\Repository.reg
2010-10-07 22:09 . 2009-10-07 08:43 416280 ----a-w- c:\windows\system32\LVCodec2.dll
2010-10-07 22:09 . 2009-04-30 22:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2010-10-07 22:09 . 2009-04-30 22:55 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
2010-10-07 22:09 . 2009-04-30 22:55 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
2010-10-07 22:09 . 2010-10-07 22:22 -------- d-----w- c:\program files\Logitech
2010-10-07 22:09 . 2010-10-07 22:13 -------- d-----w- c:\programdata\LogiShrd
2010-10-07 22:09 . 2010-10-07 22:10 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-10-07 21:59 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-03 18:23 . 2008-10-23 06:35 1053232 ----a-w- c:\windows\system32\MFC71u.dll
2010-10-03 18:23 . 2008-08-06 22:29 353840 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-03 18:23 . 2008-08-06 22:27 505392 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-03 18:23 . 2008-10-23 06:35 1066544 ----a-w- c:\windows\system32\MFC71.dll
2010-09-15 08:50 . 2010-10-03 20:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-26 16:33 . 2010-10-26 17:32 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-26 17:32 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-26 17:32 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-26 17:32 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-25 23:46 . 2010-08-25 23:46 8198680 ----a-w- c:\windows\system32\TVWSetup.exe
2010-08-25 23:45 . 2010-10-03 18:17 948760 ----a-w- c:\windows\system32\igxpun.exe
2010-08-25 23:45 . 2008-07-10 22:27 136216 ----a-w- c:\windows\system32\igfxtray.exe
2010-08-25 23:45 . 2008-07-10 22:27 266776 ----a-w- c:\windows\system32\igfxsrvc.exe
2010-08-25 23:45 . 2008-07-10 22:27 170520 ----a-w- c:\windows\system32\igfxpers.exe
2010-08-25 23:45 . 2010-08-25 23:45 179224 ----a-w- c:\windows\system32\igfxext.exe
2010-08-25 23:45 . 2008-07-10 22:27 171032 ----a-w- c:\windows\system32\hkcmd.exe
2010-08-25 23:45 . 2010-08-25 23:45 3156504 ----a-w- c:\windows\system32\GfxUI.exe
2010-08-25 23:39 . 2010-08-25 23:39 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll
2010-08-25 23:31 . 2010-08-25 23:31 9024512 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
2010-08-25 23:31 . 2008-07-06 20:15 4967424 ----a-w- c:\windows\system32\igdumd32.dll
2010-08-25 23:28 . 2008-07-06 20:10 571904 ----a-w- c:\windows\system32\igdumdx32.dll
2010-08-25 23:23 . 2010-08-25 23:23 4411904 ----a-w- c:\windows\system32\igd10umd32.dll
2010-08-25 23:09 . 2010-08-25 23:09 11040256 ----a-w- c:\windows\system32\ig4icd32.dll
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrsky.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrslv.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxresn.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrtrk.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrsve.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrtha.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrrus.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrptg.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrplk.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrptb.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrnor.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrita.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrhun.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrheb.lrc
2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrkor.lrc
2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrjpn.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrfra.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrell.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrnld.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrdeu.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrfin.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrcsy.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrdan.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrara.lrc
2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrcht.lrc
2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrchs.lrc
2010-08-25 23:00 . 2010-08-25 23:00 23552 ----a-w- c:\windows\system32\igfxexps.dll
2010-08-25 23:00 . 2010-08-25 23:00 194560 ----a-w- c:\windows\system32\igfxpph.dll
2010-08-25 22:59 . 2010-08-25 22:59 115200 ----a-w- c:\windows\system32\igfxcpl.cpl
2010-08-25 22:59 . 2008-07-06 19:39 261632 ----a-w- c:\windows\system32\igfxTMM.dll
2010-08-25 22:59 . 2008-07-06 19:38 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
2010-08-25 22:59 . 2010-08-25 22:59 130048 ----a-w- c:\windows\system32\igfxdo.dll
2010-08-25 22:59 . 2008-07-06 19:37 94720 ----a-w- c:\windows\system32\hccutils.dll
2010-08-25 22:59 . 2010-08-25 22:59 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
2010-08-25 22:59 . 2010-08-25 22:59 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2010-08-25 22:59 . 2008-07-06 19:37 228864 ----a-w- c:\windows\system32\igfxdev.dll
2010-08-25 22:59 . 2008-07-06 19:37 828928 ----a-w- c:\windows\system32\igfxress.dll
2010-08-25 22:59 . 2008-07-06 19:37 85504 ----a-w- c:\windows\system32\igfxrenu.lrc
2010-08-25 22:52 . 2010-08-25 22:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-08-25 22:52 . 2010-08-25 22:52 208896 ----a-w- c:\windows\system32\iglhsip32.dll
2010-08-25 22:52 . 2010-08-25 22:52 143360 ----a-w- c:\windows\system32\iglhcp32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Comcast Universal Caller ID.lnk - c:\program files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe [2010-10-14 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-10-09 14:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-08-01 23:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 23:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-06-14 01:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-13 1357464]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys [2010-10-02 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys [2010-10-19 353840]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-13 102448]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-29 112128]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-11-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 23:02]

2010-11-02 c:\windows\Tasks\HPCeeScheduleForjonathan.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-23 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
FF - ProfilePath - c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\FFExternalAlert.dll
FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\RadioWMPCore.dll
FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\users\jonathan\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
MSConfigStartUp-HPAdvisor - c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
MSConfigStartUp-{F7B125A3-0E65-446E-AC28-5B63AE7058DA} - c:\users\jonathan\AppData\Local\Temp\{F7B125A3-0E65-446E-AC28-5B63AE7058DA}\7ebd.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-03 01:58
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(964)
c:\program files\Spybot - Search & Destroy\SDHelper.dll
c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\BuEng.dll
c:\windows\System32\EhStorAPI.dll
.
Completion time: 2010-11-03 02:01:02
ComboFix-quarantined-files.txt 2010-11-03 06:00

Pre-Run: 170,539,663,360 bytes free
Post-Run: 170,480,705,536 bytes free

- - End Of File - - A53D03D6DBF94EAD2E456774579CC12B
 
We need to fix your MBR.

Please download NTBR by noahdfear and save it to your Desktop.
File size: 2.44 MB (2,565,432 bytes)

  • Place a blank CD in your CD drive.
  • Double click on NTBR_CD.exe file and a folder of the same name will appear.
  • Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.
  • Follow the prompts to burn the CD.
  • Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
  • If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.
  • Insert the newly created CD into your infected PC and reboot your computer.
  • Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!
  • Read the warning and then continue as prompted.
  • You first need to select your keyboard layout - press Enter for English.
  • Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK
  • On the following screen enter 5 to select Install Standard MBR code.
  • Enter 1 to overwrite the infected MBR Code with the Standard MBR code.
  • When asked to confirm please do so.
  • Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.
  • Eject the disc and then press ctrl+alt+del to reboot the PC.
Once rebooted, run MBRCheck again and post its log.
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ60 Notebook PC
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 209):
0x81C4A000 \SystemRoot\system32\ntkrnlpa.exe
0x81C17000 \SystemRoot\system32\hal.dll
0x80400000 \SystemRoot\system32\kdcom.dll
0x80407000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80477000 \SystemRoot\system32\PSHED.dll
0x80488000 \SystemRoot\system32\BOOTVID.dll
0x80490000 \SystemRoot\system32\CLFS.SYS
0x804D1000 \SystemRoot\system32\CI.dll
0x80600000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067C000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80689000 \SystemRoot\system32\drivers\acpi.sys
0x806CF000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806D8000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E0000 \SystemRoot\system32\drivers\pci.sys
0x80707000 \SystemRoot\system32\drivers\isapnp.sys
0x80716000 \SystemRoot\system32\drivers\mpio.sys
0x80732000 \SystemRoot\System32\drivers\partmgr.sys
0x80741000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80744000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8074E000 \SystemRoot\system32\drivers\volmgr.sys
0x8075D000 \SystemRoot\System32\drivers\volmgrx.sys
0x807A7000 \SystemRoot\system32\drivers\intelide.sys
0x807AE000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x807BC000 \SystemRoot\system32\drivers\aliide.sys
0x807C3000 \SystemRoot\system32\drivers\amdide.sys
0x807CA000 \SystemRoot\system32\drivers\cmdide.sys
0x807D2000 \SystemRoot\System32\drivers\mountmgr.sys
0x807E2000 \SystemRoot\system32\drivers\msdsm.sys
0x805B1000 \SystemRoot\system32\drivers\nvraid.sys
0x805CC000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x805ED000 \SystemRoot\system32\drivers\pciide.sys
0x805F4000 \SystemRoot\system32\drivers\viaide.sys
0x82205000 \SystemRoot\system32\drivers\iastorv.sys
0x822A6000 \SystemRoot\system32\drivers\atapi.sys
0x822AE000 \SystemRoot\system32\drivers\ataport.SYS
0x822CC000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x822E6000 \SystemRoot\system32\drivers\storport.sys
0x82327000 \SystemRoot\system32\drivers\msahci.sys
0x82331000 \SystemRoot\system32\drivers\hpcisss.sys
0x8233C000 \SystemRoot\system32\drivers\adp94xx.sys
0x823A6000 \SystemRoot\system32\drivers\adpahci.sys
0x8A200000 \SystemRoot\system32\drivers\adpu160m.sys
0x8A21B000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x8A241000 \SystemRoot\system32\drivers\adpu320.sys
0x8A267000 \SystemRoot\system32\drivers\djsvs.sys
0x8A27B000 \SystemRoot\system32\drivers\arc.sys
0x8A291000 \SystemRoot\system32\drivers\arcsas.sys
0x8A2A7000 \SystemRoot\system32\drivers\elxstor.sys
0x8A33B000 \SystemRoot\system32\drivers\i2omp.sys
0x8A345000 \SystemRoot\system32\drivers\iirsp.sys
0x8A355000 \SystemRoot\system32\drivers\iteatapi.sys
0x8A361000 \SystemRoot\system32\drivers\iteraid.sys
0x8A36D000 \SystemRoot\system32\drivers\lsi_fc.sys
0x8A387000 \SystemRoot\system32\drivers\lsi_sas.sys
0x8A39F000 \SystemRoot\system32\drivers\megasas.sys
0x8A40E000 \SystemRoot\system32\drivers\megasr.sys
0x8A4C5000 \SystemRoot\system32\drivers\mraid35x.sys
0x8A4D0000 \SystemRoot\system32\drivers\nfrd960.sys
0x8A4DE000 \SystemRoot\system32\drivers\nvstor.sys
0x8A605000 \SystemRoot\system32\drivers\ql2300.sys
0x8A73D000 \SystemRoot\system32\drivers\ql40xx.sys
0x8A792000 \SystemRoot\system32\drivers\sisraid2.sys
0x8A79F000 \SystemRoot\system32\drivers\sisraid4.sys
0x8A7B4000 \SystemRoot\system32\drivers\symc8xx.sys
0x8A7C0000 \SystemRoot\system32\drivers\sym_hi.sys
0x8A7CB000 \SystemRoot\system32\drivers\sym_u3.sys
0x8A4EB000 \SystemRoot\system32\drivers\uliahci.sys
0x8A7D6000 \SystemRoot\system32\drivers\ulsata.sys
0x8A527000 \SystemRoot\system32\drivers\ulsata2.sys
0x8A553000 \SystemRoot\system32\drivers\vsmraid.sys
0x8A574000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A5A6000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
0x8A3A9000 \SystemRoot\system32\drivers\fileinfo.sys
0x8A3B9000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x8A3C8000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
0x8A80A000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8A87B000 \SystemRoot\system32\drivers\ndis.sys
0x8A986000 \SystemRoot\system32\drivers\msrpc.sys
0x8A9B1000 \SystemRoot\system32\drivers\NETIO.SYS
0x8AA01000 \SystemRoot\System32\drivers\tcpip.sys
0x8AAEB000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8AC06000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8AD16000 \SystemRoot\system32\drivers\wd.sys
0x8AD1E000 \SystemRoot\system32\drivers\volsnap.sys
0x8AD57000 \SystemRoot\System32\Drivers\spldr.sys
0x8AD5F000 \SystemRoot\system32\drivers\sbp2port.sys
0x8AD74000 \SystemRoot\System32\Drivers\mup.sys
0x8AD83000 \SystemRoot\System32\drivers\ecache.sys
0x8ADAA000 \SystemRoot\system32\drivers\disk.sys
0x8ADBB000 \SystemRoot\system32\drivers\crcdisk.sys
0x8ADE6000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8ADF1000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8AB06000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8AB15000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8EE0F000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8F72C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8F7CD000 \SystemRoot\System32\drivers\watchdog.sys
0x8F7D9000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8AB1E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F7E4000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8AB5C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F801000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8F827000 \SystemRoot\system32\DRIVERS\athr.sys
0x8F947000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F95A000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x8F95F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F96A000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F99A000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F99C000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F9A7000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F9AB000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8F9C3000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8F9C9000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F7F3000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8ABE9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8EE00000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8FA07000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8FA2A000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8FA39000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8FA4D000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8FA62000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8FA72000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8FA74000 \SystemRoot\system32\DRIVERS\ks.sys
0x8FA9E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8FAA8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8FAB5000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8FAEA000 \SystemRoot\system32\drivers\CHDRT32.sys
0x8FB25000 \SystemRoot\system32\drivers\portcls.sys
0x8FB52000 \SystemRoot\system32\drivers\drmk.sys
0x8FB77000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x9020C000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x9030F000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x903C4000 \SystemRoot\system32\drivers\modem.sys
0x903D1000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x8FBB5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90400000 \SystemRoot\System32\Drivers\N360\0403000.005\SRTSP.SYS
0x90457000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x90460000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90470000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90477000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
0x90496000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x9049E000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x90C02000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0x90E91000 \SystemRoot\system32\DRIVERS\lv302af.sys
0x90E93000 \SystemRoot\system32\drivers\usbaudio.sys
0x90EA5000 \SystemRoot\system32\DRIVERS\lvrs.sys
0x90EE5000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
0x91A01000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVEX15.SYS
0x91B4F000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x91B74000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVENG.SYS
0x91B88000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x91B91000 \SystemRoot\System32\Drivers\Null.SYS
0x91B98000 \SystemRoot\System32\Drivers\Beep.SYS
0x91BA8000 \SystemRoot\System32\drivers\vga.sys
0x91BB4000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x91BD5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x91BDD000 \SystemRoot\system32\drivers\rdpencdd.sys
0x91BE5000 \SystemRoot\System32\Drivers\Msfs.SYS
0x91BF0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x91B9F000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x90EEF000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90F05000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
0x90F5E000 \SystemRoot\system32\DRIVERS\smb.sys
0x90F72000 \SystemRoot\system32\drivers\afd.sys
0x90FBA000 \SystemRoot\System32\DRIVERS\netbt.sys
0x904B5000 \SystemRoot\system32\DRIVERS\pacer.sys
0x90FEC000 \SystemRoot\system32\DRIVERS\netbios.sys
0x904CB000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x904DE000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x9051A000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90524000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys
0x9057F000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x905DD000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x8FBC6000 \SystemRoot\System32\Drivers\dfsc.sys
0x98C00000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
0x98C7F000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
0x98D2B000 \SystemRoot\System32\Drivers\crashdmp.sys
0x98D38000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x98D43000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9F490000 \SystemRoot\System32\win32k.sys
0x98D4D000 \SystemRoot\System32\drivers\Dxapi.sys
0x98D57000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9F6B0000 \SystemRoot\System32\TSDDD.dll
0x9F6D0000 \SystemRoot\System32\cdd.dll
0x98D66000 \SystemRoot\system32\drivers\luafv.sys
0x9F6E0000 \SystemRoot\System32\ATMFD.DLL
0xB3606000 \SystemRoot\system32\drivers\spsys.sys
0xB36B6000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xB36C6000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xB36F0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB36FA000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xB370D000 \SystemRoot\system32\drivers\HTTP.sys
0xB377A000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xB3797000 \SystemRoot\system32\DRIVERS\bowser.sys
0xB37B0000 \SystemRoot\System32\drivers\mpsdrv.sys
0xB37C5000 \SystemRoot\system32\drivers\mrxdav.sys
0x98D81000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x98DA0000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xB37E6000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xB5A06000 \SystemRoot\System32\DRIVERS\srv2.sys
0xB5A2E000 \SystemRoot\System32\DRIVERS\srv.sys
0xB5A94000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xB5A98000 \SystemRoot\system32\drivers\peauth.sys
0xB5B76000 \SystemRoot\System32\Drivers\secdrv.SYS
0xB5B80000 \SystemRoot\System32\drivers\tcpipreg.sys
0xB5B8C000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xB5B94000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xB5B99000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x772D0000 \Windows\System32\ntdll.dll

Processes (total 68):
0 System Idle Process
4 System
432 C:\Windows\System32\smss.exe
512 csrss.exe
556 C:\Windows\System32\wininit.exe
564 csrss.exe
604 C:\Windows\System32\winlogon.exe
644 C:\Windows\System32\services.exe
656 C:\Windows\System32\lsass.exe
664 C:\Windows\System32\lsm.exe
812 C:\Windows\System32\svchost.exe
872 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
1032 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1116 C:\Windows\System32\audiodg.exe
1140 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\SLsvc.exe
1200 C:\Windows\System32\svchost.exe
1332 C:\Windows\System32\svchost.exe
1476 C:\Windows\System32\wlanext.exe
1572 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
1696 C:\Windows\System32\spoolsv.exe
1744 C:\Windows\System32\svchost.exe
12 C:\Windows\System32\dwm.exe
692 C:\Windows\System32\taskeng.exe
980 C:\Windows\explorer.exe
996 C:\Windows\System32\taskeng.exe
212 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
808 C:\Program Files\HP\QuickPlay\QPService.exe
1532 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
2076 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
2208 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2232 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
2260 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
2288 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
2304 C:\Windows\System32\svchost.exe
2316 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2332 C:\Program Files\SMINST\BLService.exe
2400 C:\Windows\System32\hkcmd.exe
2452 C:\Windows\System32\igfxpers.exe
2492 C:\Program Files\CyberLink\Shared files\RichVideo.exe
2536 C:\Windows\System32\svchost.exe
2584 C:\Windows\System32\svchost.exe
2620 C:\Windows\System32\SearchIndexer.exe
2648 C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
2748 C:\Windows\System32\drivers\XAudio.exe
2776 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2820 C:\Program Files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe
2924 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

I think i did that correctly....however on the bit defender quick scan firefox addon it still shows that as a virus

QuickScan Beta 32-bit v0.9.9.50
-------------------------------
Scan date: Wed Nov 03 14:59:41 2010
Machine ID: 9AE1519E



Found 1 infected file!
----------------------

C:\Windows\system32\syncstream.dll --> Gen:Variant.Kazy.894
 
One thing at a time, please.

Your MBRCheck log is incomplete.
Re-run it and post new log.
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Wistron
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ60 Notebook PC
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 209):
0x81C4B000 \SystemRoot\system32\ntkrnlpa.exe
0x81C18000 \SystemRoot\system32\hal.dll
0x8040B000 \SystemRoot\system32\kdcom.dll
0x80412000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80482000 \SystemRoot\system32\PSHED.dll
0x80493000 \SystemRoot\system32\BOOTVID.dll
0x8049B000 \SystemRoot\system32\CLFS.SYS
0x804DC000 \SystemRoot\system32\CI.dll
0x8060A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80686000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80693000 \SystemRoot\system32\drivers\acpi.sys
0x806D9000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806E2000 \SystemRoot\system32\drivers\msisadrv.sys
0x806EA000 \SystemRoot\system32\drivers\pci.sys
0x80711000 \SystemRoot\system32\drivers\isapnp.sys
0x80720000 \SystemRoot\system32\drivers\mpio.sys
0x8073C000 \SystemRoot\System32\drivers\partmgr.sys
0x8074B000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8074E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x80758000 \SystemRoot\system32\drivers\volmgr.sys
0x80767000 \SystemRoot\System32\drivers\volmgrx.sys
0x807B1000 \SystemRoot\system32\drivers\intelide.sys
0x807B8000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x807C6000 \SystemRoot\system32\drivers\aliide.sys
0x807CD000 \SystemRoot\system32\drivers\amdide.sys
0x807D4000 \SystemRoot\system32\drivers\cmdide.sys
0x807DC000 \SystemRoot\System32\drivers\mountmgr.sys
0x805BC000 \SystemRoot\system32\drivers\msdsm.sys
0x805D6000 \SystemRoot\system32\drivers\nvraid.sys
0x82202000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x82223000 \SystemRoot\system32\drivers\pciide.sys
0x8222A000 \SystemRoot\system32\drivers\viaide.sys
0x82232000 \SystemRoot\system32\drivers\iastorv.sys
0x822D3000 \SystemRoot\system32\drivers\atapi.sys
0x822DB000 \SystemRoot\system32\drivers\ataport.SYS
0x822F9000 \SystemRoot\system32\drivers\lsi_scsi.sys
0x82313000 \SystemRoot\system32\drivers\storport.sys
0x82354000 \SystemRoot\system32\drivers\msahci.sys
0x8235E000 \SystemRoot\system32\drivers\hpcisss.sys
0x82369000 \SystemRoot\system32\drivers\adp94xx.sys
0x8A202000 \SystemRoot\system32\drivers\adpahci.sys
0x8A24E000 \SystemRoot\system32\drivers\adpu160m.sys
0x8A269000 \SystemRoot\system32\drivers\SCSIPORT.SYS
0x8A28F000 \SystemRoot\system32\drivers\adpu320.sys
0x8A2B5000 \SystemRoot\system32\drivers\djsvs.sys
0x8A2C9000 \SystemRoot\system32\drivers\arc.sys
0x8A2DF000 \SystemRoot\system32\drivers\arcsas.sys
0x8A2F5000 \SystemRoot\system32\drivers\elxstor.sys
0x8A389000 \SystemRoot\system32\drivers\i2omp.sys
0x8A393000 \SystemRoot\system32\drivers\iirsp.sys
0x8A3A3000 \SystemRoot\system32\drivers\iteatapi.sys
0x8A3AF000 \SystemRoot\system32\drivers\iteraid.sys
0x8A3BB000 \SystemRoot\system32\drivers\lsi_fc.sys
0x8A3D5000 \SystemRoot\system32\drivers\lsi_sas.sys
0x8A3ED000 \SystemRoot\system32\drivers\megasas.sys
0x8A405000 \SystemRoot\system32\drivers\megasr.sys
0x8A4BC000 \SystemRoot\system32\drivers\mraid35x.sys
0x8A4C7000 \SystemRoot\system32\drivers\nfrd960.sys
0x8A4D5000 \SystemRoot\system32\drivers\nvstor.sys
0x8A603000 \SystemRoot\system32\drivers\ql2300.sys
0x8A73B000 \SystemRoot\system32\drivers\ql40xx.sys
0x8A790000 \SystemRoot\system32\drivers\sisraid2.sys
0x8A79D000 \SystemRoot\system32\drivers\sisraid4.sys
0x8A7B2000 \SystemRoot\system32\drivers\symc8xx.sys
0x8A7BE000 \SystemRoot\system32\drivers\sym_hi.sys
0x8A7C9000 \SystemRoot\system32\drivers\sym_u3.sys
0x8A4E2000 \SystemRoot\system32\drivers\uliahci.sys
0x8A7D4000 \SystemRoot\system32\drivers\ulsata.sys
0x8A51E000 \SystemRoot\system32\drivers\ulsata2.sys
0x8A54A000 \SystemRoot\system32\drivers\vsmraid.sys
0x8A56B000 \SystemRoot\system32\drivers\fltmgr.sys
0x8A59D000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
0x823D3000 \SystemRoot\system32\drivers\fileinfo.sys
0x823E3000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x8A80B000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
0x8A838000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8A8A9000 \SystemRoot\system32\drivers\ndis.sys
0x8A9B4000 \SystemRoot\system32\drivers\msrpc.sys
0x8AA06000 \SystemRoot\system32\drivers\NETIO.SYS
0x8AA41000 \SystemRoot\System32\drivers\tcpip.sys
0x8AB2B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8AC07000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8AD17000 \SystemRoot\system32\drivers\wd.sys
0x8AD1F000 \SystemRoot\system32\drivers\volsnap.sys
0x8AD58000 \SystemRoot\System32\Drivers\spldr.sys
0x8AD60000 \SystemRoot\system32\drivers\sbp2port.sys
0x8AD75000 \SystemRoot\System32\Drivers\mup.sys
0x8AD84000 \SystemRoot\System32\drivers\ecache.sys
0x8ADAB000 \SystemRoot\system32\drivers\disk.sys
0x8ADBC000 \SystemRoot\system32\drivers\crcdisk.sys
0x8ADE7000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8ADF2000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8AB46000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8AB55000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8E606000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8EF23000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8EFC4000 \SystemRoot\System32\drivers\watchdog.sys
0x8EFD0000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8AB5E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8EFDB000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F206000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F293000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8F2B9000 \SystemRoot\system32\DRIVERS\athr.sys
0x8F3D9000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F3EC000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x8F3F1000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8AB9C000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F3FC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8EFEA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F200000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8ABCC000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8EFF5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8F60F000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F63E000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8F649000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F660000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8F66B000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8F68E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8F69D000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8F6B1000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8F6C6000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F6D6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8F6D8000 \SystemRoot\system32\DRIVERS\ks.sys
0x8F702000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8F70C000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8F719000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8F74E000 \SystemRoot\system32\drivers\CHDRT32.sys
0x8F789000 \SystemRoot\system32\drivers\portcls.sys
0x8F7B6000 \SystemRoot\system32\drivers\drmk.sys
0x8FA0E000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8FA4C000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8FC01000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x8FCB6000 \SystemRoot\system32\drivers\modem.sys
0x8FCC3000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x8FCE4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8FCF5000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8FCFE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8FD0E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8FD15000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8FD1D000 \SystemRoot\System32\Drivers\N360\0403000.005\SRTSP.SYS
0x8FD74000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
0x8FD93000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x90E03000 \SystemRoot\system32\DRIVERS\LV302V32.SYS
0x91092000 \SystemRoot\system32\DRIVERS\lv302af.sys
0x91094000 \SystemRoot\system32\drivers\usbaudio.sys
0x910A6000 \SystemRoot\system32\DRIVERS\lvrs.sys
0x910E6000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
0x91406000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVEX15.SYS
0x91554000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x91579000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVENG.SYS
0x9158D000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x91596000 \SystemRoot\System32\Drivers\Null.SYS
0x9159D000 \SystemRoot\System32\Drivers\Beep.SYS
0x915AD000 \SystemRoot\System32\drivers\vga.sys
0x915B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x915DA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x915E2000 \SystemRoot\system32\drivers\rdpencdd.sys
0x915EA000 \SystemRoot\System32\Drivers\Msfs.SYS
0x910F0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x915F5000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x910FE000 \SystemRoot\system32\DRIVERS\tdx.sys
0x91114000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
0x9116D000 \SystemRoot\system32\DRIVERS\smb.sys
0x91181000 \SystemRoot\system32\drivers\afd.sys
0x911C9000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8FDAA000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8FDC0000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8FDCE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8FB4F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8FDE1000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8FB8B000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys
0x95206000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x95264000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x95281000 \SystemRoot\System32\Drivers\dfsc.sys
0x95298000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
0x95317000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
0x953C3000 \SystemRoot\System32\Drivers\crashdmp.sys
0x953D0000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x953DB000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9E000000 \SystemRoot\System32\win32k.sys
0x953E5000 \SystemRoot\System32\drivers\Dxapi.sys
0x953EF000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9E220000 \SystemRoot\System32\TSDDD.dll
0x9E250000 \SystemRoot\System32\ATMFD.DLL
0x8F7DB000 \SystemRoot\system32\drivers\luafv.sys
0xB0807000 \SystemRoot\system32\drivers\spsys.sys
0xB08B7000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xB08C7000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xB08F1000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB08FB000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xB090E000 \SystemRoot\system32\drivers\HTTP.sys
0xB097B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xB0998000 \SystemRoot\system32\DRIVERS\bowser.sys
0xB09B1000 \SystemRoot\System32\drivers\mpsdrv.sys
0xB09C6000 \SystemRoot\system32\drivers\mrxdav.sys
0x8ADC5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB240E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xB2447000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xB245F000 \SystemRoot\System32\DRIVERS\srv2.sys
0xB2487000 \SystemRoot\System32\DRIVERS\srv.sys
0xB24ED000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xB24F1000 \SystemRoot\system32\drivers\peauth.sys
0xB25CF000 \SystemRoot\System32\Drivers\secdrv.SYS
0xB25D9000 \SystemRoot\System32\drivers\tcpipreg.sys
0xB25E5000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xB25ED000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xB24D5000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x9E2D0000 \SystemRoot\System32\cdd.dll
0x77210000 \Windows\System32\ntdll.dll

Processes (total 64):
0 System Idle Process
4 System
496 C:\Windows\System32\smss.exe
576 csrss.exe
620 C:\Windows\System32\wininit.exe
664 C:\Windows\System32\services.exe
676 C:\Windows\System32\lsass.exe
684 C:\Windows\System32\lsm.exe
876 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\svchost.exe
1076 C:\Windows\System32\svchost.exe
1104 C:\Windows\System32\svchost.exe
1116 C:\Windows\System32\svchost.exe
1192 C:\Windows\System32\audiodg.exe
1212 C:\Windows\System32\svchost.exe
1228 C:\Windows\System32\SLsvc.exe
1260 C:\Windows\System32\svchost.exe
1380 C:\Windows\System32\svchost.exe
1632 C:\Windows\System32\wlanext.exe
1824 C:\Windows\System32\spoolsv.exe
1848 C:\Windows\System32\svchost.exe
1576 C:\Windows\System32\taskeng.exe
2272 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
2448 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
2524 C:\Windows\System32\svchost.exe
2736 C:\Program Files\SMINST\BLService.exe
2776 C:\Program Files\CyberLink\Shared files\RichVideo.exe
2836 C:\Windows\System32\svchost.exe
2876 C:\Windows\System32\svchost.exe
2976 C:\Windows\System32\SearchIndexer.exe
3040 C:\Windows\System32\drivers\XAudio.exe
3064 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
3176 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
3460 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
3544 WmiPrvSE.exe
4024 dllhost.exe
4368 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
6036 csrss.exe
3868 C:\Windows\System32\winlogon.exe
2064 C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
3848 C:\Windows\System32\dwm.exe
5760 C:\Windows\System32\taskeng.exe
4000 C:\Windows\explorer.exe
2960 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
4684 C:\Program Files\HP\QuickPlay\QPService.exe
2156 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
2304 C:\Program Files\Common Files\Java\Java Update\jusched.exe
4376 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
1468 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
2784 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
4192 C:\Windows\System32\hkcmd.exe
3084 C:\Windows\System32\igfxpers.exe
4340 C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
4720 C:\Program Files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe
2908 C:\Windows\System32\igfxsrvc.exe
1748 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
5404 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
2468 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
2936 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
5052 C:\Windows\System32\taskeng.exe
1588 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5940 C:\Program Files\Mozilla Firefox\firefox.exe
5704 C:\Program Files\Mozilla Firefox\plugin-container.exe
5540 C:\Users\jonathan\Desktop\Scanners\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`a2900000 (NTFS)

PhysicalDrive0 Model Number: ST9250320AS, Rev: HP07

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
 
Looks good :)

Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders.
Upload following files to http://www.virustotal.com/ for security check:
- C:\Windows\system32\syncstream.dll
IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.
Post scan results.
 
i hope this is what i needed to paste?

Antivirus Version Last update Result
AhnLab-V3 2010.11.04.00 2010.11.03 -
AntiVir 7.10.13.114 2010.11.03 TR/Crypt.XPACK.Gen3
Antiy-AVL 2.0.3.7 2010.11.03 -
Authentium 5.2.0.5 2010.11.03 -
Avast 4.8.1351.0 2010.11.03 -
Avast5 5.0.594.0 2010.11.03 -
AVG 9.0.0.851 2010.11.03 -
BitDefender 7.2 2010.11.03 Gen:Variant.Kazy.894
CAT-QuickHeal 11.00 2010.10.26 -
ClamAV 0.96.2.0-git 2010.11.03 -
Comodo 6606 2010.11.03 -
DrWeb 5.0.2.03300 2010.11.03 -
Emsisoft 5.0.0.50 2010.11.03 Trojan-Downloader.Win32.Vundo!IK
eSafe 7.0.17.0 2010.11.03 -
eTrust-Vet 36.1.7954 2010.11.03 -
F-Prot 4.6.2.117 2010.11.03 -
F-Secure 9.0.16160.0 2010.11.03 Gen:Variant.Kazy.894
Fortinet 4.2.249.0 2010.11.03 -
GData 21 2010.11.03 Gen:Variant.Kazy.894
Ikarus T3.1.1.90.0 2010.11.03 Trojan-Downloader.Win32.Vundo
Jiangmin 13.0.900 2010.11.03 -
K7AntiVirus 9.67.2903 2010.11.03 -
Kaspersky 7.0.0.125 2010.11.03 -
McAfee 5.400.0.1158 2010.11.03 -
McAfee-GW-Edition 2010.1C 2010.11.03 -
Microsoft 1.6301 2010.11.03 -
NOD32 5589 2010.11.03 -
Norman 6.06.10 2010.11.03 -
nProtect 2010-11-03.01 2010.11.03 Gen:Variant.Kazy.894
Panda 10.0.2.7 2010.11.03 Trj/CI.A
PCTools 7.0.3.5 2010.11.03 -
Prevx 3.0 2010.11.03 -
Rising 22.72.01.04 2010.11.03 -
Sophos 4.59.0 2010.11.03 Sus/UnkPack-C
Sunbelt 7209 2010.11.03 -
SUPERAntiSpyware 4.40.0.1006 2010.11.03 -
Symantec 20101.2.0.161 2010.11.03 -
TheHacker 6.7.0.1.075 2010.11.02 -
TrendMicro 9.120.0.1004 2010.11.03 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.03 -
VBA32 3.12.14.1 2010.11.03 BScope.FearGen.xf
ViRobot 2010.10.4.4074 2010.11.03 -
VirusBuster 12.71.4.0 2010.11.03 -
MD5: c6dc2a6498106bc6236eac4d19391fea
SHA1: a3007862a025b5f86c8639129d3f02f658e6ef4e
SHA256: 7eabf2b9786ff2459c9b8a3403231dbdbac0485504616a570627631aaa23d0a2
File size: 482304 bytes
Scan date: 2010-11-03 21:29:37 (UTC)
 
1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
File::
C:\Windows\system32\syncstream.dll


Folder::
c:\programdata\QAJHFUQDXG
c:\programdata\EXIHFUQDXG
c:\programdata\BVIHFUQDXG
c:\programdata\AHIHFUQDXG
c:\programdata\URIHFUQDXG


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
ComboFix 10-11-02.03 - jonathan 11/03/2010 18:59:30.5.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3002.1807 [GMT -4:00]
Running from: c:\users\jonathan\Desktop\ComboFix.exe
Command switches used :: c:\users\jonathan\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\system32\syncstream.dll"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\AHIHFUQDXG
c:\programdata\AHIHFUQDXG\2050.Dat
c:\programdata\BVIHFUQDXG
c:\programdata\BVIHFUQDXG\2415.Dat
c:\programdata\EXIHFUQDXG
c:\programdata\EXIHFUQDXG\2470.Dat
c:\programdata\QAJHFUQDXG
c:\programdata\QAJHFUQDXG\2560.Dat
c:\programdata\URIHFUQDXG
c:\programdata\URIHFUQDXG\2330.Dat
c:\windows\system32\syncstream.dll

.
((((((((((((((((((((((((( Files Created from 2010-10-03 to 2010-11-03 )))))))))))))))))))))))))))))))
.

2010-11-03 23:05 . 2010-11-03 23:06 -------- d-----w- c:\users\jonathan\AppData\Local\temp
2010-11-03 23:05 . 2010-11-03 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-03 21:00 . 2010-11-03 21:00 -------- d-----w- c:\users\john
2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Roaming\Tific
2010-11-03 05:54 . 2010-11-03 05:54 -------- d-----w- c:\users\jonathan\AppData\Local\Symantec
2010-11-02 22:38 . 2010-11-02 22:38 -------- d-----w- C:\VundoFix Backups
2010-10-31 20:22 . 2010-11-03 18:25 -------- d-----w- c:\users\jonathan\AppData\Roaming\CyberLink
2010-10-31 20:22 . 2010-11-03 18:25 -------- d-----w- c:\users\Public\CyberLink
2010-10-27 20:00 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-10-27 19:55 . 2010-10-27 19:55 -------- d-----w- c:\users\jonathan\AppData\Local\Apple
2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\Common Files\scanner
2010-10-27 19:39 . 2010-10-27 19:39 -------- d-----w- c:\program files\CA
2010-10-27 19:35 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-10-27 19:28 . 2010-10-27 19:28 -------- d-----w- c:\windows\system32\x64
2010-10-27 19:22 . 2010-10-27 19:26 -------- d-----w- c:\users\jonathan\AppData\Local\Immunet
2010-10-27 19:22 . 2010-10-27 19:37 -------- d-----w- c:\programdata\Immunet
2010-10-27 19:22 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-10-27 19:19 . 2010-09-08 06:02 638232 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2010-10-27 19:17 . 2009-03-08 11:35 233984 ----a-w- c:\program files\Internet Explorer\jsprofilerui.dll
2010-10-26 17:32 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-26 17:32 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-26 17:32 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-23 20:19 . 2010-10-23 20:20 -------- d-----w- c:\program files\Paint.NET
2010-10-23 20:18 . 2010-10-24 17:35 -------- d-----w- c:\users\jonathan\AppData\Local\Paint.NET
2010-10-20 13:53 . 2010-11-03 03:54 -------- d-----w- c:\users\jonathan\AppData\Local\CrashDumps
2010-10-19 06:18 . 2010-10-19 06:54 -------- d-----w- c:\program files\Ali Baba Buddy Pogo
2010-10-17 21:32 . 2010-10-19 06:54 -------- d-----w- c:\program files\Stackem Buddy Pogo
2010-10-16 03:32 . 2008-04-17 21:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-10-16 03:32 . 2009-05-18 22:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-16 03:32 . 2010-10-16 03:32 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-10-16 03:32 . 2010-10-16 16:08 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-10-16 03:32 . 2010-10-16 03:32 -------- d-----w- c:\program files\Symantec
2010-10-16 03:31 . 2010-10-16 03:31 -------- d-----w- c:\program files\NortonInstaller
2010-10-16 03:09 . 2010-11-03 19:06 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-10-16 03:09 . 2010-10-16 03:12 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\users\jonathan\AppData\Roaming\Malwarebytes
2010-10-15 23:43 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\programdata\Malwarebytes
2010-10-15 23:43 . 2010-10-15 23:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 23:43 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-15 23:23 . 2010-10-15 23:23 -------- d-----w- c:\program files\Trend Micro
2010-10-15 23:14 . 2010-10-29 15:03 -------- d-----w- c:\windows\system32\drivers\N360
2010-10-15 23:11 . 2010-10-15 23:11 -------- d-----w- c:\users\jonathan\LimeWire
2010-10-15 22:45 . 2010-10-15 23:01 -------- d-----w- c:\programdata\Fugazo
2010-10-15 22:19 . 2010-10-15 22:19 -------- d-----w- c:\users\jonathan\AppData\Roaming\WildTangent
2010-10-15 14:53 . 2010-09-16 17:24 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4105DF84-183C-44FA-BADC-E90AA047714D}\mpengine.dll
2010-10-15 03:57 . 2010-10-27 21:07 -------- d-----w- c:\program files\BadgeHelp
2010-10-14 21:34 . 2010-10-14 21:34 -------- d-----w- c:\users\jonathan\AppData\Roaming\InstallShield
2010-10-14 20:30 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-14 20:30 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-14 20:30 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-14 20:30 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-14 20:30 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-14 20:30 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-14 20:30 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-14 20:30 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-14 20:30 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-14 20:30 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-14 20:30 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-14 20:29 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-14 20:29 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-14 20:29 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-14 20:29 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-14 20:29 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-14 20:29 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\program files\Comcast Universal Caller ID
2010-10-14 04:11 . 2010-10-14 04:11 -------- d-----w- c:\users\jonathan\AppData\Local\Adobe
2010-10-13 23:11 . 2010-08-12 12:15 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-10-13 23:02 . 2010-08-12 12:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-10-13 23:02 . 2010-10-27 19:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-10-13 23:02 . 2010-10-13 23:02 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-10-12 03:40 . 2007-12-17 17:16 65536 ----a-w- c:\program files\Mozilla Firefox\plugins\npkimi.dll
2010-10-12 03:40 . 2010-10-12 03:40 -------- d-----w- c:\program files\Imikimi
2010-10-11 23:53 . 2010-11-03 20:50 -------- d-----w- c:\users\jonathan\AppData\Roaming\QuickScan
2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\programdata\eSellerate
2010-10-11 22:30 . 2010-10-11 22:30 -------- d-----w- c:\program files\Common Files\eSellerate
2010-10-10 20:05 . 2010-10-10 20:05 -------- d-----w- c:\program files\Windows Portable Devices
2010-10-10 20:00 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-10-10 20:00 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-10-10 20:00 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-10-10 19:58 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-10-10 19:58 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-10-10 19:58 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-10-10 19:58 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-10-10 19:58 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-10-10 19:58 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-10-10 19:58 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-10-10 19:58 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-10-10 19:58 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-10-10 19:58 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-10-10 19:58 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-10-10 19:58 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-10-10 19:56 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-10-10 19:56 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-10-10 19:56 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\ca-ES
2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\eu-ES
2010-10-09 00:15 . 2010-10-09 00:15 -------- d-----w- c:\windows\system32\vi-VN
2010-10-08 23:56 . 2010-10-08 23:56 -------- d-----w- c:\windows\system32\EventProviders
2010-10-08 01:21 . 2010-10-08 01:21 -------- d-----w- c:\users\jonathan\AppData\Local\Yahoo!
2010-10-07 22:19 . 2009-11-08 17:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-07 22:19 . 2009-11-08 17:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-07 22:19 . 2009-11-08 17:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-07 22:19 . 2009-11-08 17:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-07 22:19 . 2009-11-08 17:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Local\LogiShrd
2010-10-07 22:12 . 2010-10-07 22:12 -------- d-----w- c:\users\jonathan\AppData\Roaming\Leadertech
2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2010-10-07 22:09 . 2009-10-07 08:48 539160 ----a-w- c:\windows\system32\LVUI2.dll
2010-10-07 22:09 . 2009-04-30 23:01 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
2010-10-07 22:09 . 2009-04-30 22:39 34068 ----a-w- c:\windows\system32\Repository.reg
2010-10-07 22:09 . 2009-10-07 08:43 416280 ----a-w- c:\windows\system32\LVCodec2.dll
2010-10-07 22:09 . 2009-04-30 22:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2010-10-07 22:09 . 2009-04-30 22:55 2687512 ----a-w- c:\windows\system32\drivers\LV302V32.SYS
2010-10-07 22:09 . 2009-04-30 22:55 13976 ----a-w- c:\windows\system32\drivers\lv302af.sys
2010-10-07 22:09 . 2010-10-07 22:22 -------- d-----w- c:\program files\Logitech
2010-10-07 22:09 . 2010-10-07 22:13 -------- d-----w- c:\programdata\LogiShrd
2010-10-07 22:09 . 2010-10-07 22:10 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-10-07 21:59 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-10-07 21:59 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2010-10-07 21:59 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2010-10-07 21:59 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2010-10-07 21:59 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2010-10-07 21:59 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-03 18:23 . 2008-10-23 06:35 1053232 ----a-w- c:\windows\system32\MFC71u.dll
2010-10-03 18:23 . 2008-08-06 22:29 353840 ----a-w- c:\windows\system32\msvcr71.dll
2010-10-03 18:23 . 2008-08-06 22:27 505392 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-03 18:23 . 2008-10-23 06:35 1066544 ----a-w- c:\windows\system32\MFC71.dll
2010-09-15 08:50 . 2010-10-03 20:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-26 16:33 . 2010-10-26 17:32 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-26 17:32 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-26 17:32 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-26 17:32 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-25 23:46 . 2010-08-25 23:46 8198680 ----a-w- c:\windows\system32\TVWSetup.exe
2010-08-25 23:45 . 2010-10-03 18:17 948760 ----a-w- c:\windows\system32\igxpun.exe
2010-08-25 23:45 . 2008-07-10 22:27 136216 ----a-w- c:\windows\system32\igfxtray.exe
2010-08-25 23:45 . 2008-07-10 22:27 266776 ----a-w- c:\windows\system32\igfxsrvc.exe
2010-08-25 23:45 . 2008-07-10 22:27 170520 ----a-w- c:\windows\system32\igfxpers.exe
2010-08-25 23:45 . 2010-08-25 23:45 179224 ----a-w- c:\windows\system32\igfxext.exe
2010-08-25 23:45 . 2008-07-10 22:27 171032 ----a-w- c:\windows\system32\hkcmd.exe
2010-08-25 23:45 . 2010-08-25 23:45 3156504 ----a-w- c:\windows\system32\GfxUI.exe
2010-08-25 23:39 . 2010-08-25 23:39 81920 ----a-w- c:\windows\system32\igfxCoIn_v2202.dll
2010-08-25 23:31 . 2010-08-25 23:31 9024512 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
2010-08-25 23:31 . 2008-07-06 20:15 4967424 ----a-w- c:\windows\system32\igdumd32.dll
2010-08-25 23:28 . 2008-07-06 20:10 571904 ----a-w- c:\windows\system32\igdumdx32.dll
2010-08-25 23:23 . 2010-08-25 23:23 4411904 ----a-w- c:\windows\system32\igd10umd32.dll
2010-08-25 23:09 . 2010-08-25 23:09 11040256 ----a-w- c:\windows\system32\ig4icd32.dll
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrsky.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrslv.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxresn.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrtrk.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrsve.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrtha.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrrus.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrptg.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrplk.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrptb.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrnor.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrita.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrhun.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrheb.lrc
2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrkor.lrc
2010-08-25 23:02 . 2010-08-25 23:02 82944 ----a-w- c:\windows\system32\igfxrjpn.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrfra.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86528 ----a-w- c:\windows\system32\igfxrell.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrnld.lrc
2010-08-25 23:02 . 2010-08-25 23:02 86016 ----a-w- c:\windows\system32\igfxrdeu.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrfin.lrc
2010-08-25 23:02 . 2010-08-25 23:02 85504 ----a-w- c:\windows\system32\igfxrcsy.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84992 ----a-w- c:\windows\system32\igfxrdan.lrc
2010-08-25 23:02 . 2010-08-25 23:02 84480 ----a-w- c:\windows\system32\igfxrara.lrc
2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrcht.lrc
2010-08-25 23:02 . 2010-08-25 23:02 81920 ----a-w- c:\windows\system32\igfxrchs.lrc
2010-08-25 23:00 . 2010-08-25 23:00 23552 ----a-w- c:\windows\system32\igfxexps.dll
2010-08-25 23:00 . 2010-08-25 23:00 194560 ----a-w- c:\windows\system32\igfxpph.dll
2010-08-25 22:59 . 2010-08-25 22:59 115200 ----a-w- c:\windows\system32\igfxcpl.cpl
2010-08-25 22:59 . 2008-07-06 19:39 261632 ----a-w- c:\windows\system32\igfxTMM.dll
2010-08-25 22:59 . 2008-07-06 19:38 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
2010-08-25 22:59 . 2010-08-25 22:59 130048 ----a-w- c:\windows\system32\igfxdo.dll
2010-08-25 22:59 . 2008-07-06 19:37 94720 ----a-w- c:\windows\system32\hccutils.dll
2010-08-25 22:59 . 2010-08-25 22:59 120320 ----a-w- c:\windows\system32\gfxSrvc.dll
2010-08-25 22:59 . 2010-08-25 22:59 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2010-08-25 22:59 . 2008-07-06 19:37 228864 ----a-w- c:\windows\system32\igfxdev.dll
2010-08-25 22:59 . 2008-07-06 19:37 828928 ----a-w- c:\windows\system32\igfxress.dll
2010-08-25 22:59 . 2008-07-06 19:37 85504 ----a-w- c:\windows\system32\igfxrenu.lrc
2010-08-25 22:52 . 2010-08-25 22:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-08-25 22:52 . 2010-08-25 22:52 208896 ----a-w- c:\windows\system32\iglhsip32.dll
2010-08-25 22:52 . 2010-08-25 22:52 143360 ----a-w- c:\windows\system32\iglhcp32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Comcast Universal Caller ID.lnk - c:\program files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe [2010-10-14 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-10-09 14:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-08-01 23:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 23:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-06-14 01:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-10-13 1357464]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys [2010-10-02 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys [2010-10-19 353840]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-13 102448]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-29 112128]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-11-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 23:02]

2010-11-02 c:\windows\Tasks\HPCeeScheduleForjonathan.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-23 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
FF - ProfilePath - c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\FFExternalAlert.dll
FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}\components\RadioWMPCore.dll
FF - component: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\users\jonathan\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-03 19:05
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-11-03 19:08:07
ComboFix-quarantined-files.txt 2010-11-03 23:08
ComboFix2.txt 2010-11-03 06:01

Pre-Run: 170,854,318,080 bytes free
Post-Run: 170,835,693,568 bytes free

- - End Of File - - 3F854CD43B8A7AC09901D9568270422F
 
Good :)

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL Extras logfile created on: 11/3/2010 7:36:09 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\jonathan\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.54 Gb Total Space | 158.75 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive D: | 10.34 Gb Total Space | 1.73 Gb Free Space | 16.74% Space Free | Partition Type: NTFS

Computer Name: JONATHAN-PC | User Name: jonathan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iCall\iCall.exe" = C:\Program Files\iCall\iCall.exe:*:Enabled:iCall -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{40EF4697-A71E-439F-A071-97153A6E41C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{4C2DA32B-B85F-4A12-AF6F-086EC6F2CE4D}" = lport=445 | protocol=6 | dir=in | app=system |
"{98584A7B-E2B3-448E-AFEC-E74BDB2DDC69}" = lport=138 | protocol=17 | dir=in | app=system |
"{A2B77A2C-9294-433E-B95C-1CDD75D973DB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CCE2E913-D807-4752-A342-5AD4C57BDECA}" = lport=137 | protocol=17 | dir=in | app=system |
"{D101C5A6-8477-44B8-BDC1-D58483A0999A}" = rport=139 | protocol=6 | dir=out | app=system |
"{D87EB1F1-9A36-4FD2-95D7-765E3E16FF12}" = lport=139 | protocol=6 | dir=in | app=system |
"{E49DA6BF-1AB4-4188-97C2-E1E97EBC3226}" = rport=137 | protocol=17 | dir=out | app=system |
"{E624F1F4-54F4-4B57-AA32-57B05E1BA604}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FC071BC6-F234-4710-AD38-C8ED7C595D39}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F1A93B-502C-449E-AA33-4161A25D37DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0FA277AD-DF13-442B-AA33-CBCFFECB972F}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{17DB8151-9F5B-4CAB-805C-AAB6DBB4E498}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{185363CE-56CC-4969-8A97-550000FDE313}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{27296544-3CA3-4A13-BD0F-E8F4E549DCC2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63A3839A-3292-4334-B003-40BBC4A6E53A}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{9A374D62-B49E-4316-BF26-4B503D4C9808}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{BF560D0C-34FE-4CCA-A6C2-57FE00223C4E}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{C7EBC944-FC8A-45C9-8827-6A7D7DDA6CF8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{D53B8B7E-D3B8-4479-B152-393894654F29}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E1B765ED-33FF-46D1-B0AC-DF421B5EE637}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F3B215A1-F050-4DEE-932D-30EA7D61BEBD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F7EF098C-DA97-4F28-8931-B57F1BE0D105}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FA6E4D6E-5262-47C9-AF6F-9DC7A147A0F7}" = dir=in | app=c:\users\jonathan\appdata\local\temp\{f7b125a3-0e65-446e-ac28-5b63ae7058da}\bin\javaw.exe |
"TCP Query User{E1F41214-A8FA-4751-93A3-C52ABB81ADDD}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{F1E045DB-CB28-4AEF-9732-23FE5AC6E7C9}C:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{534AE68D-3A9F-4B70-A719-B06EAEA38932}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{E2D67B6B-5C89-4492-A2B7-E6C0985D4F71}C:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\jonathan\appdata\roaming\imvuclient\1vivoxvoice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0B72559F-4EBC-FCBB-BF23-6D96D9AC423D}" = Comcast Universal Caller ID
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1" = Comcast Universal Caller ID
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"N360" = Norton Security Suite
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"WildTangent hp Master Uninstall" = HP Games
"WTA-141a66d7-81a7-443f-a85f-3e81d47ed561" = Cooking Academy
"WTA-289b2901-23fa-4528-81f8-06e03b45b3d6" = Cooking Academy 2 - World Cuisine
"WTA-6db2ff2f-0e24-4029-b0ed-446aff7854d0" = Build It - Miami Beach Resort
"WTA-f9a7688d-8c00-48e8-854f-d3ca69bf2f58" = Build in Time
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/2/2010 11:44:13 PM | Computer Name = jonathan-PC | Source = Application Error | ID = 1000
Description = Faulting application tu5i59ng.exe, version 1.0.15.15477, time stamp
0x4cbda469, faulting module tu5i59ng.exe, version 1.0.15.15477, time stamp 0x4cbda469,
exception code 0xc0000005, fault offset 0x0000c551, process id 0xdf8, application
start time 0x01cb7b088550aa28.

Error - 11/2/2010 11:47:38 PM | Computer Name = jonathan-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/2/2010 11:54:01 PM | Computer Name = jonathan-PC | Source = Application Error | ID = 1000
Description = Faulting application tu5i59ng.exe, version 1.0.15.15477, time stamp
0x4cbda469, faulting module tu5i59ng.exe, version 1.0.15.15477, time stamp 0x4cbda469,
exception code 0xc0000005, fault offset 0x0000c551, process id 0x1574, application
start time 0x01cb7b0a3ca60db7.

Error - 11/2/2010 11:58:50 PM | Computer Name = jonathan-PC | Source = Perflib | ID = 1010
Description =

Error - 11/3/2010 1:44:35 AM | Computer Name = jonathan-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 11/3/2010 1:46:57 AM | Computer Name = jonathan-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 11/3/2010 2:09:33 AM | Computer Name = jonathan-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 10/24/2010 9:39:43 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/24/2010 9:38:45 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/25/2010 11:38:57 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/26/2010 1:04:45 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/27/2010 1:50:04 AM | Computer Name = jonathan-PC | Source = DCOM | ID = 10010
Description =

Error - 10/27/2010 10:39:00 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/27/2010 3:45:27 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/27/2010 4:12:34 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/27/2010 9:47:12 PM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/28/2010 9:53:24 AM | Computer Name = jonathan-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
 
OTL logfile created on: 11/3/2010 7:36:09 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\jonathan\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.54 Gb Total Space | 158.75 Gb Free Space | 71.34% Space Free | Partition Type: NTFS
Drive D: | 10.34 Gb Total Space | 1.73 Gb Free Space | 16.74% Space Free | Partition Type: NTFS

Computer Name: JONATHAN-PC | User Name: jonathan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
PRC - [2010/10/13 19:02:20 | 000,913,544 | ---- | M] (Lavasoft ) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
PRC - [2010/06/01 13:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/10/14 16:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 16:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 04:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 18:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe


========== Modules (SafeList) ==========

MOD - [2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
MOD - [2010/10/23 16:21:37 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2010/10/23 16:21:37 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
MOD - [2010/09/20 15:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/13 19:02:19 | 001,357,464 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/25 20:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/10/07 04:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/01/26 18:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\jonathan\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/10/19 16:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101102.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/10/15 23:32:12 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/10/13 04:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/10/13 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/10/13 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/10/13 04:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101103.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/10/02 03:00:02 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101029.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/08/25 19:31:30 | 009,024,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2010/08/12 08:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/05/06 00:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/29 01:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 23:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 22:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 22:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 20:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/10/07 04:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/05/19 18:52:20 | 001,166,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/04/30 19:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 18:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/04/30 18:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2009/04/11 00:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/01/20 06:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/10/23 01:54:22 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/10/23 01:54:22 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/10/23 01:54:22 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/06/29 10:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
 
DRV - [2008/04/17 14:05:16 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/20 22:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 22:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/20 22:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2007/10/31 21:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/10/31 21:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/10/31 21:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/17 19:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {771f3037-9885-4423-b50f-a5ede4854e26}:1.300.306

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/10/17 16:27:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/10/15 23:32:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/28 00:35:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/28 00:35:46 | 000,000,000 | ---D | M]

[2010/10/10 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Extensions
[2010/10/03 13:33:33 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2010/10/10 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/11/03 17:05:15 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions
[2010/10/07 20:15:42 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/11/01 13:50:50 | 000,000,000 | ---D | M] (InboxDollars) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{771f3037-9885-4423-b50f-a5ede4854e26}
[2010/10/06 19:40:07 | 000,000,000 | ---D | M] (IMVU Inc Toolbar) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2010/10/06 19:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2010/11/03 17:05:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/11 19:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/10/26 13:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/10/07 18:06:25 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\extensions\DeviceDetection@logitech.com
[2010/11/01 13:51:01 | 000,001,734 | ---- | M] () -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\1oked8k0.default\searchplugins\search-the-web.xml
[2010/10/27 18:22:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/03 16:44:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 18:22:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/12/17 13:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
[2008/12/01 12:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

O1 HOSTS File: ([2010/11/03 19:05:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Norton Security Suite\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk = C:\Program Files\Comcast Universal Caller ID\Comcast Universal Caller ID.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/03 19:21:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/11/03 19:17:24 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
[2010/11/03 19:08:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/11/03 19:08:10 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\temp
[2010/11/03 18:52:57 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/11/03 18:52:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/11/03 01:54:46 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\Tific
[2010/11/03 01:54:44 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Symantec
[2010/11/02 23:47:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/11/02 20:22:05 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/11/02 20:22:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/11/02 20:22:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/11/02 20:21:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/11/02 20:21:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/02 18:38:12 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/10/31 16:22:11 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\CyberLink
[2010/10/30 14:17:17 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\videos
[2010/10/28 17:04:56 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/10/28 17:04:56 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symds.sys
[2010/10/28 17:04:56 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.sys
[2010/10/28 17:04:56 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symefa.sys
[2010/10/28 17:04:56 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\ironx86.sys
[2010/10/28 17:04:56 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.sys
[2010/10/28 17:04:55 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/10/28 17:04:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0403000.005
[2010/10/27 18:22:38 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/27 18:22:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/27 18:22:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/27 16:00:52 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/10/27 16:00:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/10/27 15:55:49 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Apple
[2010/10/27 15:42:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/10/27 15:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2010/10/27 15:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/10/27 15:35:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2010/10/27 15:34:38 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2010/10/27 15:34:38 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2010/10/27 15:34:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2010/10/27 15:34:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2010/10/27 15:34:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2010/10/27 15:34:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2010/10/27 15:34:26 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2010/10/27 15:34:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2010/10/27 15:34:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2010/10/27 15:34:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2010/10/27 15:34:06 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2010/10/27 15:34:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2010/10/27 15:34:06 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2010/10/27 15:34:06 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2010/10/27 15:34:06 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2010/10/27 15:28:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2010/10/27 15:22:54 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Immunet
[2010/10/27 15:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
[2010/10/27 15:20:06 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/27 15:20:06 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/27 15:20:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/10/27 15:20:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/27 15:20:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/27 15:20:04 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/27 15:20:04 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/27 15:20:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/27 15:20:04 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/27 15:20:03 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/27 15:20:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/27 15:20:02 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/27 15:20:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/27 15:20:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/27 15:20:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/27 15:20:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/27 15:20:01 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/27 15:18:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/10/27 15:18:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/10/27 15:18:04 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/10/27 15:18:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/10/27 15:18:04 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/10/27 15:18:04 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/10/27 15:18:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/10/27 15:18:03 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/10/27 15:18:03 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/10/27 15:18:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/10/27 15:18:03 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/10/27 15:18:02 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/10/27 15:18:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/10/27 15:18:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/10/27 15:18:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/10/27 15:18:01 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/10/27 15:18:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/10/27 15:18:00 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/10/27 15:18:00 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/10/27 15:17:59 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/10/27 15:17:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/10/27 15:17:59 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/10/27 15:17:59 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/10/26 13:32:18 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/26 13:32:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/10/26 13:32:17 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/10/25 12:11:11 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\Scanners
[2010/10/24 14:47:47 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\textures
[2010/10/23 16:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2010/10/23 16:18:33 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Paint.NET
[2010/10/20 09:53:47 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\CrashDumps
[2010/10/19 02:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ali Baba Buddy Pogo
[2010/10/17 17:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\Stackem Buddy Pogo
[2010/10/17 14:27:46 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\screenshots
[2010/10/15 23:32:32 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/10/15 23:32:28 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/15 23:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/10/15 23:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/10/15 23:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/10/15 23:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/10/15 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/10/15 19:43:43 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\Malwarebytes
[2010/10/15 19:43:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/15 19:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/15 19:43:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/15 19:43:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/15 19:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/15 19:14:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2010/10/15 19:11:29 | 000,000,000 | ---D | C] -- C:\Users\jonathan\LimeWire
[2010/10/15 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Fugazo
[2010/10/15 18:19:15 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\WildTangent
[2010/10/14 23:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\BadgeHelp
[2010/10/14 17:34:50 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\InstallShield
[2010/10/14 16:30:32 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/14 16:30:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/14 16:30:01 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/14 16:29:59 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/14 16:29:59 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/14 16:29:56 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/14 16:29:54 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/14 16:29:52 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/14 00:11:54 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2010/10/14 00:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast Universal Caller ID
[2010/10/14 00:11:07 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Adobe
[2010/10/13 19:02:27 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/10/13 19:02:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/10/13 19:02:25 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/10/11 23:40:43 | 000,000,000 | ---D | C] -- C:\Program Files\Imikimi
[2010/10/11 23:37:42 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Desktop\imvu
[2010/10/11 19:53:07 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\QuickScan
[2010/10/11 18:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2010/10/11 18:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eSellerate
[2010/10/10 16:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/10/10 16:00:45 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/10/10 16:00:44 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/10/10 16:00:44 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/10/10 15:59:30 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/10/10 15:59:30 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/10/10 15:59:29 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/10/10 15:59:29 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/10/10 15:59:29 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/10/10 15:59:29 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/10/10 15:59:29 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/10/10 15:59:29 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/10/10 15:59:29 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/10/10 15:59:29 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/10/10 15:59:29 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/10/10 15:59:29 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/10/10 15:59:29 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/10/10 15:59:29 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/10/10 15:59:29 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/10/10 15:59:29 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/10/10 15:59:29 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/10/10 15:59:29 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/10/10 15:59:29 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/10/10 15:59:29 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/10/10 15:59:29 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/10/10 15:59:29 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/10/10 15:59:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/10/10 15:59:28 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/10/10 15:59:28 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/10/10 15:58:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/10/10 15:58:24 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/10/10 15:58:22 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/10/10 15:58:21 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/10/10 15:58:21 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/10/10 15:58:21 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/10/10 15:58:21 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/10/10 15:58:21 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/10/10 15:58:21 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/10/10 15:56:36 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/10/10 15:56:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/10/09 20:27:55 | 000,000,000 | ---D | C] -- C:\Users\jonathan\Documents\IMVU Projects
[2010/10/08 20:15:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/10/08 20:15:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/10/08 20:15:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/10/08 19:56:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/10/07 21:21:27 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\Yahoo!
[2010/10/07 18:19:58 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/10/07 18:19:58 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/10/07 18:19:58 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/10/07 18:12:29 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Local\LogiShrd
[2010/10/07 18:12:12 | 000,000,000 | ---D | C] -- C:\Users\jonathan\AppData\Roaming\Leadertech
[2010/10/07 18:09:53 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVUI2RC.dll
[2010/10/07 18:09:53 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVUI2.dll
[2010/10/07 18:09:53 | 000,265,496 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lvrs.sys
[2010/10/07 18:09:52 | 002,687,512 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\LV302V32.SYS
[2010/10/07 18:09:52 | 000,416,280 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVCodec2.dll
[2010/10/07 18:09:52 | 000,199,192 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\lvci1201278.dll
[2010/10/07 18:09:52 | 000,013,976 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lv302af.sys
[2010/10/07 18:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/10/07 18:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2010/10/07 18:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2010/10/07 17:59:08 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/10/07 17:59:05 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/10/07 17:59:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/10/07 17:59:03 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/10/07 17:59:02 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/10/07 17:59:01 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/10/07 17:58:59 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/10/07 17:58:59 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/10/07 17:58:58 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/10/07 17:58:58 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/10/07 17:58:56 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/10/07 17:58:56 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/10/07 17:58:56 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/10/07 17:58:55 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/10/07 17:58:54 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/10/07 17:58:53 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/10/07 17:58:53 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/10/07 17:58:53 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/10/07 17:58:53 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/10/07 17:58:52 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/10/07 17:58:51 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/10/07 17:58:51 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/10/07 17:58:51 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/10/07 17:58:51 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/10/07 17:58:50 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/10/07 17:58:49 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/10/07 17:58:49 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/10/07 17:58:49 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/10/07 17:58:48 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/10/07 17:58:48 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/10/07 17:58:48 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/10/07 17:58:48 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/10/07 17:58:46 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/10/07 17:58:45 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/10/07 17:58:45 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/10/07 17:58:45 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/10/07 17:58:45 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/10/07 17:58:45 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/10/07 17:58:44 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/10/07 17:58:44 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/10/07 17:58:44 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/10/07 17:58:43 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/10/07 17:58:43 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/10/07 17:58:43 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/10/07 17:58:43 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/10/07 17:58:43 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/10/07 17:58:43 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/10/07 17:58:42 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/10/07 17:58:42 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/10/07 17:58:42 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/10/07 17:58:41 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/10/07 17:58:41 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/10/07 17:58:41 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/10/07 17:58:41 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/10/07 17:58:40 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/10/07 17:58:40 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/10/07 17:58:40 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/10/07 17:58:40 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/10/07 17:58:39 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/10/07 17:58:39 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/10/07 17:58:39 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/10/07 17:58:39 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/10/07 17:58:39 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/10/07 17:58:39 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/10/07 17:58:39 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/10/07 17:58:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/10/07 17:58:38 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/10/07 17:58:37 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/10/07 17:58:37 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/10/07 17:58:37 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/10/07 17:58:37 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/10/07 17:58:37 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/10/07 17:58:37 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/10/07 17:58:37 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/10/07 17:58:36 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/10/07 17:58:36 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/10/07 17:58:35 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/10/07 17:58:35 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/10/07 17:58:35 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/10/07 17:58:35 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/10/07 17:58:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/10/07 17:58:35 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/10/07 17:58:34 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/10/07 17:58:34 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/10/07 17:58:33 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/10/07 17:58:33 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/10/07 17:58:33 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/10/07 17:58:33 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/10/07 17:58:33 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/10/07 17:58:32 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/10/07 17:58:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/10/07 17:58:31 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/10/07 17:58:31 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/10/07 17:58:31 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/10/07 17:58:30 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/10/07 17:58:30 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/10/07 17:58:30 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/10/07 17:58:30 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/10/07 17:58:30 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/10/07 17:58:29 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/10/07 17:58:29 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/10/07 17:58:29 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/10/07 17:58:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/10/07 17:58:28 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/10/07 17:58:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
 
[2010/10/07 17:58:26 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/10/07 17:58:26 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/10/07 17:58:26 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/10/07 17:58:26 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/10/07 17:58:26 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/10/07 17:58:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/10/07 17:58:26 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/10/07 17:58:26 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/10/07 17:58:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/10/07 17:58:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/10/07 17:58:25 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/10/07 17:58:25 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/10/07 17:58:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/10/07 17:58:24 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/10/07 17:58:24 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/10/07 17:58:24 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/10/07 17:58:24 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/10/07 17:58:24 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/10/07 17:58:24 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/10/07 17:58:24 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/10/07 17:58:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/10/07 17:58:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/10/07 17:58:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/10/07 17:58:24 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/10/07 17:58:24 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/10/07 17:58:23 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/10/07 17:58:23 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/10/07 17:58:23 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/10/07 17:58:23 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/10/07 17:58:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/10/07 17:58:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/10/07 17:58:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/10/07 17:58:22 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/10/07 17:58:22 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/10/07 17:58:22 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/10/07 17:58:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/10/07 17:58:22 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/10/07 17:58:22 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/10/07 17:58:22 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/10/07 17:58:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/10/07 17:58:22 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/10/07 17:58:21 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/10/07 17:58:21 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/10/07 17:58:21 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/10/07 17:58:21 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/10/07 17:58:21 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/10/07 17:58:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/10/07 17:58:21 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010/10/07 17:58:20 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/10/07 17:58:20 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/10/07 17:58:20 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/10/07 17:58:20 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/10/07 17:58:19 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/10/07 17:58:19 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/10/07 17:58:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/10/07 17:58:19 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/10/07 17:58:19 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/10/07 17:58:19 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/10/07 17:58:18 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/10/07 17:58:18 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/10/07 17:58:17 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/10/07 17:58:16 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/10/07 17:58:16 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/10/07 17:58:16 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/10/07 17:58:16 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/10/07 17:58:16 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/10/07 17:58:16 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/10/07 17:58:16 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/10/07 17:58:16 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/10/07 17:58:16 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/10/07 17:58:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/10/07 17:58:15 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/10/07 17:58:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/10/07 17:58:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/10/07 17:58:15 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/10/07 17:58:15 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/10/07 17:58:14 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/10/07 17:58:14 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/10/07 17:58:14 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/10/07 17:58:14 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/10/07 17:58:14 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/10/07 17:58:14 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/10/07 17:58:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/10/07 17:58:14 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/10/07 17:58:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/10/07 17:58:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/10/07 17:58:14 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/10/07 17:58:14 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/10/07 17:58:14 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/10/07 17:58:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/10/07 17:58:13 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/10/07 17:58:13 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/10/07 17:58:13 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/10/07 17:58:13 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/10/07 17:58:13 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/10/07 17:58:13 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/10/07 17:58:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/10/07 17:58:12 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/10/07 17:58:12 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/10/07 17:58:12 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/10/07 17:58:12 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/10/07 17:58:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/10/07 17:58:12 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/10/07 17:58:12 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/10/07 17:58:12 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/10/07 17:58:12 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/10/07 17:58:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/10/07 17:58:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/10/07 17:58:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/10/07 17:58:12 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/10/07 17:58:11 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/10/07 17:58:11 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/10/07 17:58:11 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/10/07 17:58:11 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/10/07 17:58:11 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/10/07 17:58:11 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/10/07 17:58:11 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/10/07 17:58:11 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/10/07 17:58:11 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/10/07 17:58:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/10/07 17:58:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/10/07 17:58:11 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/10/07 17:58:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/10/07 17:58:10 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/10/07 17:58:10 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/10/07 17:58:10 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/10/07 17:58:10 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/10/07 17:58:10 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/10/07 17:58:10 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
 
[2010/10/07 17:58:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/10/07 17:58:09 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/10/07 17:58:09 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/10/07 17:58:09 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/10/07 17:58:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/10/07 17:58:09 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/10/07 17:58:09 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/10/07 17:58:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/10/07 17:58:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/10/07 17:58:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/10/07 17:58:09 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/10/07 17:58:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/10/07 17:58:08 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/10/07 17:58:08 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/10/07 17:58:08 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/10/07 17:58:08 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/10/07 17:58:08 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/10/07 17:58:08 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/10/07 17:58:08 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/10/07 17:58:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/10/07 17:58:08 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/10/07 17:58:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/10/07 17:58:08 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/10/07 17:58:07 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/10/07 17:58:07 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/10/07 17:58:07 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/10/07 17:58:07 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/10/07 17:58:07 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/10/07 17:58:07 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/10/07 17:58:07 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/10/07 17:58:07 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/10/07 17:58:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/10/07 17:58:07 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/10/07 17:58:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/10/07 17:58:07 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/10/07 17:58:06 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/10/07 17:58:06 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/10/07 17:58:06 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/10/07 17:58:06 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/10/07 17:58:06 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/10/07 17:58:06 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/10/07 17:58:06 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/10/07 17:58:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/10/07 17:58:06 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/10/07 17:58:06 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/10/07 17:58:06 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/10/07 17:58:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/10/07 17:58:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/10/07 17:58:06 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/10/07 17:58:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/10/07 17:58:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/10/07 17:58:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/10/07 17:58:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/10/07 17:58:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/10/07 17:58:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/10/07 17:58:05 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/10/07 17:58:05 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/10/07 17:58:05 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/10/07 17:58:05 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/10/07 17:58:05 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/10/07 17:58:05 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/10/07 17:58:05 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/10/07 17:58:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/10/07 17:58:05 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/10/07 17:58:05 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/10/07 17:58:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
[2010/10/07 17:58:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/10/07 17:58:05 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/10/07 17:58:05 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/10/07 17:58:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/10/07 17:58:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/10/07 17:58:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/10/07 17:58:05 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/10/07 17:58:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/10/07 17:58:04 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/10/07 17:58:04 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/10/07 17:58:04 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/10/07 17:58:04 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/10/07 17:58:04 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/10/07 17:58:04 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/10/07 17:58:04 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/10/07 17:58:04 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/10/07 17:58:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/10/07 17:58:04 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/10/07 17:58:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/10/07 17:58:04 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/10/07 17:58:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/10/07 17:58:03 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/10/07 17:58:03 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/10/07 17:58:03 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/10/07 17:58:03 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/10/07 17:58:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/10/07 17:58:03 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/10/07 17:58:03 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/10/07 17:58:03 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/10/07 17:58:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/10/07 17:58:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/10/07 17:58:03 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/10/07 17:58:03 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/10/07 17:58:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/10/07 17:58:02 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/10/07 17:58:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/10/07 17:58:02 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/10/07 17:58:01 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/10/07 17:58:01 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/10/07 17:58:01 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/10/07 17:58:01 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/10/07 17:58:01 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/10/07 17:58:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/10/07 17:58:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/10/07 17:58:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/10/07 17:58:00 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/10/07 17:58:00 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/10/07 17:58:00 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/10/07 17:58:00 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/10/07 17:58:00 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/10/07 17:58:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/10/07 17:58:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/10/07 17:58:00 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/10/07 17:58:00 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/10/07 17:58:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/10/07 17:58:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/10/07 17:57:59 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/10/07 17:57:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/10/07 17:57:59 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/10/07 17:57:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010/10/07 17:57:59 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/10/07 17:57:59 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/10/07 17:57:59 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/10/07 17:57:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/10/07 17:57:59 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/10/07 17:57:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/10/07 17:57:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/10/07 17:57:59 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/10/07 17:57:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/10/07 17:57:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/10/07 17:57:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/10/07 17:57:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/10/07 17:57:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/10/07 17:57:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/10/07 17:57:58 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/10/07 17:57:58 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/10/07 17:57:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/10/07 17:57:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/10/07 17:57:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/10/07 17:57:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/10/07 17:57:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/10/07 17:57:58 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/10/07 17:57:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/10/07 17:57:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/10/07 17:57:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/10/07 17:57:57 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/10/07 17:57:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/10/07 17:57:57 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/10/07 17:57:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/10/07 17:57:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010/10/07 17:57:57 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/10/07 17:57:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/10/07 17:57:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/10/07 17:57:56 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/10/07 17:57:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/10/07 17:57:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/10/07 17:57:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/10/07 17:57:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/10/07 17:57:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/10/07 17:57:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/10/07 17:57:55 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/10/07 17:57:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/10/07 17:57:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/10/07 17:57:55 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/10/07 17:57:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/10/07 17:57:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/10/07 17:57:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/10/07 17:57:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/10/07 17:57:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/10/07 17:57:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/10/07 17:57:44 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/10/07 17:57:40 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/10/07 17:57:40 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/10/07 17:57:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/10/07 17:45:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/10/07 17:45:19 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/10/06 19:33:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/10/06 15:44:22 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/10/06 15:44:22 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/10/06 15:43:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/10/06 15:42:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/10/06 15:42:04 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/10/06 15:41:16 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/10/06 15:41:16 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/10/06 15:40:56 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/10/06 15:40:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/10/06 15:40:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/10/06 15:39:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/10/06 15:39:54 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/10/06 15:39:34 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/10/06 15:39:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/10/06 15:39:34 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/10/06 15:39:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/10/06 15:39:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/10/06 15:39:24 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/10/06 15:39:11 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/10/06 15:39:11 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/10/06 15:39:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/10/06 15:39:10 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/10/06 15:38:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/10/06 15:38:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/10/06 15:38:08 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/10/06 15:38:08 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/10/06 15:38:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/10/06 15:38:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/10/06 15:38:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/10/06 15:37:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/10/06 15:37:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/10/06 15:36:31 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/10/06 15:36:09 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/10/06 15:36:08 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/10/06 15:36:08 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/10/06 15:36:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/10/06 15:36:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/10/06 15:36:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/10/06 15:35:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/10/06 15:34:55 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/10/06 15:34:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/10/06 15:34:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/10/06 15:34:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/10/06 15:33:43 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/10/06 15:33:43 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/10/06 15:33:42 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/10/06 15:33:42 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/10/06 15:33:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/10/06 15:33:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/10/06 15:33:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/10/06 15:33:41 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/10/06 15:33:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/10/06 15:33:17 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/10/06 15:22:35 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/10/06 15:21:33 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unr
 
egmp2.exe
[2010/10/06 15:21:16 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/06 15:21:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/10/06 15:21:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/10/06 15:21:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/10/06 15:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/08/25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

========== Files - Modified Within 30 Days ==========

[2010/11/03 19:36:45 | 001,822,270 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/11/03 19:29:39 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/03 19:29:39 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/03 19:23:31 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/11/03 19:22:19 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/03 19:22:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/03 19:22:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe
[2010/11/03 19:05:46 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/11/03 16:31:59 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/11/03 01:33:06 | 003,899,533 | R--- | M] () -- C:\Users\jonathan\Desktop\ComboFix.exe
[2010/11/02 19:49:53 | 000,309,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/02 19:43:01 | 000,007,728 | ---- | M] () -- C:\Users\jonathan\AppData\Local\d3d9caps.dat
[2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/11/02 13:43:10 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForjonathan.job
[2010/11/02 02:08:46 | 000,086,528 | ---- | M] () -- C:\Windows\MBR.exe
[2010/11/01 00:31:46 | 000,007,680 | ---- | M] () -- C:\Users\jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/30 14:18:15 | 000,000,938 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/29 11:02:58 | 000,002,556 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2010/10/27 15:48:19 | 000,000,943 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/23 16:21:59 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2010/10/21 14:02:16 | 000,001,798 | ---- | M] () -- C:\Users\jonathan\Desktop\IMVU.lnk
[2010/10/15 23:32:12 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/15 23:32:12 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/15 23:32:12 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/15 23:09:34 | 000,001,079 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/10/15 23:04:41 | 000,000,036 | ---- | M] () -- C:\Users\jonathan\AppData\Local\housecall.guid.cache
[2010/10/15 21:17:29 | 000,058,880 | ---- | M] () -- C:\Users\jonathan\limewire.props
[2010/10/15 21:17:29 | 000,000,259 | ---- | M] () -- C:\Users\jonathan\mojito.props
[2010/10/15 19:18:34 | 001,059,831 | ---- | M] () -- C:\Users\jonathan\library5.dat
[2010/10/15 19:18:33 | 000,702,949 | ---- | M] () -- C:\Users\jonathan\createtimes.cache
[2010/10/15 19:18:32 | 001,208,136 | ---- | M] () -- C:\Users\jonathan\fileurns.cache
[2010/10/14 00:11:41 | 000,000,978 | ---- | M] () -- C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk
[2010/10/14 00:11:37 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Comcast Universal Caller ID.lnk
[2010/10/13 19:02:24 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/10/13 18:52:13 | 000,001,031 | ---- | M] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/10/07 18:09:15 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2010/10/04 20:33:55 | 000,022,215 | ---- | M] () -- C:\Users\jonathan\Documents\l_ef889272d8804d32bee0c0eb6492600c.jpg

========== Files Created - No Company Name ==========

[2010/11/03 14:47:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/11/03 01:31:43 | 003,899,533 | R--- | C] () -- C:\Users\jonathan\Desktop\ComboFix.exe
[2010/11/02 20:22:05 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/11/02 20:22:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/11/02 20:22:05 | 000,086,528 | ---- | C] () -- C:\Windows\MBR.exe
[2010/11/02 20:22:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/11/02 20:22:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/11/02 19:29:57 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/11/02 19:29:57 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/10/30 14:18:15 | 000,000,938 | ---- | C] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/30 14:17:45 | 000,007,680 | ---- | C] () -- C:\Users\jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/29 11:02:12 | 001,822,270 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/10/28 17:04:56 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.cat
[2010/10/28 17:04:56 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.cat
[2010/10/28 17:04:56 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.cat
[2010/10/28 17:04:56 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.cat
[2010/10/28 17:04:56 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.cat
[2010/10/28 17:04:56 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.cat
[2010/10/28 17:04:56 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.inf
[2010/10/28 17:04:56 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.inf
[2010/10/28 17:04:56 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.inf
[2010/10/28 17:04:56 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.inf
[2010/10/28 17:04:56 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.inf
[2010/10/28 17:04:56 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.inf
[2010/10/28 17:04:56 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.inf
[2010/10/28 17:04:55 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.cat
[2010/10/28 17:04:55 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/10/28 17:04:55 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/10/28 17:04:31 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\isolate.ini
[2010/10/27 15:34:12 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/10/27 15:34:12 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/10/27 15:34:12 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/10/27 15:20:03 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/10/23 16:21:57 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2010/10/15 23:32:28 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/15 23:32:28 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/15 23:32:01 | 000,002,556 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2010/10/15 23:09:34 | 000,001,079 | ---- | C] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/10/15 23:04:41 | 000,000,036 | ---- | C] () -- C:\Users\jonathan\AppData\Local\housecall.guid.cache
[2010/10/15 19:17:29 | 001,208,136 | ---- | C] () -- C:\Users\jonathan\fileurns.cache
[2010/10/15 19:11:29 | 001,059,831 | ---- | C] () -- C:\Users\jonathan\library5.dat
[2010/10/15 19:11:29 | 000,702,949 | ---- | C] () -- C:\Users\jonathan\createtimes.cache
[2010/10/15 19:11:29 | 000,058,880 | ---- | C] () -- C:\Users\jonathan\limewire.props
[2010/10/15 19:11:29 | 000,000,259 | ---- | C] () -- C:\Users\jonathan\mojito.props
[2010/10/14 00:11:41 | 000,000,978 | ---- | C] () -- C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk
[2010/10/14 00:11:37 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Comcast Universal Caller ID.lnk
[2010/10/13 19:11:19 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/10/13 18:52:13 | 000,001,031 | ---- | C] () -- C:\Users\jonathan\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/10/09 14:50:21 | 000,007,728 | ---- | C] () -- C:\Users\jonathan\AppData\Local\d3d9caps.dat
[2010/10/07 18:09:53 | 000,034,068 | ---- | C] () -- C:\Windows\System32\Repository.reg
[2010/10/07 18:09:52 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/10/07 18:09:15 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2010/10/07 17:58:43 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/10/07 17:58:41 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010/10/07 17:58:37 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/10/07 17:58:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/10/07 17:58:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/10/07 17:58:33 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/10/07 17:58:30 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
 
[2010/10/07 17:58:21 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/10/07 17:58:19 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/10/07 17:57:55 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/10/06 15:39:34 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/10/04 20:33:53 | 000,022,215 | ---- | C] () -- C:\Users\jonathan\Documents\l_ef889272d8804d32bee0c0eb6492600c.jpg
[2010/10/03 14:26:08 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/10/03 14:26:00 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/10/03 14:25:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/10/03 14:24:41 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/10/03 14:23:31 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/10/03 14:22:25 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009/10/07 04:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 04:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2008/10/23 02:44:13 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008/10/23 02:38:23 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2008/10/23 02:36:27 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008/10/23 02:35:06 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/07/06 16:29:46 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008/06/29 10:52:14 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/11/03 19:21:41 | 000,015,388 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/11/03 19:08:08 | 000,029,295 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/11/02 19:29:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/11/03 19:21:41 | 3462,864,896 | -HS- | M] () -- C:\pagefile.sys
[2010/10/14 17:37:18 | 000,000,184 | ---- | M] () -- C:\setup.log
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2006/11/02 08:35:34 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:35:34 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:35:34 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2010/10/08 20:03:44 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 17:37:34 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 22:57:01 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 23:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 23:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 23:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/10/30 14:18:15 | 000,000,286 | -HS- | M] () -- C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/11/03 01:33:06 | 003,899,533 | R--- | M] () -- C:\Users\jonathan\Desktop\ComboFix.exe
[2010/11/03 19:18:42 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\jonathan\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/10/08 20:21:19 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2010/10/08 20:20:49 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2010/10/08 20:20:49 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/10/03 16:12:53 | 000,000,402 | -HS- | M] () -- C:\Users\jonathan\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/11/03 19:23:31 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/10/03 14:26:00 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2008/10/23 02:44:34 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/10/03 14:24:41 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2008/10/23 02:38:11 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/10/03 14:23:31 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/10/03 14:25:39 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2008/10/23 02:36:16 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/10/23 02:44:03 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/10/03 14:26:09 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:40751495
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:E37F3E40
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:4D5855E9
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:F43628AB

< End of report >
 
We need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

=======================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:40751495
    @Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:E37F3E40
    @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:4D5855E9
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:F43628AB
    
    :Services
    
    :Reg
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

=====================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\Temp:40751495 deleted successfully.
ADS C:\ProgramData\Temp:E37F3E40 deleted successfully.
ADS C:\ProgramData\Temp:4D5855E9 deleted successfully.
ADS C:\ProgramData\Temp:F43628AB deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: john
->Temp folder emptied: 39581 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 4526318 bytes
->Flash cache emptied: 456 bytes

User: jonathan
->Temp folder emptied: 415074 bytes
->Temporary Internet Files folder emptied: 2221773 bytes
->Java cache emptied: 7588391 bytes
->FireFox cache emptied: 86209507 bytes
->Flash cache emptied: 668 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 96.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: john
->Flash cache emptied: 0 bytes

User: jonathan
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.17.2 log created on 11032010_202023

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


working on the other two now
 
Results of screen317's Security Check version 0.99.5
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 22
Out of date Java installed!
Adobe Flash Player 10.1.85.3
Adobe Reader 9
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.12) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Spybot Teatimer.exe is disabled!
````````````````````````````````
DNS Vulnerability Check:


``````````End of Log````````````
 
Status
Not open for further replies.
Back