Solved Google Redirect Issue

Status
Not open for further replies.
O

oltraff

Posts: 38   +0
Here are the MBAM, GMER and DDS Logs. Thanks for your help.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5195

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

11/26/2010 6:20:09 PM
mbam-log-2010-11-26 (18-20-09).txt

Scan type: Quick scan
Objects scanned: 151084
Time elapsed: 9 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-11-26 18:31:04
Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.2SS0
Running: 4kqyu76n.exe; Driver: C:\Users\Ashish\AppData\Local\Temp\fwliqpod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

---- EOF - GMER 1.0.15 ----


DDS (Ver_10-11-26.01) - NTFSx86
Run by Ashish at 18:35:03.83 on Fri 11/26/2010
Internet Explorer: 7.0.6000.17037 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3581.2142 [GMT -5:00]

AV: Defense Center *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: PC-cillin Internet Security - Spyware Protection *disabled* (Outdated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
FW: PC-cillin Internet Security - Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Apple\iPhone Configuration Web Utility\iPhoneConfigurationWebUtilityService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apple\iPhone Configuration Web Utility\ruby\bin\ruby.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Ashish\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Ashish\Downloads\4kqyu76n.exe
C:\Windows\system32\rundll32.exe
C:\Users\Ashish\Downloads\dds.scr
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
uInternet Settings,ProxyOverride = *.local;<local>
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\ashish\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swetaswxxx.exe] c:\swetaswxxx.exe\swetaswxxx.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [PSQLLauncher] "c:\program files\fingerprint reader suite\launcher.exe" /startup
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [pccguide.exe] "c:\program files\trend micro\internet security 14\pccguide.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MFARestart] "c:\programdata\mfadata\pack\avgrunasx.exe" /usereg
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{14fcfe7c-ab86-428a-9d2e-bfb6f5a7aa6e}\Icon3E5562ED7.ico
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: intuit.com\ttlc
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} - hxxp://www.ooxtv.com/livetv.ocx
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://bollym4u.com/js/vjocx-ch.cab
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
AppInit_DLLs: AVGRSSTX.DLL c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\ashish\appdata\roaming\mozilla\firefox\profiles\y7md83ls.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\users\ashish\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\ashish\appdata\roaming\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\users\ashish\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\ashish\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-7-25 64288]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 67656]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-4-3 73728]
R2 Apple iPhone Configuration Web Utility;Apple iPhone Configuration Web Utility;c:\program files\apple\iphone configuration web utility\iPhoneConfigurationWebUtilityService.exe [2008-7-5 25936]
R2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\trendm~1\intern~1\Tmntsrv.exe [2007-8-27 345432]
R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~1\TmPfw.exe [2007-8-27 923216]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-4-3 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\progra~1\trendm~1\intern~1\tmproxy.exe [2007-8-27 566872]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-8-1 24652]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-4-3 280392]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1352832]
S2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-1-15 204800]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-3 30192]
S4 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-4-3 209408]

=============== Created Last 30 ================

2010-11-26 23:00:35 -------- d-----w- c:\program files\ESET
2010-11-24 00:38:09 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{4b283c3a-4615-4865-abd5-c7f06707ec30}\mpengine.dll
2010-11-20 18:38:36 -------- d-----w- c:\program files\Avira
2010-11-20 18:38:36 -------- d-----w- c:\progra~2\Avira
2010-11-12 04:03:26 -------- d-----w- C:\_OTL
2010-11-12 01:09:15 -------- d-----w- c:\users\ashish\appdata\roaming\Arlu
2010-11-08 00:41:21 -------- d-----w- c:\users\ashish\DoctorWeb
2010-11-06 06:20:03 -------- d--h--w- C:\$AVG
2010-11-06 06:03:40 -------- d--h--w- c:\progra~2\Common Files
2010-11-06 06:00:29 -------- d-----w- c:\progra~2\AVG10
2010-11-06 05:48:25 -------- d-----w- c:\progra~2\MFAData
2010-11-06 04:39:32 -------- d-----w- c:\progra~2\Norton
2010-11-06 04:39:29 -------- d-----w- c:\users\ashish\appdata\local\NPE
2010-11-04 02:20:36 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-11-04 02:20:35 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-31 16:51:38 -------- d-----w- c:\program files\AVG
2010-10-31 05:59:12 12872 ----a-w- c:\windows\system32\bootdelete.exe

==================== Find3M ====================

2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe

============= FINISH: 18:35:38.96 ===============


DDS (Ver_10-11-26.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 4/3/2008 1:45:00 PM
System Uptime: 11/26/2010 6:06:01 PM (0 hours ago)

Motherboard: Dell Inc. | | 0R387D
Processor: Intel(R) Core(TM)2 Duo CPU T9300 @ 2.50GHz | Microprocessor | 2500/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 286 GiB total, 159.86 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.277 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MAC Bridge Miniport
Device ID: ROOT\MS_BRIDGEMP\0000
Manufacturer: Microsoft
Name: MAC Bridge Miniport
PNP Device ID: ROOT\MS_BRIDGEMP\0000
Service: BridgeMP

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

==== System Restore Points ===================

RP777: 11/20/2010 3:03:41 PM - Windows Update
RP778: 11/21/2010 12:44:21 PM - Scheduled Checkpoint
RP779: 11/23/2010 7:37:24 PM - Windows Update

==== Installed Programs ======================

Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 6.0
Adobe Premiere Elements 4.0
Adobe Premiere Elements 4.0 Templates
Adobe Reader 8.1.4
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
Becker CPA Review CD-ROM Course and PassMaster - 2008 Edition
BitTornado 0.3.17
Bonjour
CCleaner
Cisco Systems VPN Client 5.0.01.0600
Consumer Complete Care Services Agreement
ConvertXtoDVD 3.3.2.100
Creative MediaSource 5
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
DellSupport
DIRECTV2PC Playback Advisor
ESET Online Scanner v3
Fingerprint Reader Suite 5.6
Foxit PDF Suite
Gleim's CPA Test Prep 2009 WebDeploy
Google Chrome
Google Desktop
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Matrix Storage Manager
iPhone Configuration Web Utility
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6
KB Home Mylar System (CHA)
Laptop Integrated Webcam Driver (1.03.02.0719)
Linksys Updater
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes' Anti-Malware
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MobileMe Control Panel
Mocha W32 TN5250
Move Media Player
Mozilla Firefox (3.6.12)
Music, Photos & Videos Launcher
Netflix Movie Viewer
NVIDIA Drivers
Opera 10.51
Pando Media Booster
PDFCreator 0.7.1}
QualxServ Service Agreement
QuickSet
QuickTime
Rhapsody Player Engine
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SopCast 3.0.1
Sound Blaster Audigy ADVANCED MB
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
StreamTorrent 1.0
SUPERAntiSpyware Free Edition
Supercast
TBS WMP Plug-in
Trend Micro PC-cillin Internet Security
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnciper
TurboTax 2009 wrapper
TVUPlayer 2.4.7.2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2443839)
USb Missile Launcher
User's Guides
Veetle TV 0.9.18
VideoLAN VLC media player 0.8.6f
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VNC Free Edition 4.1.2
WIDCOMM Bluetooth Software 6.0.1.3100
Windows Live OneCare safety scanner
Windows Media Player Firefox Plugin
WinRAR archiver

==== Event Viewer Messages From Past Week ========

11/22/2010 9:51:45 PM, Error: EventLog [6008] - The previous system shutdown at 9:50:22 PM on 11/22/2010 was unexpected.
11/20/2010 2:57:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Lavasoft Ad-Aware Service service to connect.
11/20/2010 2:57:04 PM, Error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/20/2010 2:56:20 PM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.93.1985.0 Loading engine version: 1.1.6301.0
11/20/2010 2:55:59 PM, Error: volsnap [27] - The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.
11/20/2010 2:28:54 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.
11/20/2010 2:06:15 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
11/20/2010 10:35:08 AM, Error: Service Control Manager [7034] - The Linksys Updater service terminated unexpectedly. It has done this 1 time(s).
11/20/2010 10:33:59 AM, Error: EventLog [6008] - The previous system shutdown at 10:32:41 AM on 11/20/2010 was unexpected.
11/20/2010 1:59:14 PM, Error: EventLog [6008] - The previous system shutdown at 1:58:14 PM on 11/20/2010 was unexpected.
11/20/2010 1:47:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
11/20/2010 1:39:07 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
11/20/2010 1:24:51 PM, Error: Service Control Manager [7000] - The Lbd service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=======================================================================

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
Here's the TDSSKiller Log: Thanks

2010/11/26 20:19:12.0883 TDSS rootkit removing tool 2.4.9.0 Nov 26 2010 15:38:31
2010/11/26 20:19:12.0883 ================================================================================
2010/11/26 20:19:12.0883 SystemInfo:
2010/11/26 20:19:12.0883
2010/11/26 20:19:12.0883 OS Version: 6.0.6000 ServicePack: 0.0
2010/11/26 20:19:12.0883 Product type: Workstation
2010/11/26 20:19:12.0883 ComputerName: ASHISH-PC
2010/11/26 20:19:12.0883 UserName: Ashish
2010/11/26 20:19:12.0883 Windows directory: C:\Windows
2010/11/26 20:19:12.0883 System windows directory: C:\Windows
2010/11/26 20:19:12.0883 Processor architecture: Intel x86
2010/11/26 20:19:12.0883 Number of processors: 2
2010/11/26 20:19:12.0883 Page size: 0x1000
2010/11/26 20:19:12.0883 Boot type: Normal boot
2010/11/26 20:19:12.0883 ================================================================================
2010/11/26 20:19:13.0335 Initialize success
2010/11/26 20:19:20.0189 ================================================================================
2010/11/26 20:19:20.0189 Scan started
2010/11/26 20:19:20.0189 Mode: Manual;
2010/11/26 20:19:20.0189 ================================================================================
2010/11/26 20:19:20.0615 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2010/11/26 20:19:20.0693 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2010/11/26 20:19:20.0730 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2010/11/26 20:19:20.0757 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2010/11/26 20:19:20.0783 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2010/11/26 20:19:20.0843 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2010/11/26 20:19:20.0896 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2010/11/26 20:19:20.0931 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/11/26 20:19:20.0980 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
2010/11/26 20:19:21.0042 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2010/11/26 20:19:21.0106 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
2010/11/26 20:19:21.0143 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2010/11/26 20:19:21.0202 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2010/11/26 20:19:21.0288 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/11/26 20:19:21.0344 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2010/11/26 20:19:21.0374 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2010/11/26 20:19:21.0404 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/26 20:19:21.0454 atapi (e03e8c99d15d0381e02743c36afc7c6f) C:\Windows\system32\drivers\atapi.sys
2010/11/26 20:19:21.0511 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/11/26 20:19:21.0544 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2010/11/26 20:19:21.0631 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/26 20:19:21.0653 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/26 20:19:21.0671 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/11/26 20:19:21.0691 Bridge (2ac8f5b88771c31c4211a11be6bffe14) C:\Windows\system32\DRIVERS\bridge.sys
2010/11/26 20:19:21.0702 BridgeMP (2ac8f5b88771c31c4211a11be6bffe14) C:\Windows\system32\DRIVERS\bridge.sys
2010/11/26 20:19:21.0729 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/11/26 20:19:21.0749 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/11/26 20:19:21.0776 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/26 20:19:21.0798 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/11/26 20:19:21.0849 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/11/26 20:19:21.0870 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/11/26 20:19:21.0903 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
2010/11/26 20:19:21.0933 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
2010/11/26 20:19:21.0966 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
2010/11/26 20:19:22.0012 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
2010/11/26 20:19:22.0030 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
2010/11/26 20:19:22.0049 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
2010/11/26 20:19:22.0068 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/26 20:19:22.0105 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/26 20:19:22.0138 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2010/11/26 20:19:22.0174 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2010/11/26 20:19:22.0226 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/26 20:19:22.0247 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
2010/11/26 20:19:22.0271 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/26 20:19:22.0291 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2010/11/26 20:19:22.0326 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2010/11/26 20:19:22.0375 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2010/11/26 20:19:22.0432 CVPNDRVA (26deef07394624247d1f549bd94f0b15) C:\Windows\system32\Drivers\CVPNDRVA.sys
2010/11/26 20:19:22.0462 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2010/11/26 20:19:22.0496 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2010/11/26 20:19:22.0519 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
2010/11/26 20:19:22.0568 Dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2010/11/26 20:19:22.0615 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2010/11/26 20:19:22.0654 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2010/11/26 20:19:22.0696 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2010/11/26 20:19:22.0777 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/11/26 20:19:22.0827 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2010/11/26 20:19:22.0882 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/26 20:19:22.0917 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
2010/11/26 20:19:22.0946 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/11/26 20:19:22.0976 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2010/11/26 20:19:23.0016 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2010/11/26 20:19:23.0073 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2010/11/26 20:19:23.0103 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/26 20:19:23.0126 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2010/11/26 20:19:23.0159 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2010/11/26 20:19:23.0184 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/26 20:19:23.0213 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2010/11/26 20:19:23.0264 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/26 20:19:23.0285 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/26 20:19:23.0348 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2010/11/26 20:19:23.0387 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/26 20:19:23.0408 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/11/26 20:19:23.0428 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/11/26 20:19:23.0463 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/26 20:19:23.0494 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2010/11/26 20:19:23.0557 HssDrv (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
2010/11/26 20:19:23.0632 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2010/11/26 20:19:23.0692 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2010/11/26 20:19:23.0739 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/26 20:19:23.0793 iaNvStor (92b37e0a61cd710a0c66dc3567a8bf3c) C:\Windows\system32\drivers\ianvstor.sys
2010/11/26 20:19:23.0826 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2010/11/26 20:19:23.0860 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2010/11/26 20:19:23.0893 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/11/26 20:19:23.0922 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
2010/11/26 20:19:23.0950 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/26 20:19:23.0979 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/26 20:19:24.0028 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/26 20:19:24.0050 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/26 20:19:24.0196 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2010/11/26 20:19:24.0224 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2010/11/26 20:19:24.0257 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/26 20:19:24.0284 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/11/26 20:19:24.0301 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/11/26 20:19:24.0352 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/26 20:19:24.0400 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/26 20:19:24.0488 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/26 20:19:24.0565 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
2010/11/26 20:19:24.0603 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/26 20:19:24.0644 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/26 20:19:24.0673 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/26 20:19:24.0708 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/26 20:19:24.0742 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2010/11/26 20:19:24.0766 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2010/11/26 20:19:24.0794 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2010/11/26 20:19:24.0819 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/26 20:19:24.0844 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/26 20:19:24.0882 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/26 20:19:24.0912 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2010/11/26 20:19:24.0929 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2010/11/26 20:19:24.0980 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/26 20:19:25.0008 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/26 20:19:25.0039 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2010/11/26 20:19:25.0088 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/26 20:19:25.0113 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/26 20:19:25.0148 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/26 20:19:25.0179 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
2010/11/26 20:19:25.0208 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2010/11/26 20:19:25.0242 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2010/11/26 20:19:25.0272 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
2010/11/26 20:19:25.0308 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/26 20:19:25.0346 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/26 20:19:25.0385 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2010/11/26 20:19:25.0427 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2010/11/26 20:19:25.0455 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/26 20:19:25.0475 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2010/11/26 20:19:25.0505 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2010/11/26 20:19:25.0596 NativeWifiP (1d162e52fb691eb555a476b04b4bff3f) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/26 20:19:25.0634 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2010/11/26 20:19:25.0702 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/26 20:19:25.0731 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/26 20:19:25.0755 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/26 20:19:25.0803 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2010/11/26 20:19:25.0821 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/26 20:19:25.0862 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/26 20:19:25.0915 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/11/26 20:19:25.0942 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2010/11/26 20:19:25.0963 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/26 20:19:26.0039 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2010/11/26 20:19:26.0088 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/11/26 20:19:26.0118 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2010/11/26 20:19:26.0380 nvlddmkm (8ead4e71cf31962b124cdace9c29c714) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/26 20:19:26.0735 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2010/11/26 20:19:26.0763 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2010/11/26 20:19:26.0798 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2010/11/26 20:19:26.0899 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2010/11/26 20:19:26.0925 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2010/11/26 20:19:26.0963 ohci1394 (953c1ba621f4da9dc7d268ae839a51fb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/26 20:19:27.0004 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/11/26 20:19:27.0069 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
2010/11/26 20:19:27.0090 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/11/26 20:19:27.0130 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
2010/11/26 20:19:27.0180 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
2010/11/26 20:19:27.0210 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/11/26 20:19:27.0256 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2010/11/26 20:19:27.0303 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/11/26 20:19:27.0411 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/26 20:19:27.0437 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2010/11/26 20:19:27.0484 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/26 20:19:27.0533 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
2010/11/26 20:19:27.0589 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2010/11/26 20:19:27.0638 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/11/26 20:19:27.0683 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/26 20:19:27.0784 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/11/26 20:19:27.0853 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/26 20:19:27.0907 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/26 20:19:27.0942 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/26 20:19:27.0975 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/26 20:19:28.0009 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/26 20:19:28.0052 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2010/11/26 20:19:28.0087 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/26 20:19:28.0144 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
2010/11/26 20:19:28.0189 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/11/26 20:19:28.0231 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/11/26 20:19:28.0251 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/11/26 20:19:28.0269 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/11/26 20:19:28.0297 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/26 20:19:28.0408 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/11/26 20:19:28.0465 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/11/26 20:19:28.0491 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/11/26 20:19:28.0543 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/26 20:19:28.0567 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/26 20:19:28.0602 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/11/26 20:19:28.0629 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/11/26 20:19:28.0673 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2010/11/26 20:19:28.0705 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/26 20:19:28.0734 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/26 20:19:28.0751 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/26 20:19:28.0783 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/11/26 20:19:28.0827 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2010/11/26 20:19:28.0857 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2010/11/26 20:19:28.0886 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2010/11/26 20:19:28.0947 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2010/11/26 20:19:28.0977 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2010/11/26 20:19:29.0072 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2010/11/26 20:19:29.0148 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/26 20:19:29.0209 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/26 20:19:29.0260 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
2010/11/26 20:19:29.0296 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/26 20:19:29.0327 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/11/26 20:19:29.0364 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/11/26 20:19:29.0410 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/11/26 20:19:29.0509 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys
2010/11/26 20:19:29.0556 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/26 20:19:29.0606 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/26 20:19:29.0656 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
2010/11/26 20:19:29.0697 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2010/11/26 20:19:29.0726 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2010/11/26 20:19:29.0762 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/26 20:19:29.0796 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/26 20:19:29.0870 tmcfw (3929c6784db38788d76a88d9c4043dee) C:\Windows\system32\DRIVERS\TM_CFW.sys
2010/11/26 20:19:29.0946 tmpreflt (0c89809f1df614bd42093a446b222a32) C:\Windows\system32\DRIVERS\tmpreflt.sys
2010/11/26 20:19:30.0011 tmtdi (264ea39fdebd0b5e9d49d79923ed91ad) C:\Windows\system32\DRIVERS\tmtdi.sys
2010/11/26 20:19:30.0083 tmxpflt (3d473e97ff805dab903aa66f08286c90) C:\Windows\system32\drivers\TmXPFlt.sys
2010/11/26 20:19:30.0140 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/26 20:19:30.0204 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/26 20:19:30.0233 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/26 20:19:30.0276 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2010/11/26 20:19:30.0321 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/26 20:19:30.0382 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/26 20:19:30.0425 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2010/11/26 20:19:30.0464 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/11/26 20:19:30.0493 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/11/26 20:19:30.0527 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/26 20:19:30.0611 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/11/26 20:19:30.0666 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/26 20:19:30.0704 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/11/26 20:19:30.0754 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/26 20:19:30.0798 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/26 20:19:30.0839 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/11/26 20:19:30.0869 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/26 20:19:30.0914 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/26 20:19:30.0960 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/26 20:19:30.0998 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/26 20:19:31.0035 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/26 20:19:31.0060 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2010/11/26 20:19:31.0133 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2010/11/26 20:19:31.0190 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2010/11/26 20:19:31.0239 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
2010/11/26 20:19:31.0291 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
2010/11/26 20:19:31.0358 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
2010/11/26 20:19:31.0412 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2010/11/26 20:19:31.0505 vsapint (50e1ea1dd3ea74919d7a1c5d6c9c0b56) C:\Windows\system32\DRIVERS\vsapint.sys
2010/11/26 20:19:31.0551 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2010/11/26 20:19:31.0609 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/11/26 20:19:31.0652 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/26 20:19:31.0661 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/26 20:19:31.0720 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2010/11/26 20:19:31.0777 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/26 20:19:31.0876 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/26 20:19:31.0946 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/11/26 20:19:31.0984 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/26 20:19:32.0037 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/26 20:19:32.0110 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2010/11/26 20:19:32.0237 ================================================================================
2010/11/26 20:19:32.0237 Scan finished
2010/11/26 20:19:32.0237 ================================================================================
 
Good :)
Sometimes, Defense Center comes with a rootkit, but you seem to be fine.

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

======================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AVG Remover to uninstall it: http://www.avg.com/us-en/download-tools
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.pif
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Combofix ran all the way through and is now attempting to restart my computer. It's been trying to "log off" my Windows profile for 15 min. It seems like it's frozen. Should I manually restart it?
 
Here's the MBRcheck log:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: (build 6000), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: XPS M1530
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 167):
0x82400000 \SystemRoot\system32\ntkrnlpa.exe
0x827A1000 \SystemRoot\system32\hal.dll
0x802C6000 \SystemRoot\system32\kdcom.dll
0x80266000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8025D000 \SystemRoot\system32\PSHED.dll
0x80255000 \SystemRoot\system32\BOOTVID.dll
0x8021A000 \SystemRoot\system32\CLFS.SYS
0x8051F000 \SystemRoot\system32\CI.dll
0x804A4000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8020D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80461000 \SystemRoot\system32\drivers\acpi.sys
0x80204000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80459000 \SystemRoot\system32\drivers\msisadrv.sys
0x80434000 \SystemRoot\system32\drivers\pci.sys
0x80425000 \SystemRoot\system32\drivers\volmgr.sys
0x80201000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8041B000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8040B000 \SystemRoot\System32\drivers\mountmgr.sys
0x80404000 \SystemRoot\system32\DRIVERS\intelide.sys
0x807F2000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x807EB000 \SystemRoot\system32\drivers\pciide.sys
0x807A1000 \SystemRoot\System32\drivers\volmgrx.sys
0x80701000 \SystemRoot\system32\drivers\iastorv.sys
0x8063A000 \SystemRoot\system32\drivers\iastor.sys
0x80632000 \SystemRoot\system32\drivers\atapi.sys
0x80614000 \SystemRoot\system32\drivers\ataport.SYS
0x823CF000 \SystemRoot\system32\drivers\fltmgr.sys
0x80604000 \SystemRoot\system32\drivers\fileinfo.sys
0x823C6000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x822C2000 \SystemRoot\system32\drivers\ndis.sys
0x82297000 \SystemRoot\system32\drivers\msrpc.sys
0x8225E000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BAF8000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BA8E000 \SystemRoot\System32\Drivers\ksecdd.sys
0x82228000 \SystemRoot\system32\drivers\volsnap.sys
0x82220000 \SystemRoot\System32\Drivers\spldr.sys
0x82211000 \SystemRoot\System32\drivers\partmgr.sys
0x82202000 \SystemRoot\System32\Drivers\mup.sys
0x8BA69000 \SystemRoot\System32\drivers\ecache.sys
0x8BA58000 \SystemRoot\system32\drivers\disk.sys
0x8BA37000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8BA2E000 \SystemRoot\system32\drivers\crcdisk.sys
0x8EC05000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8F736000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8EC9F000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8FEBB000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FC71000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8ECF8000 \SystemRoot\System32\drivers\watchdog.sys
0x8F62E000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F753000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F620000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F60E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8FC2B000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x8FE35000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8C9C0000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8F600000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8FC13000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8C481000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8FE21000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x907AF000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8FC00000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x90783000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8FE16000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8FE0B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x9076B000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8ED92000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0x8ECE8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F748000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x9074D000 \SystemRoot\system32\DRIVERS\dne2000.sys
0x90722000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x906E2000 \SystemRoot\system32\DRIVERS\storport.sys
0x8FE00000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8C970000 \SystemRoot\system32\DRIVERS\HssDrv.sys
0x906CB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x906C0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x9069D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x9068E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x9067B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x9066F000 \SystemRoot\System32\Drivers\pcouffin.sys
0x90653000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8C816000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90629000 \SystemRoot\system32\DRIVERS\ks.sys
0x8FD74000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90A42000 \SystemRoot\system32\DRIVERS\TM_CFW.sys
0x90662000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90A0E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8C9B0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90D6B000 \SystemRoot\system32\drivers\stwrt.sys
0x90D3E000 \SystemRoot\system32\drivers\portcls.sys
0x90D19000 \SystemRoot\system32\drivers\drmk.sys
0x8C490000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8EC5D000 \SystemRoot\System32\Drivers\Null.SYS
0x8EC64000 \SystemRoot\System32\Drivers\Beep.SYS
0x8EC6B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9060D000 \SystemRoot\System32\drivers\vga.sys
0x90CF8000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8ED0D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8ED15000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90602000 \SystemRoot\System32\Drivers\Msfs.SYS
0x90A00000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8F709000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x90C02000 \SystemRoot\System32\drivers\tcpip.sys
0x90FE7000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x90FD2000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90FBE000 \SystemRoot\system32\DRIVERS\smb.sys
0x90F8C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90F45000 \SystemRoot\system32\drivers\afd.sys
0x90F2F000 \SystemRoot\system32\DRIVERS\pacer.sys
0x90F21000 \SystemRoot\system32\DRIVERS\netbios.sys
0x90F0E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x90EF0000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x90ECE000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0x90E93000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8FD7E000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90E3C000 \SystemRoot\System32\Drivers\dfsc.sys
0x90E15000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8C820000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x919C6000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0x8C81C000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0x90F01000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F639000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8F71B000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8C990000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8ED25000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8FD92000 \SystemRoot\System32\Drivers\tcusb.sys
0x98148000 \SystemRoot\System32\Drivers\fastfat.SYS
0x98E00000 \SystemRoot\System32\win32k.sys
0x8FD9C000 \SystemRoot\System32\drivers\Dxapi.sys
0x9181A000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x9800E000 \SystemRoot\System32\Drivers\bthport.sys
0x91809000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x8FDA6000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x9A0E6000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x9A080000 \SystemRoot\system32\drivers\btwavdt.sys
0x9A005000 \SystemRoot\system32\drivers\btwaudio.sys
0x8F7FD000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x981AF000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x9CA41000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9D200000 \SystemRoot\System32\TSDDD.dll
0x9D210000 \SystemRoot\System32\cdd.dll
0x8EC1F000 \SystemRoot\system32\DRIVERS\tmpreflt.sys
0x9F6DD000 \SystemRoot\system32\DRIVERS\vsapint.sys
0x9DC4B000 \SystemRoot\system32\drivers\TmXPFlt.sys
0xA22C2000 \SystemRoot\system32\drivers\spsys.sys
0x8C980000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA2257000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8FDEC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA2244000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA3419000 \SystemRoot\system32\drivers\HTTP.sys
0xA34A5000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA3400000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA3491000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA4BA0000 \SystemRoot\system32\drivers\mrxdav.sys
0xA4B82000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA4B49000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA4B37000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA4B13000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA3F6F000 \SystemRoot\System32\DRIVERS\srv.sys
0xA587C000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys
0x8C824000 \SystemRoot\system32\DRIVERS\dsunidrv.sys
0xA6482000 \SystemRoot\system32\drivers\peauth.sys
0x8FDC4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9FAC3000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAA245000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x9D0FF000 \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
0xB4850000 \??\C:\Windows\system32\drivers\hitmanpro35.sys
0x76EE0000 \Windows\System32\ntdll.dll

Processes (total 101):
0 System Idle Process
4 System
544 C:\Windows\System32\smss.exe
612 csrss.exe
672 csrss.exe
680 C:\Windows\System32\wininit.exe
728 C:\Windows\System32\winlogon.exe
768 C:\Windows\System32\services.exe
780 C:\Windows\System32\lsass.exe
796 C:\Windows\System32\lsm.exe
940 C:\Windows\System32\svchost.exe
1028 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1172 C:\Windows\System32\svchost.exe
1208 C:\Windows\System32\svchost.exe
1252 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\audiodg.exe
1420 C:\Windows\System32\SLsvc.exe
1456 C:\Windows\System32\svchost.exe
1584 C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
1644 C:\Windows\System32\svchost.exe
1892 C:\Windows\System32\WLTRYSVC.EXE
1908 C:\Windows\System32\BCMWLTRY.EXE
2000 C:\Windows\System32\spoolsv.exe
2028 C:\Windows\System32\svchost.exe
1928 C:\Windows\System32\taskeng.exe
12 C:\Windows\System32\taskeng.exe
1480 C:\Program Files\Google\Update\GoogleUpdate.exe
2104 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2140 C:\Windows\System32\AEstSrv.exe
2172 C:\Program Files\Apple\iPhone Configuration Web Utility\iPhoneConfigurationWebUtilityService.exe
2208 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2228 C:\Program Files\Bonjour\mDNSResponder.exe
2256 C:\Windows\System32\svchost.exe
2268 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
2300 C:\Windows\System32\CTSVCCDA.EXE
2340 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
2432 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2496 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
2576 C:\Windows\System32\svchost.exe
2628 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
2668 C:\Windows\System32\stacsv.exe
2784 C:\Windows\System32\svchost.exe
2804 C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
2828 C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
2868 C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
2896 C:\Program Files\Viewpoint\Common\ViewpointService.exe
2964 C:\Windows\System32\svchost.exe
2992 C:\Windows\System32\SearchIndexer.exe
3836 C:\Program Files\Apple\iPhone Configuration Web Utility\ruby\bin\ruby.exe
3852 C:\PROGRA~1\TRENDM~1\INTERN~1\pccguide.exe
3980 C:\Windows\System32\dwm.exe
4016 C:\Windows\explorer.exe
3064 C:\Program Files\Windows Defender\MSASCui.exe
3080 C:\Program Files\DellTPad\Apoint.exe
3088 C:\Windows\OEM02Mon.exe
2988 C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
1244 C:\Windows\System32\rundll32.exe
1292 C:\Windows\System32\rundll32.exe
1676 C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
3732 C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe
3904 C:\Windows\System32\WLTRAY.EXE
4092 C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
1720 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
1684 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1528 C:\Program Files\Dell\MediaDirect\PCMService.exe
2136 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2624 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
344 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1848 C:\Program Files\iTunes\iTunesHelper.exe
1120 C:\Program Files\DellSupport\DSAgnt.exe
2700 C:\Windows\ehome\ehtray.exe
2952 C:\Windows\System32\wbem\unsecapp.exe
4088 WmiPrvSE.exe
4216 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
4224 C:\Users\Ashish\AppData\Local\Google\Update\GoogleUpdate.exe
4232 C:\Program Files\Windows Sidebar\sidebar.exe
4240 C:\Program Files\Windows Media Player\wmpnscfg.exe
4248 C:\Program Files\Pando Networks\Media Booster\PMB.exe
4272 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
4280 C:\Program Files\Dell\QuickSet\quickset.exe
4484 C:\Windows\ehome\ehmsas.exe
4620 C:\Program Files\Fingerprint Reader Suite\psqltray.exe
4640 C:\Windows\System32\rundll32.exe
4796 C:\Program Files\DellTPad\ApMsgFwd.exe
4848 C:\Program Files\Windows Media Player\wmpnetwk.exe
5228 C:\Program Files\DellTPad\hidfind.exe
5300 C:\Program Files\DellTPad\ApntEx.exe
2572 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
4084 C:\Program Files\iPod\bin\iPodService.exe
4352 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
5704 C:\Windows\System32\wuauclt.exe
6052 C:\Windows\servicing\TrustedInstaller.exe
2640 C:\Windows\System32\msiexec.exe
1304 C:\Windows\System32\VSSVC.exe
5916 C:\Windows\System32\svchost.exe
1768 C:\Program Files\Mozilla Firefox\firefox.exe
2520 C:\Program Files\Mozilla Firefox\plugin-container.exe
4148 C:\Windows\System32\SearchProtocolHost.exe
5600 C:\Windows\System32\SearchFilterHost.exe
2196 C:\Users\Ashish\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`84f00000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`04f00000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM320JI, Rev: 2SS00_01

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
 
I had issues restarting Windows after running Combo Fix. My Explorer.exe and Wininit.exe files are infected and after Combo Fix cleaned them (and made some other fixes), I got a blank screen after the computer restarted and loaded Windows. I got the error "The ordinal 874 could not be located in the dynamic link library SHELL32.dll"
 
I did a system restore and now I'm up and running. It doesn't look like I'm being redirected any more.
 
Well, if you used system restore, we have to start all over from the very first steps/scans.
 
Here are the new MBAM, GMER and DDS Logs

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5195

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

11/27/2010 1:14:42 AM
mbam-log-2010-11-27 (01-14-42).txt

Scan type: Quick scan
Objects scanned: 150922
Time elapsed: 5 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-11-27 01:16:36
Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.2SS0
Running: xje70vkf.exe; Driver: C:\Users\Ashish\AppData\Local\Temp\fwliqpod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

---- EOF - GMER 1.0.15 ----



DDS (Ver_10-11-26.01) - NTFSx86
Run by Ashish at 1:16:58.96 on Sat 11/27/2010
Internet Explorer: 7.0.6000.17037 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3581.1906 [GMT -5:00]

AV: Defense Center *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: PC-cillin Internet Security - Spyware Protection *disabled* (Outdated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: PC-cillin Internet Security - Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Apple\iPhone Configuration Web Utility\iPhoneConfigurationWebUtilityService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apple\iPhone Configuration Web Utility\ruby\bin\ruby.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Ashish\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Ashish\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
uInternet Settings,ProxyOverride = *.local;<local>
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\ashish\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [swetaswxxx.exe] c:\swetaswxxx.exe\swetaswxxx.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [PSQLLauncher] "c:\program files\fingerprint reader suite\launcher.exe" /startup
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [pccguide.exe] "c:\program files\trend micro\internet security 14\pccguide.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MFARestart] "c:\programdata\mfadata\pack\avgrunasx.exe" /usereg
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{14fcfe7c-ab86-428a-9d2e-bfb6f5a7aa6e}\Icon3E5562ED7.ico
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: intuit.com\ttlc
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} - hxxp://www.ooxtv.com/livetv.ocx
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://bollym4u.com/js/vjocx-ch.cab
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
AppInit_DLLs: AVGRSSTX.DLL c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\ashish\appdata\roaming\mozilla\firefox\profiles\y7md83ls.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\users\ashish\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\ashish\appdata\roaming\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\users\ashish\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\ashish\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false

============= SERVICES / DRIVERS ===============

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-4-3 73728]
R2 Apple iPhone Configuration Web Utility;Apple iPhone Configuration Web Utility;c:\program files\apple\iphone configuration web utility\iPhoneConfigurationWebUtilityService.exe [2008-7-5 25936]
R2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\trendm~1\intern~1\Tmntsrv.exe [2007-8-27 345432]
R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~1\TmPfw.exe [2007-8-27 923216]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-4-3 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\progra~1\trendm~1\intern~1\tmproxy.exe [2007-8-27 566872]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-8-1 24652]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-4-3 280392]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-1-15 204800]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-3 30192]
S4 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-4-3 209408]

=============== Created Last 30 ================

2010-11-27 05:02:35 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{0eeea2cd-f650-422b-ab94-4b474bf2ef7d}\mpengine.dll
2010-11-27 02:32:53 -------- d-s---w- C:\ComboFix
2010-11-26 23:00:35 -------- d-----w- c:\program files\ESET
2010-11-20 18:38:36 -------- d-----w- c:\program files\Avira
2010-11-20 18:38:36 -------- d-----w- c:\progra~2\Avira
2010-11-12 04:03:26 -------- d-----w- C:\_OTL
2010-11-12 01:09:15 -------- d-----w- c:\users\ashish\appdata\roaming\Arlu
2010-11-08 00:41:21 -------- d-----w- c:\users\ashish\DoctorWeb
2010-11-06 06:20:03 -------- d--h--w- C:\$AVG
2010-11-06 06:03:40 -------- d--h--w- c:\progra~2\Common Files
2010-11-06 06:00:29 -------- d-----w- c:\progra~2\AVG10
2010-11-06 05:48:25 -------- d-----w- c:\progra~2\MFAData
2010-11-06 04:39:32 -------- d-----w- c:\progra~2\Norton
2010-11-06 04:39:29 -------- d-----w- c:\users\ashish\appdata\local\NPE
2010-11-04 02:20:36 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-11-04 02:20:35 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-31 16:51:38 -------- d-----w- c:\program files\AVG
2010-10-31 05:59:12 12872 ----a-w- c:\windows\system32\bootdelete.exe

==================== Find3M ====================

2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe

============= FINISH: 1:17:32.09 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-26.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 4/3/2008 1:45:00 PM
System Uptime: 11/27/2010 12:20:20 AM (1 hours ago)

Motherboard: Dell Inc. | | 0R387D
Processor: Intel(R) Core(TM)2 Duo CPU T9300 @ 2.50GHz | Microprocessor | 2500/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 286 GiB total, 135.576 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.277 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MAC Bridge Miniport
Device ID: ROOT\MS_BRIDGEMP\0000
Manufacturer: Microsoft
Name: MAC Bridge Miniport
PNP Device ID: ROOT\MS_BRIDGEMP\0000
Service: BridgeMP

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

==== System Restore Points ===================


==== Installed Programs ======================

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 6.0
Adobe Premiere Elements 4.0
Adobe Premiere Elements 4.0 Templates
Adobe Reader 8.1.4
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
Becker CPA Review CD-ROM Course and PassMaster - 2008 Edition
BitTornado 0.3.17
Bonjour
CCleaner
Cisco Systems VPN Client 5.0.01.0600
Consumer Complete Care Services Agreement
ConvertXtoDVD 3.3.2.100
Creative MediaSource 5
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
DellSupport
DIRECTV2PC Playback Advisor
ESET Online Scanner v3
Fingerprint Reader Suite 5.6
Foxit PDF Suite
Gleim's CPA Test Prep 2009 WebDeploy
Google Chrome
Google Desktop
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Matrix Storage Manager
iPhone Configuration Web Utility
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6
KB Home Mylar System (CHA)
Laptop Integrated Webcam Driver (1.03.02.0719)
Linksys Updater
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes' Anti-Malware
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MobileMe Control Panel
Mocha W32 TN5250
Move Media Player
Mozilla Firefox (3.6.12)
Music, Photos & Videos Launcher
Netflix Movie Viewer
NVIDIA Drivers
Opera 10.51
Pando Media Booster
PDFCreator 0.7.1}
QualxServ Service Agreement
QuickSet
QuickTime
Rhapsody Player Engine
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SopCast 3.0.1
Sound Blaster Audigy ADVANCED MB
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
StreamTorrent 1.0
Supercast
TBS WMP Plug-in
Trend Micro PC-cillin Internet Security
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnciper
TurboTax 2009 wrapper
TVUPlayer 2.4.7.2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2443839)
USb Missile Launcher
User's Guides
Veetle TV 0.9.18
VideoLAN VLC media player 0.8.6f
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VNC Free Edition 4.1.2
WIDCOMM Bluetooth Software 6.0.1.3100
Windows Live OneCare safety scanner
Windows Media Player Firefox Plugin
WinRAR archiver

==== End Of File ===========================
 
Good :)

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

====================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE. If Combofix asks you to install Recovery Console, please allow it.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: (build 6000), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: XPS M1530
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 168):
0x82400000 \SystemRoot\system32\ntkrnlpa.exe
0x827A1000 \SystemRoot\system32\hal.dll
0x802C6000 \SystemRoot\system32\kdcom.dll
0x80266000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8025D000 \SystemRoot\system32\PSHED.dll
0x80255000 \SystemRoot\system32\BOOTVID.dll
0x8021A000 \SystemRoot\system32\CLFS.SYS
0x8051F000 \SystemRoot\system32\CI.dll
0x804A4000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8020D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80461000 \SystemRoot\system32\drivers\acpi.sys
0x80204000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80459000 \SystemRoot\system32\drivers\msisadrv.sys
0x80434000 \SystemRoot\system32\drivers\pci.sys
0x80425000 \SystemRoot\system32\drivers\volmgr.sys
0x80201000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8041B000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8040B000 \SystemRoot\System32\drivers\mountmgr.sys
0x80404000 \SystemRoot\system32\DRIVERS\intelide.sys
0x807F2000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x807EB000 \SystemRoot\system32\drivers\pciide.sys
0x807A1000 \SystemRoot\System32\drivers\volmgrx.sys
0x80701000 \SystemRoot\system32\drivers\iastorv.sys
0x8063A000 \SystemRoot\system32\drivers\iastor.sys
0x80632000 \SystemRoot\system32\drivers\atapi.sys
0x80614000 \SystemRoot\system32\drivers\ataport.SYS
0x823CF000 \SystemRoot\system32\drivers\fltmgr.sys
0x80604000 \SystemRoot\system32\drivers\fileinfo.sys
0x823C6000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x822C2000 \SystemRoot\system32\drivers\ndis.sys
0x82297000 \SystemRoot\system32\drivers\msrpc.sys
0x8225E000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BAF8000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BA8E000 \SystemRoot\System32\Drivers\ksecdd.sys
0x82228000 \SystemRoot\system32\drivers\volsnap.sys
0x82220000 \SystemRoot\System32\Drivers\spldr.sys
0x82211000 \SystemRoot\System32\drivers\partmgr.sys
0x82202000 \SystemRoot\System32\Drivers\mup.sys
0x8BA69000 \SystemRoot\System32\drivers\ecache.sys
0x8BA58000 \SystemRoot\system32\drivers\disk.sys
0x8BA37000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8BA2E000 \SystemRoot\system32\drivers\crcdisk.sys
0x8EC05000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8F736000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8EC9F000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8FEBB000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FC71000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8ECF8000 \SystemRoot\System32\drivers\watchdog.sys
0x8F62E000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F753000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F620000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F60E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8FC2B000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x8FE35000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8C9C0000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8F600000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8FC13000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8C481000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8FE21000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x907AF000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8FC00000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x90783000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8FE16000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8FE0B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x9076B000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8ED92000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0x8ECE8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8F748000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x9074D000 \SystemRoot\system32\DRIVERS\dne2000.sys
0x90722000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x906E2000 \SystemRoot\system32\DRIVERS\storport.sys
0x8FE00000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8C970000 \SystemRoot\system32\DRIVERS\HssDrv.sys
0x906CB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x906C0000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x9069D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x9068E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x9067B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x9066F000 \SystemRoot\System32\Drivers\pcouffin.sys
0x90653000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8C816000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90629000 \SystemRoot\system32\DRIVERS\ks.sys
0x8FD74000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90A42000 \SystemRoot\system32\DRIVERS\TM_CFW.sys
0x90662000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90A0E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8C9B0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90D6B000 \SystemRoot\system32\drivers\stwrt.sys
0x90D3E000 \SystemRoot\system32\drivers\portcls.sys
0x90D19000 \SystemRoot\system32\drivers\drmk.sys
0x8C490000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8EC5D000 \SystemRoot\System32\Drivers\Null.SYS
0x8EC64000 \SystemRoot\System32\Drivers\Beep.SYS
0x8EC6B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9060D000 \SystemRoot\System32\drivers\vga.sys
0x90CF8000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8ED0D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8ED15000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90602000 \SystemRoot\System32\Drivers\Msfs.SYS
0x90A00000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8F709000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x90C02000 \SystemRoot\System32\drivers\tcpip.sys
0x90FE7000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x90FD2000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90FBE000 \SystemRoot\system32\DRIVERS\smb.sys
0x90F8C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90F45000 \SystemRoot\system32\drivers\afd.sys
0x90F2F000 \SystemRoot\system32\DRIVERS\pacer.sys
0x90F21000 \SystemRoot\system32\DRIVERS\netbios.sys
0x90F0E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x90EF0000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x90ECE000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0x90E93000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8FD7E000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90E3C000 \SystemRoot\System32\Drivers\dfsc.sys
0x90E15000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8C820000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x919C6000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0x8C81C000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0x90F01000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F639000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8F71B000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8C990000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8ED25000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8FD92000 \SystemRoot\System32\Drivers\tcusb.sys
0x98148000 \SystemRoot\System32\Drivers\fastfat.SYS
0x98E00000 \SystemRoot\System32\win32k.sys
0x8FD9C000 \SystemRoot\System32\drivers\Dxapi.sys
0x9181A000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x9800E000 \SystemRoot\System32\Drivers\bthport.sys
0x91809000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x8FDA6000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x9A0E6000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x9A080000 \SystemRoot\system32\drivers\btwavdt.sys
0x9A005000 \SystemRoot\system32\drivers\btwaudio.sys
0x8F7FD000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x981AF000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x9CA41000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9D200000 \SystemRoot\System32\TSDDD.dll
0x9D210000 \SystemRoot\System32\cdd.dll
0x8EC1F000 \SystemRoot\system32\DRIVERS\tmpreflt.sys
0x9F6DD000 \SystemRoot\system32\DRIVERS\vsapint.sys
0x9DC4B000 \SystemRoot\system32\drivers\TmXPFlt.sys
0xA22C2000 \SystemRoot\system32\drivers\spsys.sys
0x8C980000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA2257000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8FDEC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA2244000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA3419000 \SystemRoot\system32\drivers\HTTP.sys
0xA34A5000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA3400000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA3491000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA4BA0000 \SystemRoot\system32\drivers\mrxdav.sys
0xA4B82000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA4B49000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA4B37000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA4B13000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA3F6F000 \SystemRoot\System32\DRIVERS\srv.sys
0xA587C000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys
0x8C824000 \SystemRoot\system32\DRIVERS\dsunidrv.sys
0xA6482000 \SystemRoot\system32\drivers\peauth.sys
0x8FDC4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9FAC3000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAA245000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x9D0FF000 \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
0x9D09A000 \??\C:\Users\Ashish\AppData\Local\Temp\fwliqpod.sys
0xB5AA6000 \??\C:\Users\Ashish\AppData\Local\Temp\mbr.sys
0x76EE0000 \Windows\System32\ntdll.dll

Processes (total 97):
0 System Idle Process
4 System
544 C:\Windows\System32\smss.exe
612 csrss.exe
672 csrss.exe
680 C:\Windows\System32\wininit.exe
728 C:\Windows\System32\winlogon.exe
768 C:\Windows\System32\services.exe
780 C:\Windows\System32\lsass.exe
796 C:\Windows\System32\lsm.exe
940 C:\Windows\System32\svchost.exe
1028 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1172 C:\Windows\System32\svchost.exe
1208 C:\Windows\System32\svchost.exe
1252 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\audiodg.exe
1420 C:\Windows\System32\SLsvc.exe
1456 C:\Windows\System32\svchost.exe
1584 C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
1644 C:\Windows\System32\svchost.exe
1892 C:\Windows\System32\WLTRYSVC.EXE
1908 C:\Windows\System32\BCMWLTRY.EXE
2000 C:\Windows\System32\spoolsv.exe
2028 C:\Windows\System32\svchost.exe
1928 C:\Windows\System32\taskeng.exe
12 C:\Windows\System32\taskeng.exe
1480 C:\Program Files\Google\Update\GoogleUpdate.exe
2104 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2140 C:\Windows\System32\AEstSrv.exe
2172 C:\Program Files\Apple\iPhone Configuration Web Utility\iPhoneConfigurationWebUtilityService.exe
2208 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2228 C:\Program Files\Bonjour\mDNSResponder.exe
2256 C:\Windows\System32\svchost.exe
2268 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
2300 C:\Windows\System32\CTSVCCDA.EXE
2340 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
2432 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2496 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
2576 C:\Windows\System32\svchost.exe
2628 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
2668 C:\Windows\System32\stacsv.exe
2784 C:\Windows\System32\svchost.exe
2804 C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
2828 C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
2868 C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
2896 C:\Program Files\Viewpoint\Common\ViewpointService.exe
2964 C:\Windows\System32\svchost.exe
2992 C:\Windows\System32\SearchIndexer.exe
3836 C:\Program Files\Apple\iPhone Configuration Web Utility\ruby\bin\ruby.exe
3852 C:\PROGRA~1\TRENDM~1\INTERN~1\pccguide.exe
3980 C:\Windows\System32\dwm.exe
4016 C:\Windows\explorer.exe
3064 C:\Program Files\Windows Defender\MSASCui.exe
3080 C:\Program Files\DellTPad\Apoint.exe
3088 C:\Windows\OEM02Mon.exe
2988 C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
1244 C:\Windows\System32\rundll32.exe
1292 C:\Windows\System32\rundll32.exe
1676 C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
3904 C:\Windows\System32\WLTRAY.EXE
4092 C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
1720 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
1684 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1528 C:\Program Files\Dell\MediaDirect\PCMService.exe
2136 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2624 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
344 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1848 C:\Program Files\iTunes\iTunesHelper.exe
1120 C:\Program Files\DellSupport\DSAgnt.exe
2700 C:\Windows\ehome\ehtray.exe
2952 C:\Windows\System32\wbem\unsecapp.exe
4088 WmiPrvSE.exe
4216 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
4224 C:\Users\Ashish\AppData\Local\Google\Update\GoogleUpdate.exe
4232 C:\Program Files\Windows Sidebar\sidebar.exe
4240 C:\Program Files\Windows Media Player\wmpnscfg.exe
4272 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
4280 C:\Program Files\Dell\QuickSet\quickset.exe
4484 C:\Windows\ehome\ehmsas.exe
4620 C:\Program Files\Fingerprint Reader Suite\psqltray.exe
4640 C:\Windows\System32\rundll32.exe
4796 C:\Program Files\DellTPad\ApMsgFwd.exe
4848 C:\Program Files\Windows Media Player\wmpnetwk.exe
5228 C:\Program Files\DellTPad\hidfind.exe
5300 C:\Program Files\DellTPad\ApntEx.exe
2572 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
4084 C:\Program Files\iPod\bin\iPodService.exe
4352 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
5704 C:\Windows\System32\wuauclt.exe
1768 C:\Program Files\Mozilla Firefox\firefox.exe
2520 C:\Program Files\Mozilla Firefox\plugin-container.exe
1820 C:\Windows\System32\notepad.exe
3328 C:\Windows\System32\SearchProtocolHost.exe
1440 C:\Windows\System32\SearchFilterHost.exe
5912 C:\Windows\System32\rundll32.exe
4256 C:\Users\Ashish\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`84f00000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`04f00000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM320JI, Rev: 2SS00_01

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
 
Here's the log from ComboFix....Seems like it's incomplete

ComboFix 10-11-26.07 - Ashish 11/27/2010 12:47:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3581.2337 [GMT -5:00]
Running from: C:\Users\Ashish\Desktop\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
 
Ran ComboFix....it fixed some issues....then the computer got locked up while trying to restart (like before). I manually restarted it but upon restart, I get the blank screen. I can navigate through the computer through the task manager. Thoughts?
 
Safe Mode has the blank screen as well. Here's the TDSSKiller log:

2010/11/27 13:18:13.0821 TDSS rootkit removing tool 2.4.9.0 Nov 26 2010 15:38:31
2010/11/27 13:18:13.0821 ================================================================================
2010/11/27 13:18:13.0821 SystemInfo:
2010/11/27 13:18:13.0821
2010/11/27 13:18:13.0821 OS Version: 6.0.6000 ServicePack: 0.0
2010/11/27 13:18:13.0821 Product type: Workstation
2010/11/27 13:18:13.0822 ComputerName: ASHISH-PC
2010/11/27 13:18:13.0822 UserName: Ashish
2010/11/27 13:18:13.0822 Windows directory: C:\Windows
2010/11/27 13:18:13.0822 System windows directory: C:\Windows
2010/11/27 13:18:13.0822 Processor architecture: Intel x86
2010/11/27 13:18:13.0822 Number of processors: 2
2010/11/27 13:18:13.0822 Page size: 0x1000
2010/11/27 13:18:13.0822 Boot type: Normal boot
2010/11/27 13:18:13.0822 ================================================================================
2010/11/27 13:18:14.0285 Initialize success
2010/11/27 13:18:16.0209 ================================================================================
2010/11/27 13:18:16.0209 Scan started
2010/11/27 13:18:16.0209 Mode: Manual;
2010/11/27 13:18:16.0209 ================================================================================
2010/11/27 13:18:16.0660 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2010/11/27 13:18:16.0704 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2010/11/27 13:18:16.0741 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2010/11/27 13:18:16.0802 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2010/11/27 13:18:16.0849 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2010/11/27 13:18:16.0910 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2010/11/27 13:18:16.0953 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2010/11/27 13:18:16.0976 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/11/27 13:18:17.0004 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
2010/11/27 13:18:17.0021 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2010/11/27 13:18:17.0041 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
2010/11/27 13:18:17.0067 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2010/11/27 13:18:17.0093 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2010/11/27 13:18:17.0135 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/11/27 13:18:17.0235 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2010/11/27 13:18:17.0265 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2010/11/27 13:18:17.0294 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/27 13:18:17.0344 atapi (e03e8c99d15d0381e02743c36afc7c6f) C:\Windows\system32\drivers\atapi.sys
2010/11/27 13:18:17.0414 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/11/27 13:18:17.0446 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2010/11/27 13:18:17.0577 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/27 13:18:17.0610 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/27 13:18:17.0640 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/11/27 13:18:17.0671 Bridge (2ac8f5b88771c31c4211a11be6bffe14) C:\Windows\system32\DRIVERS\bridge.sys
2010/11/27 13:18:17.0685 BridgeMP (2ac8f5b88771c31c4211a11be6bffe14) C:\Windows\system32\DRIVERS\bridge.sys
2010/11/27 13:18:17.0719 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/11/27 13:18:17.0751 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/11/27 13:18:17.0777 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/27 13:18:17.0799 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/11/27 13:18:17.0850 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/11/27 13:18:17.0872 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/11/27 13:18:17.0915 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
2010/11/27 13:18:17.0945 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
2010/11/27 13:18:17.0978 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
2010/11/27 13:18:18.0025 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
2010/11/27 13:18:18.0041 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
2010/11/27 13:18:18.0057 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
2010/11/27 13:18:18.0251 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/27 13:18:18.0283 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/27 13:18:18.0371 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2010/11/27 13:18:18.0429 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2010/11/27 13:18:18.0480 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/27 13:18:18.0646 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
2010/11/27 13:18:18.0714 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/27 13:18:18.0771 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2010/11/27 13:18:18.0835 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2010/11/27 13:18:18.0895 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2010/11/27 13:18:19.0105 CVPNDRVA (26deef07394624247d1f549bd94f0b15) C:\Windows\system32\Drivers\CVPNDRVA.sys
2010/11/27 13:18:19.0234 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2010/11/27 13:18:19.0324 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2010/11/27 13:18:19.0513 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
2010/11/27 13:18:19.0700 Dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2010/11/27 13:18:19.0752 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2010/11/27 13:18:19.0879 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2010/11/27 13:18:19.0954 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2010/11/27 13:18:20.0223 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/11/27 13:18:20.0273 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
2010/11/27 13:18:20.0597 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/27 13:18:20.0762 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
2010/11/27 13:18:20.0824 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/11/27 13:18:20.0908 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2010/11/27 13:18:21.0146 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2010/11/27 13:18:21.0310 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2010/11/27 13:18:21.0354 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/27 13:18:21.0428 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2010/11/27 13:18:21.0465 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2010/11/27 13:18:21.0545 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/27 13:18:21.0662 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2010/11/27 13:18:21.0735 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/27 13:18:21.0778 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/27 13:18:21.0841 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2010/11/27 13:18:21.0946 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/27 13:18:22.0022 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/11/27 13:18:22.0076 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/11/27 13:18:22.0142 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/27 13:18:22.0289 hitmanpro35 (d7e05e0173719b66bb108f3d97e49a6a) C:\Windows\system32\drivers\hitmanpro35.sys
2010/11/27 13:18:22.0384 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2010/11/27 13:18:22.0535 HssDrv (30858b2d6dc0d8ed044dc28011ade6a2) C:\Windows\system32\DRIVERS\HssDrv.sys
2010/11/27 13:18:22.0768 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2010/11/27 13:18:22.0924 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2010/11/27 13:18:23.0071 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/27 13:18:23.0158 iaNvStor (92b37e0a61cd710a0c66dc3567a8bf3c) C:\Windows\system32\drivers\ianvstor.sys
2010/11/27 13:18:23.0476 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2010/11/27 13:18:23.0678 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2010/11/27 13:18:23.0818 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/11/27 13:18:23.0848 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
2010/11/27 13:18:23.0997 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/27 13:18:24.0158 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/27 13:18:24.0219 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/27 13:18:24.0307 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/27 13:18:24.0386 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2010/11/27 13:18:24.0414 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2010/11/27 13:18:24.0558 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/27 13:18:24.0640 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/11/27 13:18:24.0691 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/11/27 13:18:24.0774 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/27 13:18:24.0899 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/27 13:18:25.0230 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/27 13:18:25.0334 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/27 13:18:25.0375 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/27 13:18:25.0425 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/27 13:18:25.0450 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/27 13:18:25.0473 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2010/11/27 13:18:25.0508 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2010/11/27 13:18:25.0547 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2010/11/27 13:18:25.0572 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/27 13:18:25.0608 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/27 13:18:25.0705 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/27 13:18:25.0731 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2010/11/27 13:18:25.0751 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2010/11/27 13:18:25.0799 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/27 13:18:25.0827 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/27 13:18:25.0943 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2010/11/27 13:18:26.0006 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/27 13:18:26.0043 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/27 13:18:26.0133 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/27 13:18:26.0285 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
2010/11/27 13:18:26.0369 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2010/11/27 13:18:26.0436 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2010/11/27 13:18:26.0510 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
2010/11/27 13:18:26.0590 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/27 13:18:26.0661 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/27 13:18:26.0744 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2010/11/27 13:18:26.0859 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2010/11/27 13:18:26.0892 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/27 13:18:26.0912 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2010/11/27 13:18:26.0986 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2010/11/27 13:18:27.0131 NativeWifiP (1d162e52fb691eb555a476b04b4bff3f) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/27 13:18:27.0192 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2010/11/27 13:18:27.0248 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/27 13:18:27.0322 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/27 13:18:27.0401 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/27 13:18:27.0482 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2010/11/27 13:18:27.0509 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/27 13:18:27.0542 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/27 13:18:27.0639 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/11/27 13:18:27.0667 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2010/11/27 13:18:27.0712 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/27 13:18:27.0932 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2010/11/27 13:18:28.0009 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/11/27 13:18:28.0040 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2010/11/27 13:18:28.0949 nvlddmkm (8ead4e71cf31962b124cdace9c29c714) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/27 13:18:29.0727 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2010/11/27 13:18:29.0799 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2010/11/27 13:18:29.0829 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2010/11/27 13:18:29.0913 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2010/11/27 13:18:29.0994 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2010/11/27 13:18:30.0120 ohci1394 (953c1ba621f4da9dc7d268ae839a51fb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/27 13:18:30.0205 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/11/27 13:18:30.0336 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
2010/11/27 13:18:30.0412 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/11/27 13:18:30.0489 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
2010/11/27 13:18:30.0546 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
2010/11/27 13:18:30.0599 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/11/27 13:18:30.0655 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2010/11/27 13:18:30.0714 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/11/27 13:18:30.0855 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/27 13:18:30.0924 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2010/11/27 13:18:31.0005 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/27 13:18:31.0131 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
2010/11/27 13:18:31.0559 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2010/11/27 13:18:31.0643 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/11/27 13:18:31.0678 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/27 13:18:31.0763 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/11/27 13:18:31.0885 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/27 13:18:31.0935 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/27 13:18:32.0014 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/27 13:18:32.0092 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/27 13:18:32.0125 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/27 13:18:32.0168 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2010/11/27 13:18:32.0190 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/27 13:18:32.0389 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
2010/11/27 13:18:32.0525 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/11/27 13:18:32.0612 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/11/27 13:18:32.0643 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/11/27 13:18:32.0672 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/11/27 13:18:32.0700 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/27 13:18:32.0872 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/11/27 13:18:32.0946 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/27 13:18:32.0970 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/27 13:18:33.0005 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/11/27 13:18:33.0087 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/11/27 13:18:33.0164 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2010/11/27 13:18:33.0225 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/27 13:18:33.0242 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/27 13:18:33.0260 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/27 13:18:33.0285 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/11/27 13:18:33.0395 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2010/11/27 13:18:33.0458 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2010/11/27 13:18:33.0488 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2010/11/27 13:18:33.0548 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2010/11/27 13:18:33.0578 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2010/11/27 13:18:33.0838 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2010/11/27 13:18:33.0937 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/27 13:18:34.0075 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/27 13:18:34.0325 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
2010/11/27 13:18:34.0459 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/27 13:18:34.0547 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/11/27 13:18:34.0628 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/11/27 13:18:34.0673 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/11/27 13:18:34.0898 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys
2010/11/27 13:18:34.0988 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/27 13:18:35.0068 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/27 13:18:35.0195 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
2010/11/27 13:18:35.0269 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2010/11/27 13:18:35.0320 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2010/11/27 13:18:35.0411 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/27 13:18:35.0500 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/27 13:18:35.0634 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/27 13:18:35.0709 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/27 13:18:35.0794 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/27 13:18:35.0881 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2010/11/27 13:18:35.0958 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/27 13:18:36.0008 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/27 13:18:36.0041 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2010/11/27 13:18:36.0079 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/11/27 13:18:36.0109 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/11/27 13:18:36.0132 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/27 13:18:36.0205 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/11/27 13:18:36.0293 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/27 13:18:36.0375 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/11/27 13:18:36.0425 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/27 13:18:36.0469 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/27 13:18:36.0499 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/11/27 13:18:36.0528 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/27 13:18:36.0607 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/27 13:18:36.0686 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/27 13:18:36.0735 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/27 13:18:36.0772 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/27 13:18:36.0841 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2010/11/27 13:18:36.0881 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2010/11/27 13:18:36.0950 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2010/11/27 13:18:37.0020 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
2010/11/27 13:18:37.0062 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
2010/11/27 13:18:37.0294 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
2010/11/27 13:18:37.0481 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2010/11/27 13:18:37.0564 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2010/11/27 13:18:37.0677 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/11/27 13:18:37.0819 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/27 13:18:37.0868 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/27 13:18:37.0954 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2010/11/27 13:18:38.0264 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/27 13:18:38.0374 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/27 13:18:38.0477 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/11/27 13:18:38.0516 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/27 13:18:38.0568 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/27 13:18:38.0774 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2010/11/27 13:18:38.0875 ================================================================================
2010/11/27 13:18:38.0875 Scan finished
2010/11/27 13:18:38.0876 ================================================================================
 
It ran clean...even restarted the computer. Here's the log. Still looks incomplete.

ComboFix 10-11-26.07 - Ashish 11/27/2010 13:28:50.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3581.2711 [GMT -5:00]
Running from: C:\Users\Ashish\Desktop\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
 
Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
explorer.exe
winlogon.exe
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Here's the OTL Log. Extras.txt wasn't created. Thanks.

OTL logfile created on: 11/27/2010 1:48:27 PM - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Ashish\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 76.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.51 Gb Total Space | 133.98 Gb Free Space | 46.93% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 3.28 Gb Free Space | 32.77% Space Free | Partition Type: NTFS

Computer Name: ASHISH-PC | User Name: Ashish | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/27 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/07/05 13:26:18 | 000,025,936 | ---- | M] (Apple, Inc.) -- C:\Program Files\Apple\iPhone Configuration Web Utility\iPhoneConfigurationWebUtilityService.exe
PRC - [2008/07/05 13:23:16 | 000,007,168 | ---- | M] () -- C:\Program Files\Apple\iPhone Configuration Web Utility\ruby\bin\ruby.exe
PRC - [2008/04/03 12:54:15 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2007/12/02 23:27:58 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/12/02 23:27:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/04/16 23:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (SafeList) ==========

MOD - [2010/11/27 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/09 18:45:27 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/09/29 09:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/07/05 13:26:18 | 000,025,936 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Apple\iPhone Configuration Web Utility\iPhoneConfigurationWebUtilityService.exe -- (Apple iPhone Configuration Web Utility)
SRV - [2008/04/03 20:29:26 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/04/03 13:12:37 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/04/03 12:54:15 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/01/15 09:28:20 | 000,204,800 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2007/12/02 23:27:58 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/12/02 23:27:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/07/16 10:58:02 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | Boot | Stopped] -- C:\Windows\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Ashish\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/09/15 15:04:58 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2008/04/03 20:36:47 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/04/03 20:36:47 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/04/03 20:36:47 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/02 23:28:08 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/28 01:40:24 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/28 01:24:16 | 007,620,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/07 04:27:32 | 000,209,408 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ianvstor.sys -- (iaNvStor) Intel(R)
DRV - [2007/09/07 04:22:34 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/09/07 03:50:54 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/07 01:35:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/07 01:35:44 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/07 01:35:42 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/08/28 00:51:44 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/08/28 00:51:40 | 000,235,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/07/16 10:57:12 | 000,306,299 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007/04/16 22:44:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/03/21 14:33:46 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/01/31 12:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/06 20:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/06 18:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/06 18:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2080404
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial"
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/06 16:05:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/03 21:20:36 | 000,000,000 | ---D | M]

[2008/06/17 18:59:27 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Mozilla\Extensions
[2010/11/27 02:42:35 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Mozilla\Firefox\Profiles\y7md83ls.default\extensions
[2010/08/16 22:47:37 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Mozilla\Firefox\Profiles\y7md83ls.default\extensions\vshareus@toolbar
[2010/11/27 02:42:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/10 01:56:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/06/03 19:55:51 | 000,163,840 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2010/11/27 12:54:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF6731.cfx File not found
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MFARestart] C:\ProgramData\MFAData\pack\avgrunasx.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [swetaswxxx.exe] C:\swetaswxxx.exe\swetaswxxx.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF6731.cfx File not found
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} http://www.ooxtv.com/livetv.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://bollym4u.com/js/vjocx-ch.cab (Reg Error: Key error.)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\XPS_NB_1280x864_Black.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\XPS_NB_1280x864_Black.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 13:46:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
[2010/11/27 13:33:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/11/27 13:33:34 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\temp
[2010/11/27 13:27:07 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/11/27 12:41:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/11/27 12:41:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/11/27 12:41:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/11/27 12:41:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/11/27 12:41:36 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/11/27 02:47:52 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\Sunbelt Software
[2010/11/27 02:33:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/11/26 21:16:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/26 18:21:28 | 000,000,000 | ---D | C] -- C:\Users\Ashish\Desktop\Logs
[2010/11/26 18:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/20 13:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/11/20 13:38:36 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/11/11 23:03:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/11 20:09:15 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Arlu
[2010/11/07 19:41:21 | 000,000,000 | ---D | C] -- C:\Users\Ashish\DoctorWeb
[2010/11/06 01:20:03 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/11/06 01:03:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/11/06 01:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/11/06 00:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/11/06 00:48:04 | 004,329,496 | ---- | C] (AVG Technologies) -- C:\Users\Ashish\Desktop\avg_free_stb_all_2011_1153_cnet.exe
[2010/11/05 23:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/11/05 23:39:29 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Local\NPE
[2010/11/03 21:27:42 | 006,565,383 | ---- | C] (McAfee Inc.) -- C:\Users\Ashish\Desktop\stinger10101096.exe
[2010/11/03 21:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/10/31 11:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/31 00:59:12 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2008/05/31 10:55:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Ashish\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2010/11/27 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
[2010/11/27 13:45:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2160984431-3788846443-898008396-1000UA.job
[2010/11/27 13:34:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/27 13:34:47 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/27 13:34:47 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/27 13:34:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/27 13:34:33 | 3756,064,768 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/27 13:33:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/11/27 13:17:57 | 001,228,013 | ---- | M] () -- C:\Users\Ashish\Desktop\tdsskiller.zip
[2010/11/27 13:06:26 | 000,015,944 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/11/27 12:56:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/27 12:54:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/11/27 12:45:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2160984431-3788846443-898008396-1000Core.job
[2010/11/27 12:40:47 | 003,910,097 | R--- | M] () -- C:\Users\Ashish\Desktop\ComboFix.exe
[2010/11/27 12:18:28 | 000,080,384 | ---- | M] () -- C:\Users\Ashish\Desktop\MBRCheck.exe
[2010/11/27 12:13:50 | 000,630,272 | ---- | M] () -- C:\Users\Ashish\Desktop\dds.scr
[2010/11/27 12:13:47 | 000,296,448 | ---- | M] () -- C:\Users\Ashish\Desktop\triqxjj5.exe
[2010/11/27 12:12:22 | 000,253,046 | ---- | M] () -- C:\Users\Ashish\AppData\Roaming\nvModes.001
[2010/11/27 11:52:25 | 000,002,565 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2010/11/27 02:34:40 | 000,621,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/27 02:34:40 | 000,104,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/27 02:22:14 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A4B73A2F-2A3B-47BA-A4BC-52146962777B}.job
[2010/11/26 00:49:43 | 000,149,504 | ---- | M] () -- C:\Users\Ashish\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/23 21:12:06 | 000,093,571 | ---- | M] () -- C:\Users\Ashish\Desktop\nfl-parity-2010.jpg
[2010/11/22 21:51:09 | 301,514,147 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/18 21:37:00 | 000,016,165 | ---- | M] () -- C:\Users\Ashish\Documents\Publications.docx
[2010/11/14 22:45:20 | 000,000,227 | ---- | M] () -- C:\Users\Ashish\Desktop\Sound - Shortcut.lnk
[2010/11/13 16:50:46 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2010/11/09 22:11:04 | 000,002,049 | ---- | M] () -- C:\Users\Ashish\Desktop\Google Chrome.lnk
[2010/11/09 22:11:04 | 000,002,011 | ---- | M] () -- C:\Users\Ashish\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/09 21:36:14 | 000,023,214 | ---- | M] () -- C:\Users\Ashish\Documents\Resume.docx
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\Windows\MBR.exe
[2010/11/07 19:57:32 | 000,001,356 | ---- | M] () -- C:\Users\Ashish\AppData\Local\d3d9caps.dat
[2010/11/07 19:05:32 | 000,145,656 | ---- | M] () -- C:\Users\Ashish\AppData\Local\prvlcl.dat
[2010/11/06 00:48:12 | 004,329,496 | ---- | M] (AVG Technologies) -- C:\Users\Ashish\Desktop\avg_free_stb_all_2011_1153_cnet.exe
[2010/11/05 23:49:42 | 000,001,508 | ---- | M] () -- C:\Users\Ashish\AppData\Roaming\SMRResults130.dat
[2010/11/03 23:25:23 | 000,000,017 | ---- | M] () -- C:\Users\Ashish\Desktop\stinger10101096.opt
[2010/11/03 23:21:05 | 000,079,968 | ---- | M] () -- C:\Users\Ashish\Desktop\Heat.Jazz Tickets 11.9.10.pdf
[2010/11/03 21:28:17 | 006,565,383 | ---- | M] (McAfee Inc.) -- C:\Users\Ashish\Desktop\stinger10101096.exe
[2010/10/31 21:45:45 | 000,079,978 | ---- | M] () -- C:\Users\Ashish\Desktop\Heat.Celtics Tickets 11.11.10.pdf

========== Files Created - No Company Name ==========

[2010/11/27 12:41:39 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/11/27 12:41:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/11/27 12:41:39 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010/11/27 12:41:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/11/27 12:41:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/11/27 12:40:40 | 003,910,097 | R--- | C] () -- C:\Users\Ashish\Desktop\ComboFix.exe
[2010/11/27 12:18:28 | 000,080,384 | ---- | C] () -- C:\Users\Ashish\Desktop\MBRCheck.exe
[2010/11/27 12:13:49 | 000,630,272 | ---- | C] () -- C:\Users\Ashish\Desktop\dds.scr
[2010/11/27 12:13:34 | 000,296,448 | ---- | C] () -- C:\Users\Ashish\Desktop\triqxjj5.exe
[2010/11/26 23:20:49 | 3756,064,768 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/23 21:12:06 | 000,093,571 | ---- | C] () -- C:\Users\Ashish\Desktop\nfl-parity-2010.jpg
[2010/11/14 22:45:20 | 000,000,227 | ---- | C] () -- C:\Users\Ashish\Desktop\Sound - Shortcut.lnk
[2010/11/09 21:40:54 | 000,016,165 | ---- | C] () -- C:\Users\Ashish\Documents\Publications.docx
[2010/11/07 19:05:31 | 000,145,656 | ---- | C] () -- C:\Users\Ashish\AppData\Local\prvlcl.dat
[2010/11/06 00:25:33 | 001,228,013 | ---- | C] () -- C:\Users\Ashish\Desktop\tdsskiller.zip
[2010/11/05 23:49:42 | 000,001,508 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\SMRResults130.dat
[2010/11/03 23:25:23 | 000,000,017 | ---- | C] () -- C:\Users\Ashish\Desktop\stinger10101096.opt
[2010/11/03 23:21:05 | 000,079,968 | ---- | C] () -- C:\Users\Ashish\Desktop\Heat.Jazz Tickets 11.9.10.pdf
[2010/10/31 21:45:45 | 000,079,978 | ---- | C] () -- C:\Users\Ashish\Desktop\Heat.Celtics Tickets 11.11.10.pdf
[2010/10/19 20:42:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\io.ini
[2010/10/19 20:42:43 | 000,000,000 | ---- | C] () -- C:\ProgramData\1rphcipg0fz62yxo23ox8gd3li86yuho.ini
[2010/08/29 16:29:24 | 000,015,944 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/07/14 22:58:40 | 000,000,885 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/06/03 07:12:30 | 000,000,120 | ---- | C] () -- C:\Users\Ashish\AppData\Local\Rlekozugi.dat
[2010/06/03 07:12:30 | 000,000,000 | ---- | C] () -- C:\Users\Ashish\AppData\Local\Rnajevamiku.bin
[2010/06/02 22:38:18 | 000,000,036 | ---- | C] () -- C:\Users\Ashish\AppData\Local\housecall.guid.cache
[2010/05/28 22:35:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\fjkwetbl.sys
[2010/05/28 22:34:48 | 000,000,020 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\vqdlkr.dat
[2010/03/08 22:47:28 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/03/08 21:49:09 | 000,010,678 | -HS- | C] () -- C:\Users\Ashish\AppData\Local\J3CVYoQ5
[2009/10/31 20:48:03 | 000,073,728 | ---- | C] () -- C:\Windows\System32\VistaInfo32.dll
[2008/12/31 18:20:59 | 000,001,356 | ---- | C] () -- C:\Users\Ashish\AppData\Local\d3d9caps.dat
[2008/05/31 10:56:38 | 000,001,036 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\vso_ts_preview.xml
[2008/05/31 10:56:00 | 000,000,034 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\pcouffin.log
[2008/05/31 10:55:41 | 000,007,887 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\pcouffin.cat
[2008/05/31 10:55:41 | 000,001,144 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\pcouffin.inf
[2008/04/09 20:22:50 | 000,253,046 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\nvModes.001
[2008/04/09 18:55:28 | 000,149,504 | ---- | C] () -- C:\Users\Ashish\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/09 18:34:35 | 000,253,046 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\nvModes.dat
[2008/04/03 20:37:11 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008/04/03 20:37:10 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/04/03 13:10:10 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/04/03 12:56:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/04/03 12:55:08 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2008/04/03 12:55:07 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2008/04/03 12:55:07 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/07/16 10:58:10 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2006/11/03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/10/28 16:42:30 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
 
========== LOP Check ==========

[2010/11/10 01:56:35 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\.BitTornado
[2010/06/02 21:16:07 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\025EE49533BAB044CB74A2A78C0E406A
[2010/11/14 01:14:05 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Arlu
[2008/04/13 18:58:35 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Azureus
[2010/05/24 21:58:07 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\com.adobe.example.NISDesktopAlerts.8B84194D4D9FFDB4F2F41B07D0F160207BFE7624.1
[2008/09/07 10:13:42 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1
[2010/10/16 09:11:43 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Esiz
[2010/10/16 10:02:47 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Ginad
[2010/06/27 23:03:16 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Ginai
[2009/02/13 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Gleim
[2010/06/03 06:54:55 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Hounva
[2010/03/26 21:01:36 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Opera
[2010/06/24 18:36:43 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Pacayv
[2008/09/08 19:21:35 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\PDFCreator
[2010/05/29 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\StreamTorrent
[2010/07/26 20:40:20 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\tmp
[2010/08/11 22:52:00 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\Vso
[2010/11/27 13:33:39 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/27 02:22:14 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A4B73A2F-2A3B-47BA-A4BC-52146962777B}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/11/27 02:17:03 | 000,030,265 | ---- | M] () -- C:\aaw7boot.log
[2009/10/04 09:40:49 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/04/03 20:37:19 | 000,004,870 | RH-- | M] () -- C:\dell.sdr
[2010/11/27 13:34:33 | 3756,064,768 | -HS- | M] () -- C:\hiberfil.sys
[2008/08/01 18:14:19 | 000,000,351 | -H-- | M] () -- C:\IPH.PH
[2010/11/27 13:34:31 | 4069,793,792 | -HS- | M] () -- C:\pagefile.sys
[2007/05/18 11:10:50 | 000,002,607 | ---- | M] () -- C:\Post_VPN_Logon.vbs
[2010/08/28 11:03:18 | 000,064,174 | ---- | M] () -- C:\TDSSKiller.2.4.1.3_28.08.2010_12.01.50_log.txt
[2010/08/28 11:15:07 | 000,062,240 | ---- | M] () -- C:\TDSSKiller.2.4.1.3_28.08.2010_12.14.33_log.txt
[2010/08/28 11:18:01 | 000,062,240 | ---- | M] () -- C:\TDSSKiller.2.4.1.3_28.08.2010_12.17.40_log.txt
[2010/08/29 14:11:34 | 000,062,240 | ---- | M] () -- C:\TDSSKiller.2.4.1.3_29.08.2010_15.11.10_log.txt
[2010/11/03 21:12:06 | 000,062,242 | ---- | M] () -- C:\TDSSKiller.2.4.6.0_03.11.2010_22.11.39_log.txt
[2010/11/06 00:27:17 | 000,062,242 | ---- | M] () -- C:\TDSSKiller.2.4.6.0_06.11.2010_01.25.50_log.txt
[2010/11/20 13:12:44 | 000,062,242 | ---- | M] () -- C:\TDSSKiller.2.4.6.0_20.11.2010_13.12.18_log.txt
[2010/11/11 21:31:16 | 000,062,242 | ---- | M] () -- C:\TDSSKiller.2.4.7.0_11.11.2010_21.30.13_log.txt
[2010/11/26 21:08:08 | 000,062,242 | ---- | M] () -- C:\TDSSKiller.2.4.9.0_26.11.2010_20.19.12_log.txt
[2010/11/27 13:26:30 | 000,060,596 | ---- | M] () -- C:\TDSSKiller.2.4.9.0_27.11.2010_13.18.13_log.txt
[2008/04/13 16:18:36 | 000,852,006 | ---- | M] () -- C:\vpninst.log
[2008/07/13 16:43:47 | 000,000,026 | ---- | M] () -- C:\wizard.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/12/29 08:57:18 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4v2.dll
[2006/11/02 04:46:05 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/12/10 19:22:29 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/04/01 18:16:20 | 000,000,286 | -HS- | M] () -- C:\Users\Ashish\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/11/06 00:48:12 | 004,329,496 | ---- | M] (AVG Technologies) -- C:\Users\Ashish\Desktop\avg_free_stb_all_2011_1153_cnet.exe
[2010/11/27 12:40:47 | 003,910,097 | R--- | M] () -- C:\Users\Ashish\Desktop\ComboFix.exe
[2010/11/27 12:18:28 | 000,080,384 | ---- | M] () -- C:\Users\Ashish\Desktop\MBRCheck.exe
[2010/11/27 13:46:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ashish\Desktop\OTL.exe
[2010/11/03 21:28:17 | 006,565,383 | ---- | M] (McAfee Inc.) -- C:\Users\Ashish\Desktop\stinger10101096.exe
[2010/11/27 12:13:47 | 000,296,448 | ---- | M] () -- C:\Users\Ashish\Desktop\triqxjj5.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2008/06/13 02:19:28 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2008/06/13 02:18:58 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2008/06/13 02:18:58 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2008/06/13 02:18:58 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2008/06/13 02:18:58 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2008/06/13 02:18:58 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/04/09 17:59:53 | 000,000,402 | -HS- | M] () -- C:\Users\Ashish\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/10/19 20:42:43 | 000,000,000 | ---- | M] () -- C:\ProgramData\1rphcipg0fz62yxo23ox8gd3li86yuho.ini
[2010/10/19 20:42:43 | 000,000,032 | ---- | M] () -- C:\ProgramData\io.ini

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >
[2010/05/09 20:07:42 | 000,058,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\o.dat

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/04/03 20:28:59 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/04/03 20:28:59 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: WINLOGON.EXE >
[2006/11/02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 02:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 217 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8

< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF6731.cfx File not found
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [swetaswxxx.exe] C:\swetaswxxx.exe\swetaswxxx.exe File not found
O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF6731.cfx File not found
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} http://www.ooxtv.com/livetv.ocx (Reg Error: Key error.)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://bollym4u.com/js/vjocx-ch.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
[2010/11/11 20:09:15 | 000,000,000 | ---D | C] -- C:\Users\Ashish\AppData\Roaming\Arlu
[2010/11/06 01:20:03 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/11/06 01:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/11/05 23:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/10/31 11:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/10/19 20:42:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\io.ini
[2010/10/19 20:42:43 | 000,000,000 | ---- | C] () -- C:\ProgramData\1rphcipg0fz62yxo23ox8gd3li86yuho.ini
[2010/06/03 07:12:30 | 000,000,120 | ---- | C] () -- C:\Users\Ashish\AppData\Local\Rlekozugi.dat
[2010/06/03 07:12:30 | 000,000,000 | ---- | C] () -- C:\Users\Ashish\AppData\Local\Rnajevamiku.bin
[2010/05/28 22:35:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\fjkwetbl.sys
[2010/05/28 22:34:48 | 000,000,020 | ---- | C] () -- C:\Users\Ashish\AppData\Roaming\vqdlkr.dat
[2010/03/08 21:49:09 | 000,010,678 | -HS- | C] () -- C:\Users\Ashish\AppData\Local\J3CVYoQ5
[2010/06/02 21:16:07 | 000,000,000 | ---D | M] -- C:\Users\Ashish\AppData\Roaming\025EE49533BAB044CB74A2A78C0E406A
@Alternate Data Stream - 217 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8

:Services

:Reg

:Files
C:\Program Files\Viewpoint


:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

Let me know, how computer is doing....
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
833
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back