Google redirect appears to be gone! But definitely will need some help restoring the video driver. And I've got this annoying Explorer Download Manager popping up all the time now. Going to try my printer and plotter to see if the drivers are okay.
ComboFix 12-02-29.01 - Owner 03/04/2012 16:07:05.3.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2885 [GMT -5:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\Owner\My Documents\~WRL0001.tmp
C:\WINDOWS\system32\default_user_class.dat.LOG
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\ShellExt\CmdOpen.dll
C:\WINDOWS\system32\drivers\cdrom.sys . . . is missing!!
((((((((((((((((((((((((( Files Created from 2012-02-04 to 2012-03-04 )))))))))))))))))))))))))))))))
2012-03-03 19:57:01 . 2012-03-03 19:57:01 98992 ----a-w- C:\WINDOWS\system32\drivers\14098817.sys
2012-03-03 19:56:54 . 2012-03-03 19:56:54 187776 ----a-w- C:\WINDOWS\system32\drivers\tsk1D.tmp
2012-03-03 19:55:12 . 2012-03-03 19:55:12 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-02 16:25:25 . 2012-03-02 16:25:25 -------- d-----w- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2012-03-02 16:25:17 . 2012-03-02 16:25:17 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2012-03-02 16:25:16 . 2012-03-02 16:25:22 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2012-03-02 16:25:16 . 2011-12-10 20:24:06 20464 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2012-02-29 17:42:33 . 2012-02-29 17:42:35 -------- d-----w- C:\Program Files\Download Manager
2012-02-29 17:42:32 . 2012-02-29 17:42:37 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\DownloadManager
2012-02-29 17:42:24 . 2012-02-29 17:42:25 -------- d-----w- C:\Program Files\Surf Canyon
2012-02-29 17:42:20 . 2012-02-29 17:52:56 -------- d-----w- C:\Program Files\RebateRobot
2012-02-29 17:42:20 . 2012-02-29 17:42:20 -------- d-----w- C:\skin
2012-02-29 17:42:20 . 2012-02-29 17:42:20 -------- d-----w- C:\defaults
2012-02-29 17:42:20 . 2012-02-29 17:42:20 -------- d-----w- C:\content
2012-02-29 17:42:01 . 2012-02-29 17:42:01 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\I Want This
2012-02-29 17:41:37 . 2012-02-29 17:42:16 -------- d-----w- C:\Program Files\I Want This
2012-02-27 21:04:45 . 2012-01-11 19:56:12 574424 --s---w- C:\WINDOWS\system32\drivers\TfSysMon.sys
2012-02-27 21:04:45 . 2012-01-11 19:56:12 54328 --s---w- C:\WINDOWS\system32\drivers\TfFsMon.sys
2012-02-27 21:04:45 . 2012-01-11 19:56:12 35264 --s---w- C:\WINDOWS\system32\drivers\TfNetMon.sys
2012-02-27 21:00:39 . 2011-09-28 18:14:02 56840 ----a-w- C:\WINDOWS\system32\drivers\PCTBD.sys
2012-02-27 21:00:19 . 2012-01-11 21:19:02 185560 ----a-w- C:\WINDOWS\system32\drivers\PCTSD.sys
2012-02-27 21:00:19 . 2012-01-11 21:17:50 17848 ----a-w- C:\WINDOWS\system32\drivers\pctBTFix.sys
2012-02-27 20:58:14 . 2012-02-27 20:58:14 -------- d-----w- C:\Documents and Settings\Owner\Application Data\TestApp
2012-02-10 19:59:00 . 2012-02-10 19:59:02 45056 ----a-w- C:\WINDOWS\scluins1.exe
2012-02-10 19:59:00 . 2012-02-10 19:59:02 36864 ----a-w- C:\WINDOWS\smon03.exe
2012-02-10 19:58:59 . 2012-02-10 21:22:41 -------- d-----w- C:\Program Files\Sophocles
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2012-02-27 20:31:26 . 2012-02-27 20:31:26 1182680 ----a-w- C:\WINDOWS\system32\drivers\TfKbMon.sys.old
2012-01-16 21:28:50 . 2011-06-24 19:16:27 149456 ----a-w- C:\WINDOWS\SGDetectionTool.dll
2012-01-16 21:28:48 . 2011-06-24 19:16:26 2246608 ----a-w- C:\WINDOWS\PCTBDCore.dll
2012-01-16 21:28:48 . 2011-06-24 19:16:26 1681360 ----a-w- C:\WINDOWS\PCTBDRes.dll
2012-01-16 21:28:28 . 2011-06-24 19:16:27 767952 ----a-w- C:\WINDOWS\BDTSupport.dll
2012-01-11 21:19:24 . 2011-06-24 18:33:02 70536 ----a-w- C:\WINDOWS\system32\drivers\pctplsg.sys
2012-01-11 21:14:30 . 2011-06-24 18:33:21 253352 ----a-w- C:\WINDOWS\system32\drivers\pctgntdi.sys
1997-07-22 00:30:54 1045776 --sha-w- C:\WINDOWS\system32\Msjet35.dll
1997-06-23 08:00:00 123664 --sha-w- C:\WINDOWS\system32\Msjint35.dll
1997-06-23 17:06:50 24848 --sha-w- C:\WINDOWS\system32\Msjter35.dll
1997-06-23 17:06:50 252176 --sha-w- C:\WINDOWS\system32\Msrd2x35.dll
1997-06-23 17:06:50 287504 --sha-w- C:\WINDOWS\system32\Msxbse35.dll
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
[-] 2009-10-19 07:35:08 . BA8C046D98345129723E6BCAA1E8AB99 . 361600 . . [5.1.2600.5649 (xpsp_sp3_qfe.080728-1259)] . . C:\WINDOWS\system32\drivers\tcpip.sys
((((((((((((((((((((((((((((( SnapShot@2011-12-26_17.54.44 )))))))))))))))))))))))))))))))))))))))))
+ 2007-11-07 07:19:20 . 2007-11-07 07:19:20 54272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 06:19:20 . 2007-11-07 06:19:20 54272 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 62976 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 62976 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 46080 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 46080 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 46592 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 46592 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 64512 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 64512 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 13:05:06 . 2008-07-29 13:05:06 66048 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
- 2008-07-29 12:05:06 . 2008-07-29 12:05:06 66048 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 65024 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 65024 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
- 2008-07-29 12:05:06 . 2008-07-29 12:05:06 65024 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05:06 . 2008-07-29 13:05:06 65024 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 56832 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 56832 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 66560 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 66560 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 12:05:06 . 2008-07-29 12:05:06 39936 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05:06 . 2008-07-29 13:05:06 39936 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
- 2008-07-29 12:05:06 . 2008-07-29 12:05:06 38912 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 13:05:06 . 2008-07-29 13:05:06 38912 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
- 2008-07-29 10:07:42 . 2008-07-29 10:07:42 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07:42 . 2008-07-29 11:07:42 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07:42 . 2008-07-29 11:07:42 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
- 2008-07-29 10:07:42 . 2008-07-29 10:07:42 59904 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2012-03-04 21:03:41 . 2012-03-04 21:03:41 16384 C:\WINDOWS\Temp\Perflib_Perfdata_70c.dat
+ 2012-03-04 21:03:38 . 2012-03-04 21:03:38 16384 C:\WINDOWS\Temp\Perflib_Perfdata_234.dat
+ 2012-01-24 00:55:39 . 2008-03-21 18:57:18 14640 C:\WINDOWS\system32\spmsgXP_2k3.dll
- 2008-04-14 11:00:00 . 2011-12-26 17:55:18 72108 C:\WINDOWS\system32\perfc009.dat
+ 2008-04-14 11:00:00 . 2012-03-03 21:14:48 72108 C:\WINDOWS\system32\perfc009.dat
+ 2008-03-27 21:27:48 . 2008-03-27 21:27:48 35040 C:\WINDOWS\system32\drivers\wdfldr.sys
+ 2011-10-02 14:24:23 . 2010-04-01 17:31:50 23424 C:\WINDOWS\system32\drivers\Motousbnet.sys
+ 2011-10-02 14:24:22 . 2010-09-29 21:13:46 24064 C:\WINDOWS\system32\drivers\motmodem.sys
+ 2011-10-02 14:24:21 . 2010-12-03 18:03:08 20352 C:\WINDOWS\system32\drivers\motccgp.sys
- 2009-12-13 06:38:51 . 2011-12-26 16:43:05 16384 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-12-13 06:38:51 . 2012-03-04 20:52:50 16384 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-12-13 06:38:51 . 2011-12-26 16:43:05 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2012-01-01 16:40:01 . 2012-03-04 20:52:50 16384 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2012-02-01 20:12:31 . 2012-02-01 20:12:31 22016 C:\WINDOWS\Installer\9de26eb.msi
+ 2010-08-03 15:43:41 . 2012-01-08 13:59:39 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-08-03 15:43:41 . 2011-05-24 20:34:37 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-10-02 14:24:23 . 2010-01-25 22:56:44 9472 C:\WINDOWS\system32\drivers\motusbdevice.sys
+ 2011-10-02 14:24:21 . 2007-11-02 18:51:30 6400 C:\WINDOWS\system32\drivers\motswch.sys
+ 2011-10-02 14:24:23 . 2009-01-29 20:11:20 6016 C:\WINDOWS\system32\drivers\motfilt.sys
+ 2011-10-02 14:24:21 . 2009-01-29 20:18:00 8320 C:\WINDOWS\system32\drivers\motccgpfl.sys
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 655872 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 655872 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 572928 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 572928 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
- 2008-07-29 07:54:08 . 2008-07-29 07:54:08 225280 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 08:54:08 . 2008-07-29 08:54:08 225280 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 12:05:06 . 2008-07-29 12:05:06 161784 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-29 13:05:06 . 2008-07-29 13:05:06 161784 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
- 2008-04-14 11:00:00 . 2011-12-26 17:55:18 444358 C:\WINDOWS\system32\perfh009.dat
+ 2008-04-14 11:00:00 . 2012-03-03 21:14:48 444358 C:\WINDOWS\system32\perfh009.dat
+ 2008-03-27 21:27:46 . 2008-03-27 21:27:46 503008 C:\WINDOWS\system32\drivers\wdf01000.sys
+ 2011-06-24 18:33:23 . 2011-12-01 21:07:06 909728 C:\WINDOWS\system32\drivers\pctEFA.sys
+ 2011-06-24 18:33:23 . 2011-12-01 21:07:06 342168 C:\WINDOWS\system32\drivers\pctDS.sys
+ 2011-06-24 18:33:10 . 2011-11-14 20:12:26 331880 C:\WINDOWS\system32\drivers\PCTCore.sys
+ 2011-06-24 18:33:10 . 2011-11-14 20:12:24 162584 C:\WINDOWS\system32\drivers\PCTAppEvent.sys
+ 2012-01-22 00:03:17 . 2012-01-22 00:05:01 325960 C:\WINDOWS\Replay Music\lua5.1.dll
+ 2012-02-29 17:42:33 . 2012-02-29 17:42:33 126976 C:\WINDOWS\assembly\GAC\Interop.SHDocVw\1.1.0.0__4b827ebe229d539f\Interop.SHDocVw.dll
+ 2012-01-24 00:55:34 . 2008-03-21 18:57:18 379184 C:\WINDOWS\$NtUninstallWdf01007$\spuninst\updspapi.dll
+ 2012-01-24 00:55:34 . 2008-03-21 18:57:18 221488 C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe
- 2008-07-29 12:05:10 . 2008-07-29 12:05:10 3783672 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05:10 . 2008-07-29 13:05:10 3783672 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05:08 . 2008-07-29 13:05:08 3768312 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
- 2008-07-29 12:05:08 . 2008-07-29 12:05:08 3768312 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2011-10-02 14:24:23 . 2008-03-27 20:49:38 1112288 C:\WINDOWS\system32\wdfcoinstaller01007.dll
+ 2012-01-22 00:03:17 . 2012-01-22 00:05:01 1360896 C:\WINDOWS\Replay Music\uninstall.exe
+ 2012-01-08 13:59:03 . 2012-01-08 13:59:03 20333568 C:\WINDOWS\Installer\179a5745.msp
-- Snapshot reset to current date --
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 08:49:38 176936]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 08:49:38 176936 ----a-w- C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5C66DD8-308B-4a4f-AF0A-3D04F25B5343}]
2009-11-07 06:07:04 297808 ----a-w- C:\WINDOWS\system32\mscoree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 08:49:38 176936]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 08:49:38 176936]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 16:08:40 2363392]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" [2006-03-30 20:45:07 313472]
"Messenger (Yahoo!)"="C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 05:18:08 6276408]
"DownloadManager"="C:\Program Files\Download Manager\DownloadManager.exe" [2012-02-29 17:42:32 654336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 11:00:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 11:00:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 11:00:00 455168]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 23:30:00 45632]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2009-11-21 02:32:14 110184]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-11-21 02:32:14 12669544]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-03 15:32:14 18085888]
"AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 12:58:34 611712]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 06:08:13 483328]
"Intuit SyncManager"="C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2010-10-19 10:58:14 1439496]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 16:44:46 248552]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\qttask.exe" [2010-11-29 21:38:18 421888]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-04-27 05:22:56 421160]
"Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 19:53:18 460872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA&inst=NwA3AC0ANAAxADkAMwA2ADMAOQA4ADkALQBGAFAAOQArADYALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAEYAOQBNADEAMABCACsAMgAtAFgATwA5ACsAMQAtAEYAOQBNADIAKwAxAC0ARABEAFQAKwA0ADkANAAwADQALQBEAEQAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEEAVAArADMALQBGADkAMABNADEAMgBBACsAMQAtAEYAOQAwAE0AMQAyAEEAQgArADEALQBVADkANQArADEALQBGADkAMABNADEAMgBBAFQAQgBOACsAMQAtAEYAVQBJACsAMgA&prod=90&ver=9.0.894" [?]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 11:00:00 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-10-19 07:25:30 128512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 18 (0x12)
"NoSMConfigurePrograms"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Intuit\\QuickBooks 2007\\QBDBMgrN.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Spotify\\spotify.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
"1947:TCP"= 1947:TCP:HASP SRM
"1947:UDP"= 1947:UDP:HASP SRM
R0 PCTCore;PCTools KDS;C:\WINDOWS\system32\drivers\PCTCore.sys [6/24/2011 1:33:10 PM 331880]
R0 pctDS;PC Tools Data Store;C:\WINDOWS\system32\drivers\pctDS.sys [6/24/2011 1:33:23 PM 342168]
R0 pctEFA;PC Tools Extended File Attributes;C:\WINDOWS\system32\drivers\pctEFA.sys [6/24/2011 1:33:23 PM 909728]
R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys [2/27/2012 4:04:45 PM 54328]
R0 TFSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys [2/27/2012 4:04:45 PM 574424]
R1 pctgntdi;pctgntdi;C:\WINDOWS\system32\drivers\pctgntdi.sys [6/24/2011 1:33:21 PM 253352]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\WINDOWS\system32\drivers\PCTSD.sys [2/27/2012 4:00:19 PM 185560]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe [6/24/2011 2:16:27 PM 546768]
R2 hasplms;HASP License Manager;C:\WINDOWS\system32\hasplms.exe -run --> C:\WINDOWS\system32\hasplms.exe -run [?]
R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [3/2/2012 11:25:16 AM 652360]
R2 MotoHelper;MotoHelper Service;C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [1/27/2011 4:13:50 PM 226624]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\system32\drivers\mbam.sys [3/2/2012 11:25:16 AM 20464]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;C:\WINDOWS\system32\drivers\nvoclock.sys [9/15/2009 2:59:28 PM 38248]
R3 pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\drivers\pcouffin.sys [2/9/2010 5:59:22 PM 47360]
R3 PCTBD;PC Tools Browser Defender Driver;C:\WINDOWS\system32\drivers\PCTBD.sys [2/27/2012 4:00:39 PM 56840]
S1 DumpDrv;Crash Dump Driver;C:\WINDOWS\system32\drivers\dumpdrv.sys [10/19/2009 2:29:36 AM 9472]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [3/19/2011 3:42:41 PM 136176]
S2 QuickBooksDB17;QuickBooksDB17;C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 --> C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46:20 AM 284016]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\WINDOWS\system32\drivers\motfilt.sys [10/2/2011 9:24:23 AM 6016]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [3/19/2011 3:42:41 PM 136176]
S3 motccgp;Motorola USB Composite Device Driver;C:\WINDOWS\system32\drivers\motccgp.sys [10/2/2011 9:24:21 AM 20352]
S3 motccgpfl;MotCcgpFlService;C:\WINDOWS\system32\drivers\motccgpfl.sys [10/2/2011 9:24:21 AM 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\WINDOWS\system32\drivers\Motousbnet.sys [10/2/2011 9:24:23 AM 23424]
S3 motusbdevice;Motorola USB Dev Driver;C:\WINDOWS\system32\drivers\motusbdevice.sys [10/2/2011 9:24:23 AM 9472]
S3 pctplsg;pctplsg;C:\WINDOWS\system32\drivers\pctplsg.sys [6/24/2011 1:33:02 PM 70536]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\PC Tools Security\pctsAuxs.exe [6/24/2011 1:32:57 PM 402336]
S3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys [2/27/2012 4:04:45 PM 35264]
S3 ThreatFire;ThreatFire;C:\Program Files\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files\PC Tools Security\TFEngine\TFService.exe service [?]
S4 QuickBooksDB20;QuickBooksDB20;C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB20 --> C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB20 [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - uphcleanhlp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 16:06:42 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
Contents of the 'Scheduled Tasks' folder
2012-03-04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34:12 . 2008-07-30 17:34:12]
2012-03-04 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-19 20:42:41 . 2011-03-19 20:42:37]
2012-03-04 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-19 20:42:41 . 2011-03-19 20:42:37]
2012-03-04 C:\WINDOWS\Tasks\MotoHelper Initial Update.job
- C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27 21:14:12 . 2011-01-27 21:14:12]
2012-02-29 C:\WINDOWS\Tasks\MotoHelper MUM.job
- C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27 21:14:12 . 2011-01-27 21:14:12]
2012-03-04 C:\WINDOWS\Tasks\MotoHelper Routing.job
- C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27 21:14:12 . 2011-01-27 21:14:12]
2012-02-29 C:\WINDOWS\Tasks\MotoHelper Update.job
- C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27 21:14:12 . 2011-01-27 21:14:12]
2012-03-04 C:\WINDOWS\Tasks\User_Feed_Synchronization-{D34A4223-3F9E-489B-8675-157936D04B47}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-10-19 07:30:57 . 2009-10-19 07:30:57]
------- Supplementary Scan -------
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com/?ilc=8&fr=mkg029
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: DhcpNameServer = 192.168.1.1
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
FF - ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wykhr570.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2086743&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - PHPNukeEN Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2086743&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20111124&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\Mozilla Firefox\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter:
jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - C:\Program Files\PC Tools Security\BDT\Firefox
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Winamp Toolbar: {0b38152b-1b20-484d-a11f-5e04a9b0661f} - %profile%\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: FreeSoundRecorder Community Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - %profile%\extensions\{32b29df0-2237-4370-9a29-37cebb730e9b}
FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
------- File Associations -------
.scr=AutoCADScriptFile
- - - - ORPHANS REMOVED - - - -
BHO-{66616350-A70C-4FF5-912E-A92B8076F6F7} - C:\Program Files\RebateRobot\RebateRobot.dll
BHO-{FA3FEDF6-1A34-4076-9F25-A26A2DE6A401} - (no file)
HKLM-Run-PCTools FGuard - C:\Program Files\PC Tools Security\BDT\FGuard.exe
SafeBoot-78916224.sys
AddRemove-{8E10A7CC-B4B4-4BF0-A75E-9F960D58AAC4}_is1 - C:\Program Files\RebateRobot\unins000.exe