Solved Virus fun - GMER won't finish

Thanks for the help. I appreciate it.
Here's the attach log:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-31.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/5/2007 3:34:56 AM
System Uptime: 10/31/2010 5:18:26 PM (0 hours ago)

Motherboard: Quanta | | 30D3
Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 | Socket S1 | 1800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 104 GiB total, 23.106 GiB free.
D: is FIXED (NTFS) - 8 GiB total, 1.752 GiB free.
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Flash Disk
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_FLASH_DISK&REV_8.07#3147928453A18069D534&0#
Manufacturer: Generic
Name: USB DISK
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_FLASH_DISK&REV_8.07#3147928453A18069D534&0#
Service: WUDFRd

==== System Restore Points ===================


==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.7
Adobe Shockwave Player 11
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Conexant HD Audio
Disney Toontown Online
ESU for Microsoft Vista
Google Chrome
Google Earth
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Active Support Library 32 bit components
HP Customer Experience Enhancements
HP DVD Play 3.2
HP Easy Setup - Frontend
HP Help and Support
HP Photosmart Essential 2.0
HP Photosmart Essential2.5
HP Quick Launch Buttons 6.20 D3
HP Total Care Advisor
HP Update
HP User Guides 0041
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
IC Capture.AS 2.0
iTunes
Java(TM) 6 Update 15
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
LG USB Modem driver
LightScribe 1.4.136.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Move Networks Media Player for Internet Explorer
MSCU for Microsoft Vista
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.0
My HP Games
Net Nanny Parental Controls
Norton AntiVirus
Norton PC Checkup
NVIDIA Drivers
Octoshape add-in for Adobe Flash Player
OGA Notifier 2.0.0048.0
Pet Vet 3D Animal Hospital
PSSWCORE
QuickTime
RegiStax Version 4
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype web features
Skype™ 4.1
Soft Data Fax Modem with SmartCP
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Veetle TV 0.9.15
VZAccess Manager
WildGames
Windows Live OneCare safety scanner
WinRAR archiver
Yahoo! Messenger
Yahoo! Toolbar
Yahoo! Toolbar for Internet Explorer

==== End Of File ===========================

Here's the TDSS log:

2010/10/31 19:11:38.0806 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49
2010/10/31 19:11:38.0806 ================================================================================
2010/10/31 19:11:38.0806 SystemInfo:
2010/10/31 19:11:38.0806
2010/10/31 19:11:38.0806 OS Version: 6.0.6002 ServicePack: 2.0
2010/10/31 19:11:38.0806 Product type: Workstation
2010/10/31 19:11:38.0806 ComputerName: OWNER-PC
2010/10/31 19:11:38.0806 UserName: Owner
2010/10/31 19:11:38.0806 Windows directory: C:\Windows
2010/10/31 19:11:38.0806 System windows directory: C:\Windows
2010/10/31 19:11:38.0806 Processor architecture: Intel x86
2010/10/31 19:11:38.0806 Number of processors: 2
2010/10/31 19:11:38.0806 Page size: 0x1000
2010/10/31 19:11:38.0806 Boot type: Normal boot
2010/10/31 19:11:38.0806 ================================================================================
2010/10/31 19:11:39.0726 Initialize success
2010/10/31 19:11:53.0470 ================================================================================
2010/10/31 19:11:53.0470 Scan started
2010/10/31 19:11:53.0470 Mode: Manual;
2010/10/31 19:11:53.0470 ================================================================================
2010/10/31 19:11:55.0061 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/10/31 19:11:55.0108 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2010/10/31 19:11:55.0170 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2010/10/31 19:11:55.0217 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2010/10/31 19:11:55.0264 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2010/10/31 19:11:55.0358 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/10/31 19:11:55.0436 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2010/10/31 19:11:55.0514 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/10/31 19:11:55.0560 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2010/10/31 19:11:55.0623 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2010/10/31 19:11:55.0685 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2010/10/31 19:11:55.0748 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2010/10/31 19:11:55.0810 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2010/10/31 19:11:55.0950 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2010/10/31 19:11:56.0013 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2010/10/31 19:11:56.0091 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/10/31 19:11:56.0138 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/10/31 19:11:56.0278 BCM43XV (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/10/31 19:11:56.0356 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/10/31 19:11:56.0418 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/10/31 19:11:56.0652 BHDrvx86 (5138da8715da5f9823b753b6cb36a9a9) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys
2010/10/31 19:11:56.0855 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/10/31 19:11:56.0902 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/10/31 19:11:56.0949 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/10/31 19:11:56.0996 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/10/31 19:11:57.0058 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/10/31 19:11:57.0120 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/10/31 19:11:57.0167 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/10/31 19:11:57.0245 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/10/31 19:11:57.0354 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/10/31 19:11:57.0401 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/10/31 19:11:57.0448 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2010/10/31 19:11:57.0495 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/10/31 19:11:57.0604 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/10/31 19:11:57.0651 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2010/10/31 19:11:57.0760 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/10/31 19:11:57.0791 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2010/10/31 19:11:57.0838 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2010/10/31 19:11:57.0947 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/10/31 19:11:58.0088 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/10/31 19:11:58.0212 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/10/31 19:11:58.0290 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/10/31 19:11:58.0431 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
2010/10/31 19:11:58.0540 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/10/31 19:11:58.0618 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
2010/10/31 19:11:58.0727 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/10/31 19:11:58.0868 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/10/31 19:11:59.0039 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2010/10/31 19:11:59.0195 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/10/31 19:11:59.0414 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/10/31 19:11:59.0538 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/10/31 19:11:59.0694 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2010/10/31 19:11:59.0772 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/10/31 19:11:59.0866 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/10/31 19:11:59.0928 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/10/31 19:11:59.0991 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/10/31 19:12:00.0116 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/10/31 19:12:00.0178 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2010/10/31 19:12:00.0256 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/10/31 19:12:00.0412 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
2010/10/31 19:12:00.0490 HdAudAddService (07eee11d6e2b78122e17db3878b4c687) C:\Windows\system32\drivers\CHDART.sys
2010/10/31 19:12:00.0552 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/10/31 19:12:00.0599 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/10/31 19:12:00.0630 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/10/31 19:12:00.0677 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2010/10/31 19:12:00.0771 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2010/10/31 19:12:00.0833 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2010/10/31 19:12:00.0911 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2010/10/31 19:12:00.0989 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2010/10/31 19:12:01.0052 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/10/31 19:12:01.0114 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2010/10/31 19:12:01.0176 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/10/31 19:12:01.0270 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/10/31 19:12:01.0364 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2010/10/31 19:12:01.0598 IDSVix86 (ee90168d5578359fe9a295b8611330c0) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101028.001\IDSvix86.sys
2010/10/31 19:12:01.0722 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/10/31 19:12:01.0785 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2010/10/31 19:12:01.0832 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2010/10/31 19:12:01.0910 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/10/31 19:12:02.0003 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2010/10/31 19:12:02.0081 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/10/31 19:12:02.0144 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/10/31 19:12:02.0206 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2010/10/31 19:12:02.0253 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/10/31 19:12:02.0284 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/10/31 19:12:02.0331 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/10/31 19:12:02.0409 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/10/31 19:12:02.0456 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/10/31 19:12:02.0534 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/10/31 19:12:02.0674 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/10/31 19:12:02.0768 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2010/10/31 19:12:02.0861 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2010/10/31 19:12:02.0924 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2010/10/31 19:12:02.0986 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/10/31 19:12:03.0048 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2010/10/31 19:12:03.0111 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2010/10/31 19:12:03.0173 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/10/31 19:12:03.0282 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/10/31 19:12:03.0314 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/10/31 19:12:03.0376 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2010/10/31 19:12:03.0423 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/10/31 19:12:03.0470 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2010/10/31 19:12:03.0516 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/10/31 19:12:03.0626 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/10/31 19:12:03.0688 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/10/31 19:12:03.0766 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/10/31 19:12:03.0813 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/10/31 19:12:03.0891 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/10/31 19:12:03.0938 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2010/10/31 19:12:04.0016 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2010/10/31 19:12:04.0078 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/10/31 19:12:04.0218 MSHUSBVideo (29e0ec2a9dc4c7913657a51dfff97856) C:\Windows\system32\Drivers\nx6000.sys
2010/10/31 19:12:04.0296 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/10/31 19:12:04.0374 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/10/31 19:12:04.0421 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/10/31 19:12:04.0468 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/10/31 19:12:04.0515 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/10/31 19:12:04.0577 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/10/31 19:12:04.0640 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/10/31 19:12:04.0702 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/10/31 19:12:04.0764 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/10/31 19:12:04.0983 NAVENG (49d802531e5984cf1fe028c6c129b9d8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVENG.SYS
2010/10/31 19:12:05.0139 NAVEX15 (158676a5758c1fa519563b3e72fbf256) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVEX15.SYS
2010/10/31 19:12:05.0466 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/10/31 19:12:05.0544 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/10/31 19:12:05.0576 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/10/31 19:12:05.0638 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/10/31 19:12:05.0669 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/10/31 19:12:05.0716 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/10/31 19:12:05.0778 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/10/31 19:12:05.0872 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/10/31 19:12:05.0950 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/10/31 19:12:06.0012 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/10/31 19:12:06.0122 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/10/31 19:12:06.0231 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/10/31 19:12:06.0278 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/10/31 19:12:06.0340 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
2010/10/31 19:12:06.0590 nvlddmkm (446864078dbe3059587954cb2d858a9b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/10/31 19:12:06.0808 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2010/10/31 19:12:06.0870 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
2010/10/31 19:12:06.0917 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2010/10/31 19:12:06.0980 nvstor32 (4c93d50bca15b3bfcab07306b258b248) C:\Windows\system32\DRIVERS\nvstor32.sys
2010/10/31 19:12:07.0011 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2010/10/31 19:12:07.0182 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2010/10/31 19:12:07.0260 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/10/31 19:12:07.0307 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/10/31 19:12:07.0338 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/10/31 19:12:07.0416 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/10/31 19:12:07.0463 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2010/10/31 19:12:07.0526 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/10/31 19:12:07.0604 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/10/31 19:12:07.0806 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/10/31 19:12:07.0869 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2010/10/31 19:12:07.0962 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/10/31 19:12:08.0025 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
2010/10/31 19:12:08.0103 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2010/10/31 19:12:08.0181 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/10/31 19:12:08.0243 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/10/31 19:12:08.0274 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/10/31 19:12:08.0337 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/10/31 19:12:08.0415 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/10/31 19:12:08.0462 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/10/31 19:12:08.0508 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/10/31 19:12:08.0586 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/10/31 19:12:08.0649 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2010/10/31 19:12:08.0711 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/10/31 19:12:08.0774 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/10/31 19:12:08.0914 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/10/31 19:12:08.0992 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/10/31 19:12:09.0086 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/10/31 19:12:09.0132 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/10/31 19:12:09.0195 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/10/31 19:12:09.0257 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/10/31 19:12:09.0335 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2010/10/31 19:12:09.0366 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2010/10/31 19:12:09.0413 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2010/10/31 19:12:09.0460 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/10/31 19:12:09.0522 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2010/10/31 19:12:09.0569 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2010/10/31 19:12:09.0632 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2010/10/31 19:12:09.0710 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/10/31 19:12:09.0788 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
2010/10/31 19:12:09.0850 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/10/31 19:12:09.0959 SRTSP (d0ab8e989935d895f1bed8f607fa0948) C:\Windows\system32\drivers\NAV\1201000.025\SRTSP.SYS
2010/10/31 19:12:10.0022 SRTSPX (fae9f5558a1f53670e579f9ffb4a67cc) C:\Windows\system32\drivers\NAV\1201000.025\SRTSPX.SYS
2010/10/31 19:12:10.0100 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2010/10/31 19:12:10.0162 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2010/10/31 19:12:10.0224 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2010/10/31 19:12:10.0318 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/10/31 19:12:10.0365 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/10/31 19:12:10.0443 SymDS (67e83f8c7e80dc898a1d73b38412ba7a) C:\Windows\system32\drivers\NAV\1201000.025\SYMDS.SYS
2010/10/31 19:12:10.0505 SymEFA (3986a8de371e985ba6c82eb8da3b1e98) C:\Windows\system32\drivers\NAV\1201000.025\SYMEFA.SYS
2010/10/31 19:12:10.0552 SymEvent (5c76a63fac8a5580c5a1c4a4ed827782) C:\Windows\system32\Drivers\SYMEVENT.SYS
2010/10/31 19:12:10.0614 SymIRON (8ae632773b5192dce48f4ec8de753863) C:\Windows\system32\drivers\NAV\1201000.025\Ironx86.SYS
2010/10/31 19:12:10.0646 SYMTDIv (a5fb04f87a9cc3ea6b839fefd6790419) C:\Windows\system32\drivers\NAV\1201000.025\SYMTDIV.SYS
2010/10/31 19:12:10.0708 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/10/31 19:12:10.0739 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/10/31 19:12:10.0802 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys
2010/10/31 19:12:10.0911 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/10/31 19:12:11.0004 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/10/31 19:12:11.0051 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/10/31 19:12:11.0098 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/10/31 19:12:11.0160 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/10/31 19:12:11.0223 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/10/31 19:12:11.0270 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/10/31 19:12:11.0363 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/10/31 19:12:11.0457 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/10/31 19:12:11.0504 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/10/31 19:12:11.0582 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2010/10/31 19:12:11.0660 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/10/31 19:12:11.0722 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2010/10/31 19:12:11.0784 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2010/10/31 19:12:11.0816 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/10/31 19:12:11.0862 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/10/31 19:12:11.0909 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/10/31 19:12:11.0987 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\Windows\system32\Drivers\usbaapl.sys
2010/10/31 19:12:12.0034 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2010/10/31 19:12:12.0096 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
2010/10/31 19:12:12.0143 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/10/31 19:12:12.0221 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/10/31 19:12:12.0284 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2010/10/31 19:12:12.0330 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/10/31 19:12:12.0393 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/10/31 19:12:12.0486 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2010/10/31 19:12:12.0518 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2010/10/31 19:12:12.0580 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/10/31 19:12:12.0627 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/10/31 19:12:12.0674 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/10/31 19:12:12.0736 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2010/10/31 19:12:12.0783 UVC (ca73b0bdea552ff66477beacd73363de) C:\Windows\system32\drivers\tis_uvc_10015.sys
2010/10/31 19:12:12.0876 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/10/31 19:12:12.0954 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/10/31 19:12:12.0986 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2010/10/31 19:12:13.0017 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2010/10/31 19:12:13.0048 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2010/10/31 19:12:13.0095 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/10/31 19:12:13.0157 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/10/31 19:12:13.0235 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/10/31 19:12:13.0282 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2010/10/31 19:12:13.0360 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/10/31 19:12:13.0422 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/31 19:12:13.0438 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/31 19:12:13.0485 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2010/10/31 19:12:13.0547 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/10/31 19:12:13.0719 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2010/10/31 19:12:13.0890 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/10/31 19:12:14.0000 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/10/31 19:12:14.0078 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/10/31 19:12:14.0171 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2010/10/31 19:12:14.0265 ================================================================================
2010/10/31 19:12:14.0265 Scan finished
2010/10/31 19:12:14.0265 ================================================================================

Here's the MBRCheck log. I hit "n" when I was done, but it said it found something:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Presario F700 (GR967UA#ABA)
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 160):
0x81C0A000 \SystemRoot\system32\ntkrnlpa.exe
0x81FC3000 \SystemRoot\system32\hal.dll
0x8060C000 \SystemRoot\system32\kdcom.dll
0x80613000 \SystemRoot\system32\PSHED.dll
0x80624000 \SystemRoot\system32\BOOTVID.dll
0x8062C000 \SystemRoot\system32\CLFS.SYS
0x8066D000 \SystemRoot\system32\CI.dll
0x8074D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x807C9000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8220F000 \SystemRoot\system32\drivers\acpi.sys
0x82255000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8225E000 \SystemRoot\system32\drivers\msisadrv.sys
0x82266000 \SystemRoot\system32\drivers\pci.sys
0x8228D000 \SystemRoot\System32\drivers\partmgr.sys
0x8229C000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8229F000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x822A9000 \SystemRoot\system32\drivers\volmgr.sys
0x822B8000 \SystemRoot\System32\drivers\volmgrx.sys
0x82302000 \SystemRoot\system32\drivers\pciide.sys
0x82309000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x82317000 \SystemRoot\System32\drivers\mountmgr.sys
0x82327000 \SystemRoot\system32\drivers\atapi.sys
0x8232F000 \SystemRoot\system32\drivers\ataport.SYS
0x8234D000 \SystemRoot\system32\DRIVERS\nvstor32.sys
0x82367000 \SystemRoot\system32\DRIVERS\storport.sys
0x823A8000 \SystemRoot\system32\drivers\fltmgr.sys
0x85E00000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMDS.SYS
0x85E57000 \SystemRoot\system32\drivers\fileinfo.sys
0x85E67000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMEFA.SYS
0x85F10000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x85F19000 \SystemRoot\System32\Drivers\ksecdd.sys
0x86003000 \SystemRoot\system32\drivers\ndis.sys
0x8610E000 \SystemRoot\system32\drivers\msrpc.sys
0x86139000 \SystemRoot\system32\drivers\NETIO.SYS
0x86204000 \SystemRoot\System32\drivers\tcpip.sys
0x862EE000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8640B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8651B000 \SystemRoot\system32\drivers\volsnap.sys
0x86554000 \SystemRoot\System32\Drivers\spldr.sys
0x8655C000 \SystemRoot\System32\Drivers\mup.sys
0x8656B000 \SystemRoot\System32\drivers\ecache.sys
0x86592000 \SystemRoot\system32\drivers\disk.sys
0x865A3000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x865C4000 \SystemRoot\system32\drivers\crcdisk.sys
0x86400000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x86309000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x86312000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x86322000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x86326000 \SystemRoot\system32\DRIVERS\cpqbttn.sys
0x86329000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x86339000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x86340000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x86349000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8AC0E000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8B051000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8B0F2000 \SystemRoot\System32\drivers\watchdog.sys
0x8B0FE000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0x8B101000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8B10B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B149000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8B158000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B170000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8B209000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8B296000 \SystemRoot\system32\DRIVERS\nvm60x32.sys
0x8B358000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8B36B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8B376000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8B3A1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8B3A3000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8B3AE000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8B3DD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8B3E8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8B176000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8B181000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8B1A4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8B1B3000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8B1C7000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8B1DC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8B200000 \SystemRoot\system32\DRIVERS\swenum.sys
0x863CF000 \SystemRoot\system32\DRIVERS\ks.sys
0x8B1EC000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8AC00000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8B1F6000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x86174000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x861A9000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x861BA000 \SystemRoot\system32\drivers\CHDART.sys
0x85F8A000 \SystemRoot\system32\drivers\portcls.sys
0x85FB7000 \SystemRoot\system32\drivers\drmk.sys
0x8CE02000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8CE3F000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8CF42000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x861E6000 \SystemRoot\system32\drivers\modem.sys
0x8CFF6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8B202000 \SystemRoot\System32\Drivers\Null.SYS
0x863F9000 \SystemRoot\System32\Drivers\Beep.SYS
0x861F3000 \SystemRoot\System32\drivers\vga.sys
0x85FDC000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x823DA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x823E2000 \SystemRoot\system32\drivers\rdpencdd.sys
0x823EA000 \SystemRoot\System32\Drivers\Msfs.SYS
0x82200000 \SystemRoot\System32\Drivers\Npfs.SYS
0x823F5000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x807D6000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8F60A000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMTDIV.SYS
0x8F662000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x8F688000 \SystemRoot\system32\DRIVERS\smb.sys
0x8F69C000 \SystemRoot\system32\drivers\afd.sys
0x8F6E4000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8F716000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x8F71F000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8F735000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8F743000 \SystemRoot\system32\DRIVERS\eabfiltr.sys
0x8F745000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8F758000 \SystemRoot\system32\drivers\NAV\1201000.025\Ironx86.SYS
0x8F77B000 \SystemRoot\system32\drivers\NAV\1201000.025\SRTSPX.SYS
0x8F786000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8F7C2000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8FA02000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101028.001\IDSvix86.sys
0x8FA5D000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8FABB000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x8FAD8000 \SystemRoot\System32\Drivers\dfsc.sys
0x8FAEF000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys
0x8FB9B000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8FBA8000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x8FBB2000 \SystemRoot\System32\Drivers\dump_nvstor32.sys
0x81630000 \SystemRoot\System32\win32k.sys
0x8FBCC000 \SystemRoot\System32\drivers\Dxapi.sys
0x8FBD6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x81850000 \SystemRoot\System32\TSDDD.dll
0x81870000 \SystemRoot\System32\cdd.dll
0x8FBE5000 \SystemRoot\system32\drivers\luafv.sys
0x9D801000 \SystemRoot\system32\drivers\spsys.sys
0x9D8B1000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9D8C1000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9D8EB000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9D8F5000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9D908000 \SystemRoot\system32\drivers\HTTP.sys
0x9D975000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9D992000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9D9AB000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9D9C0000 \SystemRoot\system32\drivers\mrxdav.sys
0x9D9E1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9C005000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9C03E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9C056000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9C07E000 \SystemRoot\System32\DRIVERS\srv.sys
0x9C0CC000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x9C0D0000 \SystemRoot\system32\drivers\peauth.sys
0x9C1AE000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9C1B8000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9C1C4000 \SystemRoot\system32\DRIVERS\xaudio.sys
0x9C1CC000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x8F7D4000 \SystemRoot\System32\Drivers\fastfat.SYS
0x9C1E2000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x9C1F7000 \??\C:\Users\Owner\AppData\Local\Temp\mbr.sys
0xB4003000 \SystemRoot\system32\drivers\NAV\1201000.025\SRTSP.SYS
0xB4084000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVEX15.SYS
0xB41D2000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVENG.SYS
0xB41E6000 \SystemRoot\system32\drivers\klmd.sys
0x76E60000 \Windows\System32\ntdll.dll

Processes (total 69):
0 System Idle Process
4 System
392 C:\Windows\System32\smss.exe
460 csrss.exe
512 C:\Windows\System32\wininit.exe
520 csrss.exe
556 C:\Windows\System32\services.exe
572 C:\Windows\System32\lsass.exe
584 C:\Windows\System32\lsm.exe
652 C:\Windows\System32\winlogon.exe
756 C:\Windows\System32\svchost.exe
816 C:\Windows\System32\svchost.exe
960 C:\Windows\System32\svchost.exe
988 C:\Windows\System32\svchost.exe
1012 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\audiodg.exe
1124 C:\Windows\System32\svchost.exe
1144 C:\Windows\System32\SLsvc.exe
1176 C:\Windows\System32\svchost.exe
1352 C:\Windows\System32\svchost.exe
1624 C:\Windows\System32\dwm.exe
1636 C:\Windows\explorer.exe
1680 C:\Windows\System32\taskeng.exe
1764 C:\Windows\System32\spoolsv.exe
1832 C:\Windows\System32\svchost.exe
1876 C:\Windows\System32\taskeng.exe
1920 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
1164 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1332 C:\Program Files\Bonjour\mDNSResponder.exe
1384 C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
1800 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
1512 C:\Program Files\Microsoft LifeCam\MSCamS32.exe
808 C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
1092 C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
2104 C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
2132 C:\Windows\System32\svchost.exe
2164 C:\Windows\System32\svchost.exe
2200 C:\Windows\System32\svchost.exe
2260 C:\Windows\System32\drivers\XAudio.exe
2344 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
2684 C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
2696 WmiPrvSE.exe
2780 C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
2976 dllhost.exe
3040 unsecapp.exe
3208 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
3224 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3340 C:\Program Files\Java\jre6\bin\jusched.exe
3364 C:\Program Files\ContentWatch\Internet Protection\cwtray.exe
3384 C:\Program Files\iTunes\iTunesHelper.exe
3420 C:\Windows\ehome\ehtray.exe
3564 WmiPrvSE.exe
3604 C:\Windows\System32\rundll32.exe
3844 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
3928 C:\Windows\ehome\ehmsas.exe
3156 C:\Program Files\Windows Media Player\wmpnscfg.exe
2032 C:\Program Files\Windows Media Player\wmpnetwk.exe
3264 C:\Program Files\iPod\bin\iPodService.exe
4016 C:\Program Files\Internet Explorer\iexplore.exe
3912 C:\Program Files\Internet Explorer\iexplore.exe
1852 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
4048 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
4384 C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
5696 C:\Program Files\Internet Explorer\iexplore.exe
1076 C:\Windows\System32\notepad.exe
5980 C:\Users\Owner\Documents\TDSSKiller.exe
5832 C:\Windows\System32\notepad.exe
6020 dllhost.exe
5816 C:\Users\Owner\Documents\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000019`eb3ebc00 (NTFS)

PhysicalDrive0 Model Number: ST9120822AS, Rev: 3.BH

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: D94F393960D1CD66C2071F2D7260A5196DF105AC


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

Your MBR seems to be infected.

Please download NTBR by noahdfear and save it to your Desktop.
File size: 2.44 MB (2,565,432 bytes)

• Place a blank CD in your CD drive.
• Double click on NTBR_CD.exe file and a folder of the same name will appear.
• Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.
• Follow the prompts to burn the CD.

• Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
• If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.

• Insert the newly created CD into your infected PC and reboot your computer.
• Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!
• Read the warning and then continue as prompted.
• You first need to select your keyboard layout - press Enter for English.
• Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK
• On the following screen enter 5 to select Install Standard MBR code.
• Enter 1 to overwrite the infected MBR Code with the Standard MBR code.
• When asked to confirm please do so.
• Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.
• Eject the disc and then press ctrl+alt+del to reboot the PC.

Once rebooted, run MBRCheck again and post its log.

Well that was interesting. I think I did it correctly. When the computer starts up, there's still a warning that pops up that it is blocking some startup programs. I don't know if that's related, but I don't remember it doing that before these problems cropped up.

Here's the MBR log:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Presario F700 (GR967UA#ABA)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 156):
0x81C4D000 \SystemRoot\system32\ntkrnlpa.exe
0x81C1A000 \SystemRoot\system32\hal.dll
0x80405000 \SystemRoot\system32\kdcom.dll
0x8040C000 \SystemRoot\system32\PSHED.dll
0x8041D000 \SystemRoot\system32\BOOTVID.dll
0x80425000 \SystemRoot\system32\CLFS.SYS
0x80466000 \SystemRoot\system32\CI.dll
0x80546000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805C2000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8060C000 \SystemRoot\system32\drivers\acpi.sys
0x80652000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8065B000 \SystemRoot\system32\drivers\msisadrv.sys
0x80663000 \SystemRoot\system32\drivers\pci.sys
0x8068A000 \SystemRoot\System32\drivers\partmgr.sys
0x80699000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8069C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x806A6000 \SystemRoot\system32\drivers\volmgr.sys
0x806B5000 \SystemRoot\System32\drivers\volmgrx.sys
0x806FF000 \SystemRoot\system32\drivers\pciide.sys
0x80706000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x80714000 \SystemRoot\System32\drivers\mountmgr.sys
0x80724000 \SystemRoot\system32\drivers\atapi.sys
0x8072C000 \SystemRoot\system32\drivers\ataport.SYS
0x8074A000 \SystemRoot\system32\DRIVERS\nvstor32.sys
0x80764000 \SystemRoot\system32\DRIVERS\storport.sys
0x807A5000 \SystemRoot\system32\drivers\fltmgr.sys
0x82209000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMDS.SYS
0x82260000 \SystemRoot\system32\drivers\fileinfo.sys
0x82270000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMEFA.SYS
0x82319000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x82322000 \SystemRoot\System32\Drivers\ksecdd.sys
0x85E00000 \SystemRoot\system32\drivers\ndis.sys
0x85F0B000 \SystemRoot\system32\drivers\msrpc.sys
0x85F36000 \SystemRoot\system32\drivers\NETIO.SYS
0x8600B000 \SystemRoot\System32\drivers\tcpip.sys
0x860F5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x86208000 \SystemRoot\System32\Drivers\Ntfs.sys
0x86318000 \SystemRoot\system32\drivers\volsnap.sys
0x86351000 \SystemRoot\System32\Drivers\spldr.sys
0x86359000 \SystemRoot\System32\Drivers\mup.sys
0x86368000 \SystemRoot\System32\drivers\ecache.sys
0x8638F000 \SystemRoot\system32\drivers\disk.sys
0x863A0000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x863C1000 \SystemRoot\system32\drivers\crcdisk.sys
0x86110000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8611B000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x86124000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x863FB000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x86200000 \SystemRoot\system32\DRIVERS\cpqbttn.sys
0x86134000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x86144000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8614B000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x86154000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x89E08000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8A24B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8A2EC000 \SystemRoot\System32\drivers\watchdog.sys
0x8A2F8000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0x8A2FB000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8A305000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8A343000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8A352000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8A36A000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8A370000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8AE0A000 \SystemRoot\system32\DRIVERS\nvm60x32.sys
0x8AECC000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8AEDF000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8AEEA000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8AF15000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8AF17000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8AF22000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8AF51000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8AF5C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8AF73000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8AF7E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8AFA1000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8AFB0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8AFC4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8AFD9000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8AFE9000 \SystemRoot\system32\DRIVERS\swenum.sys
0x85F71000 \SystemRoot\system32\DRIVERS\ks.sys
0x8AFEB000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x861DA000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8AFF5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x85F9B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x861E7000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x85FD0000 \SystemRoot\system32\drivers\CHDART.sys
0x82393000 \SystemRoot\system32\drivers\portcls.sys
0x823C0000 \SystemRoot\system32\drivers\drmk.sys
0x8C605000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8C642000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8C745000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x823E5000 \SystemRoot\system32\drivers\modem.sys
0x8AE00000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8C7F9000 \SystemRoot\System32\Drivers\Null.SYS
0x89E00000 \SystemRoot\System32\Drivers\Beep.SYS
0x823F2000 \SystemRoot\System32\drivers\vga.sys
0x807D7000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x861F8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x86000000 \SystemRoot\system32\drivers\rdpencdd.sys
0x80600000 \SystemRoot\System32\Drivers\Msfs.SYS
0x805CF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x82200000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x805DD000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8EA06000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMTDIV.SYS
0x8EA5E000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x8EA84000 \SystemRoot\system32\DRIVERS\smb.sys
0x8EA98000 \SystemRoot\system32\drivers\afd.sys
0x8EAE0000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8EB12000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x8EB1B000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8EB31000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8EB3F000 \SystemRoot\system32\DRIVERS\eabfiltr.sys
0x8EB41000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8EB54000 \SystemRoot\system32\drivers\NAV\1201000.025\Ironx86.SYS
0x8EB77000 \SystemRoot\system32\drivers\NAV\1201000.025\SRTSPX.SYS
0x8EB82000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8EBBE000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8EE0A000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101028.001\IDSvix86.sys
0x8EE65000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8EEC3000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x8EEE0000 \SystemRoot\System32\Drivers\dfsc.sys
0x8EEF7000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys
0x8EFA3000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8EFB0000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x8EFBA000 \SystemRoot\System32\Drivers\dump_nvstor32.sys
0x81690000 \SystemRoot\System32\win32k.sys
0x8EFD4000 \SystemRoot\System32\drivers\Dxapi.sys
0x8EFDE000 \SystemRoot\system32\DRIVERS\monitor.sys
0x818B0000 \SystemRoot\System32\TSDDD.dll
0x818D0000 \SystemRoot\System32\cdd.dll
0x8EBC8000 \SystemRoot\system32\drivers\luafv.sys
0x9D40C000 \SystemRoot\system32\drivers\spsys.sys
0x9D4BC000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9D4CC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9D4F6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9D500000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9D513000 \SystemRoot\system32\drivers\HTTP.sys
0x9D580000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9D59D000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9D5B6000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9D5CB000 \SystemRoot\system32\drivers\mrxdav.sys
0x863CA000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9EC0A000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9EC43000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9EC5B000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9EC83000 \SystemRoot\System32\DRIVERS\srv.sys
0x9ECD1000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x9ECD5000 \SystemRoot\system32\drivers\peauth.sys
0x9EDB3000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9EDBD000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9EDC9000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xA120F000 \SystemRoot\system32\drivers\NAV\1201000.025\SRTSP.SYS
0xA1290000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVEX15.SYS
0xA13DE000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVENG.SYS
0x9EDD1000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77300000 \Windows\System32\ntdll.dll

Processes (total 63):
0 System Idle Process
4 System
392 C:\Windows\System32\smss.exe
516 csrss.exe
568 C:\Windows\System32\wininit.exe
576 csrss.exe
612 C:\Windows\System32\services.exe
628 C:\Windows\System32\lsass.exe
636 C:\Windows\System32\lsm.exe
680 C:\Windows\System32\winlogon.exe
840 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\svchost.exe
1072 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1192 C:\Windows\System32\audiodg.exe
1216 C:\Windows\System32\svchost.exe
1236 C:\Windows\System32\SLsvc.exe
1264 C:\Windows\System32\svchost.exe
1428 C:\Windows\System32\svchost.exe
1752 C:\Windows\System32\dwm.exe
1760 C:\Windows\System32\spoolsv.exe
1796 C:\Windows\explorer.exe
1804 C:\Windows\System32\taskeng.exe
1820 C:\Windows\System32\svchost.exe
1956 C:\Windows\System32\taskeng.exe
560 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
384 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
1008 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1948 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1920 C:\Program Files\Bonjour\mDNSResponder.exe
1568 C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
1600 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
1484 C:\Program Files\Microsoft LifeCam\MSCamS32.exe
900 C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
2116 C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
2216 C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
2256 C:\Windows\System32\svchost.exe
2292 C:\Windows\System32\svchost.exe
2328 C:\Windows\System32\svchost.exe
2372 C:\Windows\System32\drivers\XAudio.exe
2564 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
2744 C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
2820 WmiPrvSE.exe
2880 C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
3224 dllhost.exe
3344 C:\Program Files\Java\jre6\bin\jusched.exe
3376 C:\Program Files\ContentWatch\Internet Protection\cwtray.exe
3464 unsecapp.exe
3488 C:\Program Files\iTunes\iTunesHelper.exe
3816 WmiPrvSE.exe
3860 C:\Windows\ehome\ehtray.exe
1992 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
1000 C:\Windows\System32\rundll32.exe
876 C:\Windows\ehome\ehmsas.exe
3592 C:\Program Files\Windows Media Player\wmpnscfg.exe
2032 C:\Program Files\Windows Media Player\wmpnetwk.exe
2012 C:\Program Files\iPod\bin\iPodService.exe
3308 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
2300 C:\Program Files\Internet Explorer\iexplore.exe
3720 C:\Program Files\Internet Explorer\iexplore.exe
868 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
2900 C:\Users\Owner\Documents\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000019`eb3ebc00 (NTFS)

PhysicalDrive0 Model Number: ST9120822AS, Rev: 3.BH

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

Good job

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   NOTE1. If Combofix asks you to install Recovery Console, please allow it.
   NOTE 2. If Combofix asks you to update the program, always do so.
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Here's the combofix log:

ComboFix 10-10-31.01 - Owner 10/31/2010 20:32:13.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.958.287 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif
c:\users\Owner\videos\VirtualDub.exe

----- BITS: Possible infected sites -----

hxxp://buy-download.norton.com
.
((((((((((((((((((((((((( Files Created from 2010-10-01 to 2010-11-01 )))))))))))))))))))))))))))))))
.

2010-11-01 02:44 . 2010-11-01 02:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-30 01:46 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEA8D609-6BEB-418E-B289-0C55FDD064D7}\mpengine.dll
2010-10-27 23:43 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 23:43 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 23:43 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-22 22:42 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-22 22:42 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-22 22:41 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-22 22:41 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-22 22:41 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-22 22:41 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-22 22:41 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-22 22:38 . 2010-09-08 05:56 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-10-22 22:38 . 2010-09-08 05:56 197632 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2010-10-22 22:38 . 2010-09-08 05:56 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-10-22 22:38 . 2010-09-08 04:25 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-22 22:34 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-22 22:34 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-22 22:34 . 2010-08-31 13:27 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-22 22:34 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-22 22:34 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-22 22:34 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-10 17:13 . 2010-10-10 17:13 -------- d-----w- c:\programdata\McAfee

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 17:41 . 2009-10-03 13:53 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-08-26 16:33 . 2010-10-27 23:43 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 23:43 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-27 23:43 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 23:43 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-17 14:11 . 2010-09-15 15:22 128000 ----a-w- c:\windows\system32\spoolsv.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Google Update"="c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-09-20 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-26 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-26 7770112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-26 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"cwcptray"="c:\program files\ContentWatch\Internet Protection\cwtray.exe" [2010-07-03 353600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-26 142120]
"CWPhoenixApp"="c:\program files\ContentWatch\Internet Protection\Updater\Phoenix.exe" [2010-07-03 2069824]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-04-15 20:42 70912 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-17 06:11 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2007-03-20 22:23 1773568 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-03-06 18:28 180224 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-03-29 00:45 176128 ----a-w- c:\program files\Hp\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-04-30 07:06 77824 ----a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-01-13 03:36 827392 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate1ca89b86dfdccc8;Google Update Service (gupdate1ca89b86dfdccc8);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 133104]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2009-07-24 30560]
R3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [2009-03-21 32408]
R3 UVC;UVC;c:\windows\system32\drivers\tis_uvc_10015.sys [2007-11-13 43776]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1201000.025\SYMDS.SYS [2010-06-13 339504]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1201000.025\SYMEFA.SYS [2010-07-29 666672]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [2010-08-31 692272]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101028.001\IDSvix86.sys [2010-10-19 353840]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1201000.025\Ironx86.SYS [2010-06-27 134704]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\NAV\1201000.025\SYMTDIV.SYS [2010-07-13 331312]
S2 CwAltaService20;ContentWatch;c:\program files\ContentWatch\Internet Protection\cwsvc.exe [2010-10-22 2100544]
S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe [2010-07-23 126904]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe [2009-12-04 103280]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe [2009-08-24 126392]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-30 102448]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-11-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-27 15:06]

2010-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 01:27]

2010-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-31 01:27]

2010-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4001749147-688493758-2348254775-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-27 23:03]

2010-11-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4001749147-688493758-2348254775-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-27 23:03]

2010-10-10 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-04-30 21:23]

2010-11-01 c:\windows\Tasks\User_Feed_Synchronization-{0292EF70-F177-4E15-8028-F4A865A0A14B}.job
- c:\windows\system32\msfeedssync.exe [2010-10-22 04:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.erieskies.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=PRESARIO&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
LSP: c:\windows\system32\cwalsp.dll
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-IS CfgWiz - c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Owner\AppData\Roaming\Macromedia\Flash Player\



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-31 20:44
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.1.0.37\diMaster.dll\" /prefetch:1"
--

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-10-31 20:49:25
ComboFix-quarantined-files.txt 2010-11-01 02:49

Pre-Run: 24,659,828,736 bytes free
Post-Run: 30,495,744,000 bytes free

- - End Of File - - 47ED66C6934965DE5947B1416B2A6F8D

It looks pretty decent now

How is computer doing at the moment?

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Here's the extras log:

OTL Extras logfile created on: 10/31/2010 9:58:26 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 329.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.68 Gb Total Space | 29.16 Gb Free Space | 28.13% Space Free | Partition Type: NTFS
Drive D: | 8.11 Gb Total Space | 1.75 Gb Free Space | 21.60% Space Free | Partition Type: NTFS
Drive F: | 1004.20 Mb Total Space | 973.66 Mb Free Space | 96.96% Space Free | Partition Type: FAT

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E80CD7-01FF-4548-AD1A-3CFC2EB52130}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{081E2D02-3273-4583-94A1-69D4498CA3EC}" = lport=139 | protocol=6 | dir=in | app=system |
"{11AB49F0-AE19-4BD0-87C9-8BF75C698D7D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{20421B76-BF9B-4DF6-BDC5-E3C9064CA942}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C7B1628-991F-48B6-91DA-B868708CE0FC}" = lport=445 | protocol=6 | dir=in | app=system |
"{51A5B775-AF4C-4728-BA4B-50E4B987FC06}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57636780-20B6-4C6F-99CF-08670F5BBDFE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C82729B-2158-4142-9F30-A9B7D9279BD8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7B1103BD-8728-4CDF-984C-18E40C85EC93}" = rport=139 | protocol=6 | dir=out | app=system |
"{93273F8F-351F-477E-9702-D990660884D5}" = lport=137 | protocol=17 | dir=in | app=system |
"{985194DC-48F4-4C4E-A572-EA79AF6886E8}" = rport=445 | protocol=6 | dir=out | app=system |
"{A131CEB1-B773-45E4-99C0-1E62F13C09AE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2D838D8-A513-4A14-8004-03370D472E4C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2333BB0-D35F-409A-8FEB-1C22129B3239}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C508C725-EC67-4CE9-B9B7-BA4B2D5F7A95}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E0B46E36-7498-41CE-88FF-5FDB66E604CC}" = rport=137 | protocol=17 | dir=out | app=system |
"{FCDAA3B4-8B37-4FC2-A9C7-E5E3E34C936B}" = rport=138 | protocol=17 | dir=out | app=system |
"{FFDFBF53-5A84-4E04-A6E2-B92628541316}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079A845F-052F-4E7E-91E5-4C3DBA79E52D}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{07D771CF-F180-44BB-81DE-15B39A58CD28}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{0D1A1075-B75C-4DB4-9BA9-0ED125E91C76}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1601BB11-5CB9-4261-848E-D0D180E8ACD9}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{1A7D7080-D379-4024-B7B7-676F7682DA63}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{256063D9-678E-4ABB-ABDB-1FE5D20159F0}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2EB80D87-88A9-4C82-90C4-9AEF4D208859}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3DEE46DF-C72E-4635-B099-29007CF14AC7}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{3EBA888C-79E1-4680-8DF6-98F1D121A453}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{43ADCADE-27A6-44AE-87BC-0B4F6307AA16}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{4F0200F0-E972-4675-9D7D-F12481964368}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{53BF9A30-572A-4DD4-A6C9-6F29A24E319E}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{55A79AB5-CA50-4626-8AF0-1E9A0D04C4DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57E812FE-1061-4593-8600-FCA296E589F1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5D889065-2BBD-4226-A27E-8A0D25680E0F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6A3B5310-9011-4130-A7F0-4C3C4AC56CFC}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{7EE36B24-665F-41C0-B60F-47A54BA54E16}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{801A7B07-CE80-4D6E-B1A8-B40EFC950025}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8575548E-B322-4D96-A6DD-6AE9693CD9EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8B1EFD3F-0865-45BE-ADA7-CCCC619B71D8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8EA3AED1-C1B5-4A18-AB62-8AE628E1498A}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{9276FAAB-D0A0-4DBA-9EB0-2D0527DA92B0}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{994D68B8-BCB2-4842-82B9-F01B82FEA5EC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9BD6E2B5-F7BE-491E-ADE1-21667DCE93D9}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{A0525A0F-2419-4204-8C78-DD8542617DA0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A21F3033-C75B-4542-842D-283EEA288485}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{A9251460-71C1-4F7D-B46F-8D2B3391E92E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{ADE15D3D-D0CC-41D3-A211-07F709F240BF}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{AF6F928D-ECFA-4041-A605-3345C0D3717D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B3E8567C-003E-4306-86D5-E269C50C0E7F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{BB0EDB84-3BE1-4CDC-B9CB-AA34D27F699A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C883F9C9-206D-4D6D-8848-D4298916C465}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CC1E154C-9AE8-46C0-A8F4-BE5AEC88B0C9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DEC36C78-CAB4-4A61-AE62-8C04D43D6850}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{E2718CC5-180C-4CC3-9CF0-80C32E7F32BC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F759E9DC-D766-410F-8378-BB1873414031}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{13005B8F-A92B-422D-9A38-31E0897E3CCA}C:\users\owner\appdata\roaming\macromedia\flash player\" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\macromedia\flash player\ |
"TCP Query User{261D03A8-F801-4ECC-B197-4759E0730247}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{3B5843B7-2539-44E3-A049-B96EF63B7518}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{678E5E05-7FDA-4B36-8CA8-7033B788E5B9}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9C4A35A7-3C9D-4B97-A0CD-D461310A46BC}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{A34CF152-A530-44FA-9AA0-AD3F8FE96C82}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{AD4CBB3B-25CB-4C09-A590-573FEA2C78CA}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{03CB8B33-EC50-4F0D-8543-974652807A73}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{29B728EB-2F7C-4155-9E05-C4533F4C9011}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{614A527D-E807-4E52-9D37-63C4A9D17C99}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{9E8D12B4-1D6D-4BC0-91A5-AFBE3CEE9D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C16FAFE1-87A5-4A4E-8B57-60E6BA553C73}C:\users\owner\appdata\roaming\macromedia\flash player\" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\macromedia\flash player\ |
"UDP Query User{EC48CFE9-FCF7-4B97-B68F-32CB647D6B83}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"UDP Query User{F4239F1F-56FC-4FD6-8653-7B5532AE0472}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A4D5994-8882-4539-B305-3038A58AAA3F}" = VZAccess Manager
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 D3
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam
"{3FFB3B34-D639-4384-9AE9-DDE58430D86F}" = MSCU for Microsoft Vista
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.2
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}" = Google Talk Plugin
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88A548E6-4B09-43E7-AD55-3C7D1B37706D}" = ESU for Microsoft Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.7
"{AF0B98A9-F7E2-4FF5-88C7-7960EB91752B}" = HP User Guides 0041
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{F6B29003-A078-4491-AFBE-62EFB6CFFE19}" = HP Total Care Advisor
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ALTACPHOME_is1" = Net Nanny Parental Controls
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = Soft Data Fax Modem with SmartCP
"Disney Toontown Online" = Disney Toontown Online
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"ICCaptureAS2_is1" = IC Capture.AS 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NAV" = Norton AntiVirus
"NortonPCCheckup" = Norton PC Checkup
"NVIDIA Drivers" = NVIDIA Drivers
"Pet Vet 3D Animal Hospital_is1" = Pet Vet 3D Animal Hospital
"RegiStax_is1" = RegiStax Version 4
"Rhapsody" = Rhapsody
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Veetle TV" = Veetle TV 0.9.15
"WildTangent hplaptop Master Uninstall" = My HP Games
"WildTangent wildgames Master Uninstall" = WildGames
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/3/2010 6:29:33 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/3/2010 6:29:33 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4992

Error - 8/3/2010 6:29:33 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992

Error - 8/3/2010 6:29:36 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/3/2010 6:29:36 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8065

Error - 8/3/2010 6:29:36 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8065

Error - 8/3/2010 6:29:39 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/3/2010 6:29:39 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10436

Error - 8/3/2010 6:29:39 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10436

Error - 8/3/2010 6:29:40 PM | Computer Name = Owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ Media Center Events ]
Error - 2/7/2009 2:33:03 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/23/2009 1:27:50 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/9/2009 9:06:42 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/15/2009 1:29:38 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/10/2009 8:39:02 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/16/2010 5:29:05 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/17/2010 9:36:52 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/17/2010 3:42:04 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/18/2010 8:25:13 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/2/2010 4:29:06 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ ODiag Events ]
Error - 1/10/2008 1:30:19 AM | Computer Name = Owner-PC | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kcz. Error code: N/A

[ OSession Events ]
Error - 12/26/2007 10:03:34 PM | Computer Name = Owner-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1753
seconds with 120 seconds of active time. This session ended with a crash.

Error - 1/10/2008 1:30:19 AM | Computer Name = Owner-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/20/2008 11:13:35 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 8/20/2008 11:13:35 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 8/20/2008 11:13:35 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =

Error - 8/28/2008 3:52:13 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 9/6/2008 10:23:34 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

Error - 9/6/2008 10:41:08 PM | Computer Name = Owner-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
2, function 0. Please contact your system vendor for technical assistance.

Error - 9/6/2008 10:41:08 PM | Computer Name = Owner-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
3, function 0. Please contact your system vendor for technical assistance.

Error - 9/10/2008 12:01:00 AM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

Error - 9/10/2008 7:53:36 AM | Computer Name = Owner-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
2, function 0. Please contact your system vendor for technical assistance.

Error - 9/10/2008 7:53:36 AM | Computer Name = Owner-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
3, function 0. Please contact your system vendor for technical assistance.


< End of report >

When I post the OTL log the site says the log is too long to post, so I'll split it up:

OTL logfile created on: 10/31/2010 9:58:26 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 329.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.68 Gb Total Space | 29.16 Gb Free Space | 28.13% Space Free | Partition Type: NTFS
Drive D: | 8.11 Gb Total Space | 1.75 Gb Free Space | 21.60% Space Free | Partition Type: NTFS
Drive F: | 1004.20 Mb Total Space | 973.66 Mb Free Space | 96.96% Space Free | Partition Type: FAT

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2010/10/22 16:19:35 | 002,100,544 | ---- | M] (ContentWatch, Inc.) -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
PRC - [2010/07/22 23:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010/07/03 10:56:27 | 000,353,600 | ---- | M] (ContentWatch, Inc.) -- C:\Program Files\ContentWatch\Internet Protection\cwtray.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/12/04 14:16:40 | 000,103,280 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
PRC - [2009/08/24 16:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
PRC - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/22 16:19:35 | 002,100,544 | ---- | M] (ContentWatch, Inc.) [Auto | Running] -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe -- (CwAltaService20)
SRV - [2010/07/22 23:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/12/04 14:16:40 | 000,103,280 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2009/09/24 19:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/24 16:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/10/30 17:32:02 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/10/30 01:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/10/30 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/10/30 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/10/30 01:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/10/19 14:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101028.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/08/31 16:57:04 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/07/28 21:33:05 | 000,666,672 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMEFA.SYS -- (SymEFA)
DRV - [2010/07/28 20:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SRTSP.SYS -- (SRTSP)
DRV - [2010/07/28 20:54:36 | 000,050,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/07/12 19:20:20 | 000,331,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/06/26 22:05:55 | 000,134,704 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\Ironx86.SYS -- (SymIRON)
DRV - [2010/06/13 04:50:57 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMDS.SYS -- (SymDS)
DRV - [2009/07/24 16:05:24 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/04/10 22:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/03/20 20:03:36 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/11/13 05:44:10 | 000,043,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tis_uvc_10015.sys -- (UVC)
DRV - [2007/02/26 13:26:00 | 004,465,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/21 18:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/02/15 10:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/12 21:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/03 09:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 09:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/12/21 23:28:56 | 000,100,648 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/30 12:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 03:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 03:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 20:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/10/18 05:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 05:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/10/18 05:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/08/04 11:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=PRESARIO&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.erieskies.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2010/10/30 17:34:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/10/31 20:44:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [CWPhoenixApp] C:\Program Files\ContentWatch\Internet Protection\Updater\Phoenix.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.171.3.25 205.171.2.25
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\ryan bus.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/30 00:43:24 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 09:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/10/31 21:55:04 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/10/31 20:49:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/31 20:49:29 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/10/31 20:28:47 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/10/31 20:28:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/10/31 20:28:47 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/10/31 20:28:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/31 20:27:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/31 20:27:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/31 19:36:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\NTBR_CD
[2010/10/31 19:32:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\NTBR_CD
[2010/10/31 13:58:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CrashDumps
[2010/10/31 09:15:01 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Documents\TFC.exe
[2010/10/30 23:26:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2010/10/30 23:25:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/30 23:25:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/30 23:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/30 23:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/30 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\tdsskiller
[2010/10/30 21:35:12 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.46.exe
[2010/10/30 17:35:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Symantec
[2010/10/30 17:32:02 | 000,126,512 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/30 17:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/10/30 17:31:02 | 000,666,672 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\SymEFA.sys
[2010/10/30 17:31:02 | 000,489,008 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\srtsp.sys
[2010/10/30 17:31:02 | 000,339,504 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\SymDS.sys
[2010/10/30 17:31:02 | 000,331,312 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\symtdiv.sys
[2010/10/30 17:31:02 | 000,294,448 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\symnets.sys
[2010/10/30 17:31:02 | 000,134,704 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\Ironx86.sys
[2010/10/30 17:31:02 | 000,050,096 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\srtspx.sys
[2010/10/30 17:30:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV
[2010/10/30 17:30:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV\1201000.025
[2010/10/30 17:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/10/30 17:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2010/10/26 11:30:08 | 001,317,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Documents\TDSSKiller.exe
[2010/10/23 03:03:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2010/10/10 11:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

========== Files - Modified Within 30 Days ==========

[2010/10/31 22:02:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0292EF70-F177-4E15-8028-F4A865A0A14B}.job
[2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/10/31 21:46:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/31 21:35:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/31 21:26:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4001749147-688493758-2348254775-1000UA.job
[2010/10/31 21:26:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4001749147-688493758-2348254775-1000Core.job
[2010/10/31 20:44:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/10/31 20:17:40 | 003,896,823 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/10/31 20:06:13 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/10/31 20:05:43 | 000,013,025 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2010/10/31 20:03:50 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/31 20:03:50 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/31 20:03:48 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/31 20:03:30 | 1005,174,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/31 19:36:07 | 002,565,432 | ---- | M] () -- C:\Users\Owner\Desktop\NTBR_CD.exe
[2010/10/31 13:58:49 | 000,000,162 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\dkfjasdfshd.bat
[2010/10/31 10:34:25 | 000,085,504 | ---- | M] () -- C:\Windows\MBR.exe
[2010/10/31 09:24:17 | 000,626,176 | ---- | M] () -- C:\Users\Owner\Documents\dds.scr
[2010/10/31 09:23:37 | 000,294,912 | ---- | M] () -- C:\Users\Owner\Documents\j6poz0es.exe
[2010/10/31 09:16:49 | 000,294,912 | ---- | M] () -- C:\Users\Owner\Documents\qxhi09iu.exe
[2010/10/31 09:15:05 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Documents\TFC.exe
[2010/10/30 23:25:44 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/30 22:57:46 | 001,317,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Documents\TDSSKiller.exe
[2010/10/30 22:57:21 | 000,080,384 | ---- | M] () -- C:\Users\Owner\Documents\MBRCheck.exe
[2010/10/30 22:56:38 | 001,207,026 | ---- | M] () -- C:\Users\Owner\Documents\tdsskiller.zip
[2010/10/30 21:35:12 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.46.exe
[2010/10/30 21:27:06 | 000,294,400 | ---- | M] () -- C:\Users\Owner\Desktop\exeHelper.com
[2010/10/30 21:23:55 | 000,364,032 | ---- | M] () -- C:\Users\Owner\Desktop\rkill.com
[2010/10/30 21:16:54 | 000,316,348 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/30 21:16:54 | 000,110,554 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/30 17:33:16 | 002,154,466 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1201000.025\Cat.DB
[2010/10/30 17:32:02 | 000,126,512 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/30 17:32:02 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/30 17:32:02 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/30 17:31:20 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/10/30 17:31:04 | 000,000,883 | ---- | M] () -- C:\Users\Owner\Desktop\Norton Installation Files.lnk
[2010/10/30 17:29:19 | 000,000,029 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\boot.bat
[2010/10/30 13:34:50 | 000,013,025 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2010/10/23 04:04:43 | 000,352,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/10 09:19:06 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job

========== Files Created - No Company Name ==========

[2010/10/31 20:28:47 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/31 20:28:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/31 20:28:47 | 000,085,504 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/31 20:28:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/31 20:28:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/31 20:17:40 | 003,896,823 | R--- | C] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/10/31 19:36:07 | 002,565,432 | ---- | C] () -- C:\Users\Owner\Desktop\NTBR_CD.exe
[2010/10/31 09:24:05 | 000,626,176 | ---- | C] () -- C:\Users\Owner\Documents\dds.scr
[2010/10/31 09:23:33 | 000,294,912 | ---- | C] () -- C:\Users\Owner\Documents\j6poz0es.exe
[2010/10/31 09:16:47 | 000,294,912 | ---- | C] () -- C:\Users\Owner\Documents\qxhi09iu.exe
[2010/10/30 23:25:44 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/30 22:57:21 | 000,080,384 | ---- | C] () -- C:\Users\Owner\Documents\MBRCheck.exe
[2010/10/30 22:56:36 | 001,207,026 | ---- | C] () -- C:\Users\Owner\Documents\tdsskiller.zip
[2010/10/30 21:27:06 | 000,294,400 | ---- | C] () -- C:\Users\Owner\Desktop\exeHelper.com
[2010/10/30 21:23:46 | 000,364,032 | ---- | C] () -- C:\Users\Owner\Desktop\rkill.com
[2010/10/30 17:32:07 | 002,154,466 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\Cat.DB
[2010/10/30 17:32:02 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/30 17:32:02 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/30 17:31:20 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/10/30 17:30:31 | 000,003,373 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymEFA.inf
[2010/10/30 17:30:31 | 000,002,792 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymDS.inf
[2010/10/30 17:30:31 | 000,001,473 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymNetV.inf
[2010/10/30 17:30:31 | 000,001,445 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymNet.inf
[2010/10/30 17:30:31 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtspx.inf
[2010/10/30 17:30:31 | 000,001,383 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtsp.inf
[2010/10/30 17:30:31 | 000,000,741 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\Iron.inf
[2010/10/30 17:30:25 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\symnetv.cat
[2010/10/30 17:30:25 | 000,007,446 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymNet.cat
[2010/10/30 17:30:25 | 000,007,444 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymEFA.cat
[2010/10/30 17:30:25 | 000,007,442 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtspx.cat
[2010/10/30 17:30:25 | 000,007,438 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymDS.cat
[2010/10/30 17:30:25 | 000,007,438 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtsp.cat
[2010/10/30 17:30:25 | 000,007,438 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\iron.cat
[2010/10/30 17:30:25 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\isolate.ini
[2010/10/30 17:29:19 | 000,000,029 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\boot.bat
[2010/10/30 15:07:05 | 000,000,883 | ---- | C] () -- C:\Users\Owner\Desktop\Norton Installation Files.lnk
[2010/10/30 14:37:34 | 000,000,162 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\dkfjasdfshd.bat
[2010/02/09 22:32:40 | 000,975,872 | ---- | C] () -- C:\Windows\System32\libxml2_CW.dll
[2010/02/09 22:32:40 | 000,151,552 | ---- | C] () -- C:\Windows\System32\libexpat.dll
[2010/02/09 22:32:37 | 001,073,152 | ---- | C] () -- C:\Windows\System32\wxcode_msw28u_wxcurl_CW.dll
[2010/02/09 22:32:37 | 000,524,288 | ---- | C] () -- C:\Windows\System32\wxmsw28u_xrc_vc_CW.dll
[2010/02/09 22:32:37 | 000,499,712 | ---- | C] () -- C:\Windows\System32\wxmsw28u_html_vc_CW.dll
[2010/02/09 22:32:37 | 000,110,592 | ---- | C] () -- C:\Windows\System32\wxmsw28u_media_vc_CW.dll
[2010/02/09 22:32:37 | 000,081,920 | ---- | C] () -- C:\Windows\System32\wxcode_msw28u_wxjson_CW.dll
[2010/02/09 22:32:36 | 002,916,352 | ---- | C] () -- C:\Windows\System32\wxmsw28u_core_vc_CW.dll
[2010/02/09 22:32:36 | 001,236,992 | ---- | C] () -- C:\Windows\System32\wxbase28u_vc_CW.dll
[2010/02/09 22:32:36 | 000,716,800 | ---- | C] () -- C:\Windows\System32\wxmsw28u_adv_vc_CW.dll
[2010/02/09 22:32:36 | 000,135,168 | ---- | C] () -- C:\Windows\System32\wxbase28u_xml_vc_CW.dll
[2010/02/09 22:32:36 | 000,135,168 | ---- | C] () -- C:\Windows\System32\wxbase28u_net_vc_CW.dll
[2009/12/30 19:30:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/24 08:56:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/20 16:42:37 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2008/04/05 17:30:44 | 000,015,360 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/30 15:07:53 | 000,147,968 | ---- | C] () -- C:\Windows\System32\DeBayerTransform.dll
[2008/03/30 15:07:53 | 000,043,776 | ---- | C] () -- C:\Windows\System32\drivers\tis_uvc_10015.sys
[2008/03/30 15:07:53 | 000,006,144 | ---- | C] () -- C:\Windows\System32\drvcoinst2.dll
[2008/03/30 15:07:52 | 000,174,592 | ---- | C] () -- C:\Windows\System32\uvc_page_x86.dll
[2007/12/26 16:07:52 | 000,013,025 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2007/12/26 13:45:37 | 000,013,025 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2007/11/19 15:41:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\QSwitch.txt
[2007/11/19 15:41:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\DSwitch.txt
[2007/11/19 15:41:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\AtStart.txt
[2007/04/30 00:28:25 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/02/27 14:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 00:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 00:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 18:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2008/03/30 15:13:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IC Capture.AS 2.0
[2009/06/26 12:49:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\muvee Technologies
[2007/12/31 11:03:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2009/12/09 22:34:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2008/04/13 08:28:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2010/10/31 19:58:58 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/10/31 22:02:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0292EF70-F177-4E15-8028-F4A865A0A14B}.job

========== Purity Check ==========

Here's the rest of OTL:

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2007/04/30 00:43:24 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 00:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/10/31 20:49:26 | 000,013,998 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 15:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/10/31 20:03:30 | 1005,174,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/31 20:03:28 | 1318,973,440 | -HS- | M] () -- C:\pagefile.sys
[2010/10/31 19:32:57 | 000,062,024 | ---- | M] () -- C:\TDSSKiller.2.4.5.1_31.10.2010_19.11.38_log.txt
[2008/01/05 21:00:16 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 06:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 06:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 06:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/10/31 10:26:03 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 15:37:34 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 06:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/10/12 23:42:09 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 04:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 04:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 04:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/04/07 22:47:39 | 000,000,344 | -HS- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/10/31 20:17:40 | 003,896,823 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/10/30 21:35:12 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.46.exe
[2010/10/31 19:36:07 | 002,565,432 | ---- | M] () -- C:\Users\Owner\Desktop\NTBR_CD.exe
[2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2007/11/19 16:48:26 | 000,000,402 | -HS- | M] () -- C:\Users\Owner\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2007/04/30 00:28:57 | 000,000,320 | ---- | M] () -- C:\ProgramData\hpzinstall.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

958.00 Mb Total Physical Memory

Click to expand...

Vista would like to have at least 2GB of RAM to run smoothly.

==========================================================================

Update your Java version: http://java.com/en/download/index.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java installations...

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.

===================================================================

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Code:

  :OTL
  O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
  O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
  O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
  
  
  :Services
  
  :Reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  "DisableMonitoring" =-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
  "DisableMonitoring" =-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
  "DisableMonitoring" =-
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

=====================================================================

Last scans....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=======================================================

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

========================================================

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• IMPORTANT! UN-check Remove found threats
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, push List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

I still get the "blocked startup programs" message when I restart the computer, but I don't think I see anything too scary on the list of startup programs. I'm not sure how to tell if any of them are bad. I'm not getting redirected on Google. I don't see any obvious problems.

I still get the "blocked startup programs" message

Click to expand...

I'd like to know EXACT message and...do you know, what is the source of that message?

There's an icon in the lower right for "blocked startup programs". When I double click it it gives me some options: "show or remove blocked startup programs", "run blocked program", help (which send me to windows help{) or exit. The blocked program appears to be Malwarebytes Anti-malware.

I see. That would be this:

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

Click to expand...

Try "run blocked program" and it shouldn't bother you after next restart.

OTL logfile created on: 10/31/2010 10:57:53 PM - Run 2
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 391.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.68 Gb Total Space | 28.68 Gb Free Space | 27.66% Space Free | Partition Type: NTFS
Drive D: | 8.11 Gb Total Space | 1.75 Gb Free Space | 21.60% Space Free | Partition Type: NTFS
Drive F: | 1004.20 Mb Total Space | 972.86 Mb Free Space | 96.88% Space Free | Partition Type: FAT

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2010/10/22 16:19:35 | 002,100,544 | ---- | M] (ContentWatch, Inc.) -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
PRC - [2010/07/22 23:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010/07/03 10:56:27 | 000,353,600 | ---- | M] (ContentWatch, Inc.) -- C:\Program Files\ContentWatch\Internet Protection\cwtray.exe
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/12/04 14:16:40 | 000,103,280 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe
PRC - [2009/08/24 16:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe
PRC - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/22 16:19:35 | 002,100,544 | ---- | M] (ContentWatch, Inc.) [Auto | Running] -- C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe -- (CwAltaService20)
SRV - [2010/07/22 23:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/12/04 14:16:40 | 000,103,280 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2009/09/24 19:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/24 16:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/07/24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Owner\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/10/30 17:32:02 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/10/30 01:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/10/30 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/10/30 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/10/30 01:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101031.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/10/19 14:36:22 | 000,353,840 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101028.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/08/31 16:57:04 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/07/28 21:33:05 | 000,666,672 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMEFA.SYS -- (SymEFA)
DRV - [2010/07/28 20:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\NAV\1201000.025\SRTSP.SYS -- (SRTSP)
DRV - [2010/07/28 20:54:36 | 000,050,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/07/12 19:20:20 | 000,331,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/06/26 22:05:55 | 000,134,704 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\Ironx86.SYS -- (SymIRON)
DRV - [2010/06/13 04:50:57 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1201000.025\SYMDS.SYS -- (SymDS)
DRV - [2009/07/24 16:05:24 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/04/10 22:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/03/20 20:03:36 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/11/13 05:44:10 | 000,043,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tis_uvc_10015.sys -- (UVC)
DRV - [2007/02/26 13:26:00 | 004,465,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/21 18:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/02/15 10:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/12 21:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/03 09:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 09:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/12/21 23:28:56 | 000,100,648 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/30 12:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 03:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 03:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 20:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/10/18 05:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 05:08:14 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/10/18 05:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/08/04 11:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=PRESARIO&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.erieskies.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2010/10/30 17:34:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/10/31 20:44:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [CWPhoenixApp] C:\Program Files\ContentWatch\Internet Protection\Updater\Phoenix.exe (ContentWatch, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\cwalsp.dll (ContentWatch, Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.171.3.25 205.171.2.25
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Users\Owner\Desktop\ryan bus.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/30 00:43:24 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 09:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/31 22:51:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\JavaRa
[2010/10/31 22:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/10/31 21:55:04 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/10/31 20:49:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/31 20:49:29 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/10/31 20:28:47 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/10/31 20:28:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/10/31 20:28:47 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/10/31 20:28:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/31 20:27:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/31 20:27:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/31 19:36:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\NTBR_CD
[2010/10/31 19:32:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\NTBR_CD
[2010/10/31 13:58:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CrashDumps
[2010/10/31 09:15:01 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Documents\TFC.exe
[2010/10/30 23:26:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2010/10/30 23:25:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/30 23:25:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/30 23:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/30 23:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/30 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\tdsskiller
[2010/10/30 21:35:12 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.46.exe
[2010/10/30 17:35:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Symantec
[2010/10/30 17:32:02 | 000,126,512 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/30 17:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/10/30 17:31:02 | 000,666,672 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\SymEFA.sys
[2010/10/30 17:31:02 | 000,489,008 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\srtsp.sys
[2010/10/30 17:31:02 | 000,339,504 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\SymDS.sys
[2010/10/30 17:31:02 | 000,331,312 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\symtdiv.sys
[2010/10/30 17:31:02 | 000,294,448 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\symnets.sys
[2010/10/30 17:31:02 | 000,134,704 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\Ironx86.sys
[2010/10/30 17:31:02 | 000,050,096 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1201000.025\srtspx.sys
[2010/10/30 17:30:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV
[2010/10/30 17:30:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV\1201000.025
[2010/10/30 17:30:21 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/10/30 17:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2010/10/26 11:30:08 | 001,317,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Documents\TDSSKiller.exe
[2010/10/23 03:03:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2010/10/10 11:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

========== Files - Modified Within 30 Days ==========

[2010/10/31 22:57:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0292EF70-F177-4E15-8028-F4A865A0A14B}.job
[2010/10/31 22:51:01 | 000,205,540 | ---- | M] () -- C:\Users\Owner\Documents\JavaRa.zip
[2010/10/31 22:46:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/31 22:28:16 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/10/31 22:26:43 | 000,013,025 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2010/10/31 22:26:16 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4001749147-688493758-2348254775-1000UA.job
[2010/10/31 22:25:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/31 22:25:54 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/31 22:25:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/31 22:25:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/31 22:25:41 | 1005,174,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/31 21:55:04 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2010/10/31 21:26:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4001749147-688493758-2348254775-1000Core.job
[2010/10/31 20:44:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/10/31 20:17:40 | 003,896,823 | R--- | M] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/10/31 19:36:07 | 002,565,432 | ---- | M] () -- C:\Users\Owner\Desktop\NTBR_CD.exe
[2010/10/31 13:58:49 | 000,000,162 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\dkfjasdfshd.bat
[2010/10/31 10:34:25 | 000,085,504 | ---- | M] () -- C:\Windows\MBR.exe
[2010/10/31 09:24:17 | 000,626,176 | ---- | M] () -- C:\Users\Owner\Documents\dds.scr
[2010/10/31 09:23:37 | 000,294,912 | ---- | M] () -- C:\Users\Owner\Documents\j6poz0es.exe
[2010/10/31 09:16:49 | 000,294,912 | ---- | M] () -- C:\Users\Owner\Documents\qxhi09iu.exe
[2010/10/31 09:15:05 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Documents\TFC.exe
[2010/10/30 23:25:44 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/30 22:57:46 | 001,317,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Documents\TDSSKiller.exe
[2010/10/30 22:57:21 | 000,080,384 | ---- | M] () -- C:\Users\Owner\Documents\MBRCheck.exe
[2010/10/30 22:56:38 | 001,207,026 | ---- | M] () -- C:\Users\Owner\Documents\tdsskiller.zip
[2010/10/30 21:35:12 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.46.exe
[2010/10/30 21:27:06 | 000,294,400 | ---- | M] () -- C:\Users\Owner\Desktop\exeHelper.com
[2010/10/30 21:23:55 | 000,364,032 | ---- | M] () -- C:\Users\Owner\Desktop\rkill.com
[2010/10/30 21:16:54 | 000,316,348 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/30 21:16:54 | 000,110,554 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/30 17:33:16 | 002,154,466 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1201000.025\Cat.DB
[2010/10/30 17:32:02 | 000,126,512 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/30 17:32:02 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/30 17:32:02 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/30 17:31:20 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/10/30 17:31:04 | 000,000,883 | ---- | M] () -- C:\Users\Owner\Desktop\Norton Installation Files.lnk
[2010/10/30 17:29:19 | 000,000,029 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\boot.bat
[2010/10/30 13:34:50 | 000,013,025 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2010/10/23 04:04:43 | 000,352,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/10 09:19:06 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job

========== Files Created - No Company Name ==========

[2010/10/31 22:51:00 | 000,205,540 | ---- | C] () -- C:\Users\Owner\Documents\JavaRa.zip
[2010/10/31 20:28:47 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/31 20:28:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/31 20:28:47 | 000,085,504 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/31 20:28:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/31 20:28:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/31 20:17:40 | 003,896,823 | R--- | C] () -- C:\Users\Owner\Desktop\ComboFix.exe
[2010/10/31 19:36:07 | 002,565,432 | ---- | C] () -- C:\Users\Owner\Desktop\NTBR_CD.exe
[2010/10/31 09:24:05 | 000,626,176 | ---- | C] () -- C:\Users\Owner\Documents\dds.scr
[2010/10/31 09:23:33 | 000,294,912 | ---- | C] () -- C:\Users\Owner\Documents\j6poz0es.exe
[2010/10/31 09:16:47 | 000,294,912 | ---- | C] () -- C:\Users\Owner\Documents\qxhi09iu.exe
[2010/10/30 23:25:44 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/30 22:57:21 | 000,080,384 | ---- | C] () -- C:\Users\Owner\Documents\MBRCheck.exe
[2010/10/30 22:56:36 | 001,207,026 | ---- | C] () -- C:\Users\Owner\Documents\tdsskiller.zip
[2010/10/30 21:27:06 | 000,294,400 | ---- | C] () -- C:\Users\Owner\Desktop\exeHelper.com
[2010/10/30 21:23:46 | 000,364,032 | ---- | C] () -- C:\Users\Owner\Desktop\rkill.com
[2010/10/30 17:32:07 | 002,154,466 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\Cat.DB
[2010/10/30 17:32:02 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/30 17:32:02 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/30 17:31:20 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/10/30 17:30:31 | 000,003,373 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymEFA.inf
[2010/10/30 17:30:31 | 000,002,792 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymDS.inf
[2010/10/30 17:30:31 | 000,001,473 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymNetV.inf
[2010/10/30 17:30:31 | 000,001,445 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymNet.inf
[2010/10/30 17:30:31 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtspx.inf
[2010/10/30 17:30:31 | 000,001,383 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtsp.inf
[2010/10/30 17:30:31 | 000,000,741 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\Iron.inf
[2010/10/30 17:30:25 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\symnetv.cat
[2010/10/30 17:30:25 | 000,007,446 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymNet.cat
[2010/10/30 17:30:25 | 000,007,444 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymEFA.cat
[2010/10/30 17:30:25 | 000,007,442 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtspx.cat
[2010/10/30 17:30:25 | 000,007,438 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\SymDS.cat
[2010/10/30 17:30:25 | 000,007,438 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\srtsp.cat
[2010/10/30 17:30:25 | 000,007,438 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\iron.cat
[2010/10/30 17:30:25 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1201000.025\isolate.ini
[2010/10/30 17:29:19 | 000,000,029 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\boot.bat
[2010/10/30 15:07:05 | 000,000,883 | ---- | C] () -- C:\Users\Owner\Desktop\Norton Installation Files.lnk
[2010/10/30 14:37:34 | 000,000,162 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\dkfjasdfshd.bat
[2010/02/09 22:32:40 | 000,975,872 | ---- | C] () -- C:\Windows\System32\libxml2_CW.dll
[2010/02/09 22:32:40 | 000,151,552 | ---- | C] () -- C:\Windows\System32\libexpat.dll
[2010/02/09 22:32:37 | 001,073,152 | ---- | C] () -- C:\Windows\System32\wxcode_msw28u_wxcurl_CW.dll
[2010/02/09 22:32:37 | 000,524,288 | ---- | C] () -- C:\Windows\System32\wxmsw28u_xrc_vc_CW.dll
[2010/02/09 22:32:37 | 000,499,712 | ---- | C] () -- C:\Windows\System32\wxmsw28u_html_vc_CW.dll
[2010/02/09 22:32:37 | 000,110,592 | ---- | C] () -- C:\Windows\System32\wxmsw28u_media_vc_CW.dll
[2010/02/09 22:32:37 | 000,081,920 | ---- | C] () -- C:\Windows\System32\wxcode_msw28u_wxjson_CW.dll
[2010/02/09 22:32:36 | 002,916,352 | ---- | C] () -- C:\Windows\System32\wxmsw28u_core_vc_CW.dll
[2010/02/09 22:32:36 | 001,236,992 | ---- | C] () -- C:\Windows\System32\wxbase28u_vc_CW.dll
[2010/02/09 22:32:36 | 000,716,800 | ---- | C] () -- C:\Windows\System32\wxmsw28u_adv_vc_CW.dll
[2010/02/09 22:32:36 | 000,135,168 | ---- | C] () -- C:\Windows\System32\wxbase28u_xml_vc_CW.dll
[2010/02/09 22:32:36 | 000,135,168 | ---- | C] () -- C:\Windows\System32\wxbase28u_net_vc_CW.dll
[2009/12/30 19:30:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/24 08:56:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/20 16:42:37 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2008/04/05 17:30:44 | 000,015,360 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/30 15:07:53 | 000,147,968 | ---- | C] () -- C:\Windows\System32\DeBayerTransform.dll
[2008/03/30 15:07:53 | 000,043,776 | ---- | C] () -- C:\Windows\System32\drivers\tis_uvc_10015.sys
[2008/03/30 15:07:53 | 000,006,144 | ---- | C] () -- C:\Windows\System32\drvcoinst2.dll
[2008/03/30 15:07:52 | 000,174,592 | ---- | C] () -- C:\Windows\System32\uvc_page_x86.dll
[2007/12/26 16:07:52 | 000,013,025 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2007/12/26 13:45:37 | 000,013,025 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2007/11/19 15:41:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\QSwitch.txt
[2007/11/19 15:41:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\DSwitch.txt
[2007/11/19 15:41:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\AtStart.txt
[2007/04/30 00:28:25 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/02/27 14:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 00:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 00:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 18:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2008/03/30 15:13:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IC Capture.AS 2.0
[2009/06/26 12:49:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\muvee Technologies
[2007/12/31 11:03:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2009/12/09 22:34:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2008/04/13 08:28:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2010/10/31 22:24:11 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/10/31 22:57:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0292EF70-F177-4E15-8028-F4A865A0A14B}.job

========== Purity Check ==========



========== Custom Scans ==========


< :OTL >

< O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. >

< O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.) >
Invalid Switch: ultrashim.cab (Reg Error: Key error.)


< O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) >
Invalid Switch: gp.cab (Reg Error: Key error.)


< O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found >

< >

< >

< :Services >

< >

< :Reg >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] >

< "DisableMonitoring" =- >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] >

< "DisableMonitoring" =- >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] >

< "DisableMonitoring" =- >

< >

< :Files >

< >

< :Commands >

< [purity] >

< [emptytemp] >

< [emptyflash] >

< [Reboot] >

< End of report >

Results of screen317's Security Check version 0.99.5
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Norton AntiVirus
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 22
Java(TM) SE Runtime Environment 6
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player
Adobe Reader 8.1.7
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
````````````````````````````````
DNS Vulnerability Check:

``````````End of Log````````````

FYI: also currently running:
Reference https://www.techspot.com/vb/topic155812.html
Windows 5.1.2600 Service Pack 3
Different computer, possible network infection

You posted wrong OTL log.
I suppose, you pressed "Scan" button, instead of "Fix" button.
Please, re-run OTL fix from my reply #15 and post a fix log, not scan log.

You didn't follow another instruction from the same reply, regarding running JavaRa to remove old Java versions.

Please, pay better attention.

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.
On this page:



make sure, you have both boxes UN-checked AND (important!) click on Decline button.

When done with EVERYTHING....

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following:

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. Please, let me know, how is your computer doing.

Here's the correct OTL log. Sorry about that. Not sure what happened with the JavaRa deal. I know I ran it yesterday. Perhaps it didn't finish or had an error and I didn't realize it.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Owner
->Temp folder emptied: 10654768 bytes
->Temporary Internet Files folder emptied: 29113644 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 944 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 90 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 38.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Owner
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.17.2 log created on 11012010_185028

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\ehmsas.txt moved successfully.
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF6646.tmp not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF6654.tmp not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF6680.tmp not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF668E.tmp not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF66C8.tmp not found!
File\Folder C:\Users\Owner\AppData\Local\Temp\~DF66D6.tmp not found!
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXILL4RI\activex[1].htm moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TN96DQHB\sh26[1].html moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TN96DQHB\style-nurse[1].htc moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NN284JPE\topic155853[2].html moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3C6SBWV\6747404[1].htm moved successfully.

Registry entries deleted on Reboot...

Regarding Java, just make sure, these two are uninstalled:

Java(TM) SE Runtime Environment 6
Java(TM) 6 Update 7

Click to expand...

Give me a final word, when done with everything...