Jump to content

Snuggles

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Snuggles
    Thank you very much negster22! I really appreciate your help.
  2. Snuggles
    Everything is working well. I think it's all good now.
  3. Snuggles
    Good evening! So far everything looks to be in order.
  4. Snuggles
    Okay, sounds good. I didn't have a stock password, but it wasn't too complicated. Thank you for your help and see you tomorrow!
  5. Snuggles
    I ran the cmd prompt commands and restarted. I didn't, however, connect directly to the modem, I just reset my router and it seems to be in order. Do you think that the malware is gone? What should I do to make sure? How can I keep this from happening again?
  6. Snuggles
    I reset my router and it appears that it no longer redirects, but right now I'm going to continue with the cmd prompt to be safe. All processes killed ========== OTL ========== ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: k ->Temp folder emptied: 31832 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Google Chrome cache emptied: 11805338 bytes ->Flash cache emptied: 654 bytes User: Mcx1 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 11.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: k ->Flash cache emptied: 0 bytes User: Mcx1 User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02022011_231931 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  7. Snuggles
    ComboFix 11-01-31.02 - k 02/02/2011 22:11:48.1.1 - x86 Microsoft
  8. Snuggles
    Sorry, I misread and did a normal scan. Here is the Fix: All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Error: Unable to interpret <:File> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F}> in the current context! Error: Unable to interpret <C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344}> in the current context! ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: k ->Temp folder emptied: 63264 bytes ->Temporary Internet Files folder emptied: 562116 bytes ->Google Chrome cache emptied: 361150107 bytes ->Flash cache emptied: 10929 bytes User: Mcx1 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 66016 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 345.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: k ->Flash cache emptied: 0 bytes User: Mcx1 User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02022011_214844 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  9. Snuggles
    OTL logfile created on: 2/2/2011 9:14:23 PM - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\k\Desktop Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298.08 Gb Total Space | 153.35 Gb Free Space | 51.45% Space Free | Partition Type: NTFS Drive D: | 624.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 232.88 Gb Total Space | 116.45 Gb Free Space | 50.00% Space Free | Partition Type: NTFS Computer Name: PC-3 | User Name: k | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2010/12/08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010/11/10 01:13:30 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/01/20 21:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe ========== Modules (SafeList) ========== MOD - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe MOD - [2011/01/23 00:29:20 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\msvcr90.dll MOD - [2011/01/23 00:29:20 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\msvcp90.dll MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360) SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/01/20 21:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/01/22 21:13:45 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110202.022\NAVEX15.SYS -- (NAVEX15) DRV - [2011/01/22 21:13:45 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110202.022\NAVENG.SYS -- (NAVENG) DRV - [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011/01/02 12:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011/01/01 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2011/01/01 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/12/01 01:03:34 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110202.001\IDSvix86.sys -- (IDSVix86) DRV - [2010/11/23 03:34:08 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv) DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON) DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA) DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP) DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP) DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS) DRV - [2008/01/20 21:21:57 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass) DRV - [2008/01/20 21:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 21:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 21:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 21:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 21:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 21:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 21:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 21:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 21:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 21:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 21:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 21:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 21:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 21:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 21:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 21:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 21:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 21:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 21:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 21:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 21:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 21:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 21:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2005/05/23 10:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/05/23 10:30:50 | 000,229,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWBS2.sys -- (HSFHWBS2) DRV - [2005/05/23 10:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/01/02 17:08:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2011/01/02 12:20:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/04 12:54:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/04 12:54:56 | 000,000,000 | ---D | M] O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s...ri_4.4.13.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.27 213.109.72.22 1.1.1.1 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg O24 - Desktop BackupWallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005/03/30 01:39:08 | 000,000,048 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2008/12/15 04:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{1658d404-1698-11e0-bc6f-0007e942b8b6}\Shell\AutoRun\command - "" = E:\wdsync.exe O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DATA\STUBSTUB.EXE -- [2005/04/01 07:16:07 | 000,010,240 | R--- | M] (ArenaNet) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [CREATERESTOREPOINT] Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/02/02 19:50:38 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{13F972B1-8396-4970-8B1B-C4FB194DC7DA} [2011/02/02 08:02:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe [2011/02/02 07:53:59 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe [2011/02/02 07:50:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC} [2011/02/01 14:44:56 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E} [2011/02/01 14:21:09 | 001,360,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe [2011/02/01 02:44:43 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7} [2011/01/31 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681} [2011/01/31 02:44:17 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC} [2011/01/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8} [2011/01/30 07:40:10 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\Guild Wars [2011/01/30 07:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars [2011/01/30 02:43:53 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB} [2011/01/29 04:51:54 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C} [2011/01/28 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ti 83 [2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TI Shared [2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\TI Education [2011/01/28 16:51:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844} [2011/01/27 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F} [2011/01/26 20:56:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack [2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack [2011/01/26 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA} [2011/01/26 01:28:25 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF} [2011/01/26 01:28:03 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5} [2011/01/25 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6} [2011/01/25 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7} [2011/01/24 23:03:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\WinRAR [2011/01/24 23:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/01/24 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF} [2011/01/24 01:37:42 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\My Received Files [2011/01/24 01:25:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F} [2011/01/23 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344} [2011/01/23 06:18:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\PeerNetworking [2011/01/23 05:33:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs [2011/01/23 02:49:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Malwarebytes [2011/01/23 02:49:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/01/23 02:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/23 02:49:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/01/23 02:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/23 01:58:56 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\Backgrounds [2011/01/23 01:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2011/01/23 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Media Player Classic [2011/01/23 00:38:21 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{40A4D48A-F70B-438C-A802-BDB83E587D66} [2011/01/23 00:38:01 | 000,000,000 | ---D | C] -- C:\Users\k\Tracing [2011/01/23 00:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2011/01/23 00:25:57 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\Windows Live [2011/01/23 00:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2011/01/23 00:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011/01/23 00:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011/01/23 00:14:21 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011/01/23 00:14:21 | 010,467,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011/01/23 00:14:21 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011/01/23 00:14:21 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011/01/23 00:14:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011/01/23 00:14:20 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011/01/23 00:14:20 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011/01/23 00:14:20 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011/01/23 00:14:19 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011/01/23 00:14:19 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011/01/23 00:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011/01/23 00:12:30 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011/01/22 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\LolClient [2011/01/22 21:44:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/22 21:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011/01/22 21:23:34 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011/01/22 21:21:14 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\New Folder (2) [2011/01/14 09:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahead Nero [2011/01/14 09:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead [2011/01/14 09:03:53 | 000,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll [2011/01/14 09:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2011/01/07 21:06:44 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll [2011/01/07 21:06:34 | 003,597,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2011/01/07 21:06:14 | 002,620,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2011/01/07 21:06:02 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2011/01/07 21:06:02 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2011/01/04 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter [2011/01/04 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter [2011/01/04 12:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter [2011/01/04 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011/01/04 11:16:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\CrashDumps ========== Files - Modified Within 30 Days ========== [2011/02/02 21:15:45 | 001,723,428 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB [2011/02/02 21:11:04 | 000,011,923 | ---- | M] () -- C:\Users\k\Desktop\Chapter 4.docx [2011/02/02 20:08:48 | 000,000,466 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for k.job [2011/02/02 19:59:02 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/02 19:59:02 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/02 18:48:54 | 000,020,971 | ---- | M] () -- C:\Users\k\Desktop\Patrick Naugle Chapter 3.docx [2011/02/02 18:22:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/02/02 08:03:44 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/02/02 08:03:44 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe [2011/02/02 07:59:27 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\WGASetup.job [2011/02/02 07:58:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/02 07:58:43 | 2146,230,272 | -HS- | M] () -- C:\hiberfil.sys [2011/02/02 07:53:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe [2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe [2011/02/01 16:58:39 | 000,002,131 | ---- | M] () -- C:\Users\k\Desktop\ark.zip [2011/02/01 16:58:33 | 000,001,777 | ---- | M] () -- C:\Users\k\Desktop\Attach.zip [2011/02/01 15:53:44 | 000,296,448 | ---- | M] () -- C:\Users\k\Desktop\gdpjer02.exe [2011/02/01 15:53:26 | 000,624,128 | ---- | M] () -- C:\Users\k\Desktop\dds.scr [2011/02/01 15:53:16 | 000,000,000 | ---- | M] () -- C:\Users\k\defogger_reenable [2011/02/01 15:44:10 | 000,050,477 | ---- | M] () -- C:\Users\k\Desktop\Defogger.exe [2011/02/01 15:26:15 | 000,028,160 | ---- | M] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/01 10:36:10 | 001,360,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe [2011/02/01 09:39:32 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job [2011/01/30 22:25:59 | 000,000,515 | ---- | M] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/01/28 18:19:44 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk [2011/01/24 23:59:16 | 000,000,162 | -H-- | M] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/24 23:55:05 | 000,048,128 | ---- | M] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/23 18:48:04 | 000,000,606 | ---- | M] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk [2011/01/23 06:18:24 | 000,018,770 | ---- | M] () -- C:\Users\k\AppData\Roaming\UserTile.png [2011/01/23 03:05:15 | 000,375,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/01/23 02:49:16 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/23 01:01:12 | 000,001,055 | ---- | M] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk [2011/01/23 00:44:31 | 004,411,392 | ---- | M] (Gabest) -- C:\Users\k\Desktop\mplayerc.exe [2011/01/22 22:50:23 | 000,000,290 | ---- | M] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk [2011/01/22 22:35:48 | 000,001,356 | ---- | M] () -- C:\Users\k\AppData\Local\d3d9caps.dat [2011/01/22 21:26:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/01/07 22:27:00 | 015,047,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011/01/07 22:27:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011/01/07 22:27:00 | 010,078,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011/01/07 22:27:00 | 004,941,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011/01/07 22:27:00 | 002,895,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011/01/07 22:27:00 | 002,251,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011/01/07 22:27:00 | 001,965,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011/01/07 22:27:00 | 000,941,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011/01/07 22:27:00 | 000,837,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011/01/07 22:27:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011/01/07 22:27:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011/01/07 22:27:00 | 000,004,756 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2011/01/07 21:06:44 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll [2011/01/07 21:06:34 | 003,597,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2011/01/07 21:06:14 | 002,620,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2011/01/07 21:06:02 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2011/01/07 21:06:02 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2011/01/04 12:55:01 | 000,001,390 | ---- | M] () -- C:\Users\k\Desktop\DivX Movies.lnk [2011/01/04 12:54:44 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011/01/04 12:53:57 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011/01/04 11:10:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk ========== Files Created - No Company Name ========== [2011/02/02 20:36:58 | 000,011,923 | ---- | C] () -- C:\Users\k\Desktop\Chapter 4.docx [2011/02/02 15:58:54 | 000,020,971 | ---- | C] () -- C:\Users\k\Desktop\Patrick Naugle Chapter 3.docx [2011/02/01 19:36:22 | 004,263,406 | ---- | C] () -- C:\Users\k\Desktop\Combo-Fix.exe [2011/02/01 16:58:39 | 000,002,131 | ---- | C] () -- C:\Users\k\Desktop\ark.zip [2011/02/01 16:58:33 | 000,001,777 | ---- | C] () -- C:\Users\k\Desktop\Attach.zip [2011/02/01 15:53:42 | 000,296,448 | ---- | C] () -- C:\Users\k\Desktop\gdpjer02.exe [2011/02/01 15:53:23 | 000,624,128 | ---- | C] () -- C:\Users\k\Desktop\dds.scr [2011/02/01 15:53:16 | 000,000,000 | ---- | C] () -- C:\Users\k\defogger_reenable [2011/02/01 15:44:10 | 000,050,477 | ---- | C] () -- C:\Users\k\Desktop\Defogger.exe [2011/01/30 22:26:04 | 000,000,515 | ---- | C] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk [2011/01/28 18:19:44 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk [2011/01/24 23:59:16 | 000,000,162 | -H-- | C] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/24 23:55:05 | 000,048,128 | ---- | C] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/24 22:22:38 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job [2011/01/23 18:48:08 | 000,000,606 | ---- | C] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk [2011/01/23 06:18:24 | 000,018,770 | ---- | C] () -- C:\Users\k\AppData\Roaming\UserTile.png [2011/01/23 02:49:16 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/23 01:01:12 | 000,001,055 | ---- | C] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk [2011/01/23 00:32:25 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/01/23 00:14:21 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2011/01/22 22:50:23 | 000,000,290 | ---- | C] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk [2011/01/22 22:37:13 | 2146,230,272 | -HS- | C] () -- C:\hiberfil.sys [2011/01/04 12:55:01 | 000,001,390 | ---- | C] () -- C:\Users\k\Desktop\DivX Movies.lnk [2011/01/04 12:54:44 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011/01/04 12:53:57 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011/01/04 11:10:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk [2011/01/02 13:05:27 | 000,028,160 | ---- | C] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/26 11:49:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/11/25 11:23:07 | 000,001,356 | ---- | C] () -- C:\Users\k\AppData\Local\d3d9caps.dat [2010/11/07 14:58:39 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI [2008/01/20 21:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2006/11/02 07:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== Custom Scans ========== < :OTL > < O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. > < :File > < C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC} > < C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E} > < C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7} > < C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681} > < C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC} > < C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8} > < C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB} > < C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C} > < C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844} > < C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F} > < C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA} > < C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF} > < C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5} > < C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6} > < C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7} > < C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF} > < C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F} > < C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344} > < :Commands > < [purity] > < [resethosts] > < [emptytemp] > < [emptyflash] > < [reboot] > < End of report > I haven't run ComboFix yet, and I haven't tried to reset my router or connect directly to the modem yet. Should I try these things?
  10. Snuggles
    Thank you for your help! TDSS 2011/02/02 08:00:32.0109 4072 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03 2011/02/02 08:00:32.0306 4072 ================================================================================ 2011/02/02 08:00:32.0306 4072 SystemInfo: 2011/02/02 08:00:32.0306 4072 2011/02/02 08:00:32.0307 4072 OS Version: 6.0.6002 ServicePack: 2.0 2011/02/02 08:00:32.0307 4072 Product type: Workstation 2011/02/02 08:00:32.0307 4072 ComputerName: PC-3 2011/02/02 08:00:32.0307 4072 UserName: k 2011/02/02 08:00:32.0308 4072 Windows directory: C:\Windows 2011/02/02 08:00:32.0308 4072 System windows directory: C:\Windows 2011/02/02 08:00:32.0308 4072 Processor architecture: Intel x86 2011/02/02 08:00:32.0308 4072 Number of processors: 1 2011/02/02 08:00:32.0308 4072 Page size: 0x1000 2011/02/02 08:00:32.0308 4072 Boot type: Normal boot 2011/02/02 08:00:32.0308 4072 ================================================================================ 2011/02/02 08:00:33.0161 4072 Initialize success 2011/02/02 08:00:34.0685 0156 ================================================================================ 2011/02/02 08:00:34.0686 0156 Scan started 2011/02/02 08:00:34.0686 0156 Mode: Manual; 2011/02/02 08:00:34.0686 0156 ================================================================================ 2011/02/02 08:00:36.0179 0156 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/02/02 08:00:36.0420 0156 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/02/02 08:00:36.0574 0156 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/02/02 08:00:36.0784 0156 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/02/02 08:00:36.0872 0156 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/02/02 08:00:36.0971 0156 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/02/02 08:00:37.0028 0156 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\DRIVERS\agp440.sys 2011/02/02 08:00:37.0084 0156 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/02/02 08:00:37.0134 0156 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/02/02 08:00:37.0190 0156 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/02/02 08:00:37.0236 0156 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/02/02 08:00:37.0296 0156 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/02/02 08:00:37.0335 0156 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/02/02 08:00:37.0447 0156 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/02/02 08:00:37.0490 0156 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/02/02 08:00:37.0544 0156 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/02/02 08:00:37.0599 0156 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/02/02 08:00:37.0704 0156 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/02/02 08:00:38.0030 0156 BHDrvx86 (83a2fec59a0a0fc73bf6598e901b2fbd) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys 2011/02/02 08:00:38.0140 0156 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/02/02 08:00:38.0227 0156 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/02/02 08:00:38.0313 0156 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/02/02 08:00:38.0346 0156 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/02/02 08:00:38.0411 0156 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/02/02 08:00:38.0463 0156 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/02/02 08:00:38.0521 0156 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/02/02 08:00:38.0554 0156 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/02/02 08:00:38.0596 0156 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/02/02 08:00:38.0892 0156 ccHP (e941e709847fa00e0dd6d58d2b8fb5e1) C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys 2011/02/02 08:00:39.0046 0156 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/02/02 08:00:39.0159 0156 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/02/02 08:00:39.0216 0156 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/02/02 08:00:39.0283 0156 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/02/02 08:00:39.0350 0156 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/02/02 08:00:39.0386 0156 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys 2011/02/02 08:00:39.0451 0156 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/02/02 08:00:39.0496 0156 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/02/02 08:00:39.0583 0156 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys 2011/02/02 08:00:39.0695 0156 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/02/02 08:00:39.0948 0156 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/02/02 08:00:40.0183 0156 dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2011/02/02 08:00:40.0391 0156 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/02/02 08:00:40.0488 0156 Dot4Scan (a84d8a9006b1ae515cc7b6b3586c295a) C:\Windows\system32\DRIVERS\Dot4Scan.sys 2011/02/02 08:00:40.0610 0156 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/02/02 08:00:41.0224 0156 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/02/02 08:00:41.0413 0156 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2011/02/02 08:00:41.0580 0156 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys 2011/02/02 08:00:41.0655 0156 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/02/02 08:00:41.0770 0156 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/02/02 08:00:41.0881 0156 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 2011/02/02 08:00:42.0133 0156 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/02/02 08:00:42.0259 0156 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 2011/02/02 08:00:42.0446 0156 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/02/02 08:00:42.0693 0156 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/02/02 08:00:42.0941 0156 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/02/02 08:00:43.0190 0156 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/02/02 08:00:43.0307 0156 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/02/02 08:00:43.0355 0156 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/02/02 08:00:43.0409 0156 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/02/02 08:00:43.0493 0156 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/02/02 08:00:43.0566 0156 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/02/02 08:00:43.0622 0156 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys 2011/02/02 08:00:43.0667 0156 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/02/02 08:00:43.0725 0156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/02/02 08:00:43.0826 0156 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\drivers\hdaudbus.sys 2011/02/02 08:00:43.0883 0156 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/02/02 08:00:43.0971 0156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/02/02 08:00:44.0060 0156 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/02/02 08:00:44.0133 0156 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/02/02 08:00:44.0237 0156 HSFHWBS2 (1dc3a578929ede805f33b67b391f7aa4) C:\Windows\system32\DRIVERS\HSFHWBS2.sys 2011/02/02 08:00:44.0449 0156 HSF_DPV (6cad234becf58529879b6c303f02777f) C:\Windows\system32\DRIVERS\HSF_DPV.sys 2011/02/02 08:00:44.0653 0156 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/02/02 08:00:44.0802 0156 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/02/02 08:00:44.0882 0156 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/02/02 08:00:45.0003 0156 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/02/02 08:00:45.0380 0156 IDSVix86 (33ca0e61eab15d439a1f592ddc020712) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110131.001\IDSvix86.sys 2011/02/02 08:00:45.0516 0156 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/02/02 08:00:45.0621 0156 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/02/02 08:00:45.0813 0156 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/02/02 08:00:46.0029 0156 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/02/02 08:00:46.0298 0156 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/02/02 08:00:46.0390 0156 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/02/02 08:00:46.0697 0156 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/02/02 08:00:46.0834 0156 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/02/02 08:00:46.0965 0156 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/02/02 08:00:47.0179 0156 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/02/02 08:00:47.0272 0156 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/02/02 08:00:47.0346 0156 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/02/02 08:00:47.0452 0156 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 2011/02/02 08:00:47.0580 0156 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/02/02 08:00:47.0862 0156 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/02/02 08:00:48.0307 0156 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/02/02 08:00:48.0410 0156 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/02/02 08:00:48.0489 0156 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/02/02 08:00:48.0549 0156 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/02/02 08:00:48.0627 0156 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/02/02 08:00:48.0719 0156 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/02/02 08:00:48.0987 0156 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/02/02 08:00:49.0164 0156 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys 2011/02/02 08:00:49.0346 0156 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/02/02 08:00:49.0442 0156 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/02/02 08:00:49.0549 0156 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/02/02 08:00:49.0617 0156 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/02/02 08:00:49.0680 0156 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/02/02 08:00:49.0752 0156 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/02/02 08:00:49.0859 0156 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/02/02 08:00:49.0965 0156 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/02/02 08:00:50.0173 0156 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/02/02 08:00:50.0313 0156 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/02/02 08:00:50.0394 0156 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/02/02 08:00:50.0539 0156 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/02/02 08:00:50.0598 0156 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/02/02 08:00:50.0750 0156 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/02/02 08:00:50.0803 0156 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/02/02 08:00:50.0903 0156 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/02/02 08:00:50.0979 0156 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/02/02 08:00:51.0041 0156 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/02/02 08:00:51.0178 0156 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/02/02 08:00:51.0382 0156 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/02/02 08:00:51.0520 0156 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/02/02 08:00:51.0612 0156 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/02/02 08:00:51.0745 0156 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/02/02 08:00:51.0997 0156 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVENG.SYS 2011/02/02 08:00:52.0336 0156 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVEX15.SYS 2011/02/02 08:00:52.0613 0156 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/02/02 08:00:52.0695 0156 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/02/02 08:00:52.0798 0156 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/02/02 08:00:52.0875 0156 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/02/02 08:00:52.0954 0156 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/02/02 08:00:53.0020 0156 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/02/02 08:00:53.0113 0156 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/02/02 08:00:53.0346 0156 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/02/02 08:00:53.0456 0156 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/02/02 08:00:53.0633 0156 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/02/02 08:00:53.0979 0156 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/02/02 08:00:54.0138 0156 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/02/02 08:00:54.0318 0156 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/02/02 08:00:55.0027 0156 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/02/02 08:00:55.0387 0156 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/02/02 08:00:55.0484 0156 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/02/02 08:00:55.0596 0156 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/02/02 08:00:55.0812 0156 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2011/02/02 08:00:56.0004 0156 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys 2011/02/02 08:00:56.0089 0156 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/02/02 08:00:56.0150 0156 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys 2011/02/02 08:00:56.0247 0156 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/02/02 08:00:56.0353 0156 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/02/02 08:00:56.0450 0156 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/02/02 08:00:56.0567 0156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/02/02 08:00:56.0809 0156 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/02/02 08:00:56.0883 0156 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/02/02 08:00:56.0992 0156 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/02/02 08:00:57.0086 0156 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys 2011/02/02 08:00:57.0299 0156 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/02/02 08:00:57.0484 0156 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/02/02 08:00:57.0608 0156 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/02/02 08:00:57.0696 0156 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/02/02 08:00:57.0784 0156 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/02/02 08:00:57.0895 0156 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/02/02 08:00:57.0977 0156 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/02/02 08:00:58.0107 0156 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/02/02 08:00:58.0268 0156 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/02/02 08:00:58.0473 0156 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys 2011/02/02 08:00:58.0658 0156 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/02/02 08:00:58.0801 0156 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/02/02 08:00:58.0978 0156 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/02/02 08:00:59.0129 0156 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/02/02 08:00:59.0284 0156 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/02/02 08:00:59.0390 0156 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys 2011/02/02 08:00:59.0471 0156 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys 2011/02/02 08:00:59.0535 0156 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/02/02 08:00:59.0671 0156 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/02/02 08:00:59.0740 0156 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/02/02 08:00:59.0818 0156 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/02/02 08:00:59.0908 0156 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/02/02 08:01:00.0013 0156 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/02/02 08:01:00.0100 0156 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/02/02 08:01:00.0170 0156 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/02/02 08:01:00.0293 0156 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/02/02 08:01:00.0476 0156 smwdm (1319ea66a96250d59665d133c0ff7cd0) C:\Windows\system32\drivers\smwdm.sys 2011/02/02 08:01:00.0549 0156 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/02/02 08:01:00.0669 0156 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS 2011/02/02 08:01:00.0772 0156 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS 2011/02/02 08:01:00.0857 0156 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2011/02/02 08:01:00.0914 0156 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2011/02/02 08:01:01.0015 0156 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2011/02/02 08:01:01.0159 0156 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/02/02 08:01:01.0250 0156 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/02/02 08:01:01.0399 0156 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS 2011/02/02 08:01:01.0644 0156 SymEFA (1c91df5188150510a6f0cf78f7d94b69) C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS 2011/02/02 08:01:01.0826 0156 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\Windows\system32\Drivers\SYMEVENT.SYS 2011/02/02 08:01:02.0316 0156 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS 2011/02/02 08:01:02.0901 0156 SYMTDIv (bf610335eda8d9026e45b4ac73d0de58) C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS 2011/02/02 08:01:03.0356 0156 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/02/02 08:01:03.0485 0156 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/02/02 08:01:03.0864 0156 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/02/02 08:01:04.0312 0156 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/02/02 08:01:04.0797 0156 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/02/02 08:01:04.0984 0156 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/02/02 08:01:05.0164 0156 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/02/02 08:01:05.0251 0156 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/02/02 08:01:05.0378 0156 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/02/02 08:01:05.0672 0156 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/02/02 08:01:05.0788 0156 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/02/02 08:01:05.0845 0156 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys 2011/02/02 08:01:05.0913 0156 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/02/02 08:01:06.0008 0156 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/02/02 08:01:06.0212 0156 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/02/02 08:01:06.0321 0156 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/02/02 08:01:06.0389 0156 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/02/02 08:01:06.0814 0156 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/02/02 08:01:07.0091 0156 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/02/02 08:01:07.0607 0156 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys 2011/02/02 08:01:08.0015 0156 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys 2011/02/02 08:01:08.0214 0156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/02/02 08:01:08.0358 0156 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/02/02 08:01:08.0511 0156 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/02/02 08:01:08.0621 0156 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/02/02 08:01:08.0694 0156 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/02/02 08:01:08.0832 0156 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/02/02 08:01:08.0884 0156 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/02/02 08:01:08.0976 0156 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/02/02 08:01:09.0036 0156 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/02/02 08:01:09.0113 0156 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/02/02 08:01:09.0175 0156 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/02/02 08:01:09.0398 0156 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/02/02 08:01:09.0508 0156 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/02/02 08:01:09.0581 0156 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/02/02 08:01:09.0665 0156 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/02/02 08:01:09.0791 0156 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/02/02 08:01:09.0907 0156 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/02/02 08:01:09.0973 0156 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/02/02 08:01:10.0014 0156 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/02/02 08:01:10.0139 0156 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/02/02 08:01:10.0236 0156 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/02/02 08:01:10.0543 0156 winachsf (ab7646d4cb9bb83d29d21ef7e00a0d15) C:\Windows\system32\DRIVERS\HSF_CNXT.sys 2011/02/02 08:01:10.0841 0156 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/02/02 08:01:11.0023 0156 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/02/02 08:01:11.0158 0156 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/02/02 08:01:11.0767 0156 ================================================================================ 2011/02/02 08:01:11.0767 0156 Scan finished 2011/02/02 08:01:11.0767 0156 ================================================================================ OTL OTL logfile created on: 2/2/2011 8:04:43 AM - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\k\Desktop Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298.08 Gb Total Space | 153.58 Gb Free Space | 51.52% Space Free | Partition Type: NTFS Drive D: | 624.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 232.88 Gb Total Space | 116.45 Gb Free Space | 50.00% Space Free | Partition Type: NTFS Computer Name: PC-3 | User Name: k | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe PRC - [2011/01/07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/01/20 21:21:41 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe ========== Modules (SafeList) ========== MOD - [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe MOD - [2011/01/23 00:29:20 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\msvcr90.dll MOD - [2011/01/23 00:29:20 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\msvcp90.dll MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360) SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/01/20 21:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/01/22 21:13:45 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVEX15.SYS -- (NAVEX15) DRV - [2011/01/22 21:13:45 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110201.003\NAVENG.SYS -- (NAVENG) DRV - [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011/01/02 12:18:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011/01/01 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2011/01/01 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/12/01 01:03:34 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110131.001\IDSvix86.sys -- (IDSVix86) DRV - [2010/11/23 03:34:08 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv) DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON) DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA) DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP) DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP) DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS) DRV - [2008/01/20 21:21:57 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass) DRV - [2008/01/20 21:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 21:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 21:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 21:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 21:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 21:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 21:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 21:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 21:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 21:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 21:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 21:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 21:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 21:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 21:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 21:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 21:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 21:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 21:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 21:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 21:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 21:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 21:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 21:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2005/05/23 10:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/05/23 10:30:50 | 000,229,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSFHWBS2.sys -- (HSFHWBS2) DRV - [2005/05/23 10:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSF_CNXT.sys -- (winachsf) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?st=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2011/01/02 17:08:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2011/01/02 12:20:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/04 12:54:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/04 12:54:56 | 000,000,000 | ---D | M] O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s...ri_4.4.13.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.67.27 213.109.72.22 1.1.1.1 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg O24 - Desktop BackupWallPaper: C:\Users\k\Desktop\Backgrounds\1270970427796.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005/03/30 01:39:08 | 000,000,048 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2008/12/15 04:52:18 | 000,000,080 | ---- | M] () - E:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{1658d404-1698-11e0-bc6f-0007e942b8b6}\Shell\AutoRun\command - "" = E:\wdsync.exe O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{65633d81-f8ad-11df-938d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DATA\STUBSTUB.EXE -- [2005/04/01 07:16:07 | 000,010,240 | R--- | M] (ArenaNet) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/02/02 08:02:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe [2011/02/02 07:53:59 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe [2011/02/02 07:50:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{D76FD82B-FA59-4188-A2DF-67042DC86ADC} [2011/02/01 14:44:56 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{510AE91C-6DCD-4999-804F-AECDE2D6293E} [2011/02/01 14:21:09 | 001,360,472 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe [2011/02/01 02:44:43 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{2974EE54-CBF8-4F6E-8C9E-945FAE5FE2F7} [2011/01/31 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0471B5EB-7174-421A-BB05-C9B8E57CF681} [2011/01/31 02:44:17 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{E920A6F0-F7E2-4463-A4B0-4494531F6CAC} [2011/01/30 14:44:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{B013FC51-886C-4C59-9ABF-F426869744B8} [2011/01/30 07:40:10 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\Guild Wars [2011/01/30 07:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars [2011/01/30 02:43:53 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{8A307458-C42C-49FB-A4F8-98C7F99690BB} [2011/01/29 04:51:54 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{F4334F42-857D-4CFA-9298-3C50DCC1C73C} [2011/01/28 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ti 83 [2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TI Shared [2011/01/28 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\TI Education [2011/01/28 16:51:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{708C86DE-44D4-43DC-96EB-6D1651636844} [2011/01/27 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{03784383-AB5F-4EC4-AF82-B379CA02A81F} [2011/01/26 20:56:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Essentials Codec Pack [2011/01/26 20:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack [2011/01/26 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{EC8463CE-7AAC-49FA-95AD-53A7669321BA} [2011/01/26 01:28:25 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{0535FC7E-42EC-40C3-8000-1E8DD30778EF} [2011/01/26 01:28:03 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{341056B5-BFBD-4AC9-B7B8-BFDA250A50E5} [2011/01/25 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{9B1B80AC-FA57-43A5-96CA-6184033112F6} [2011/01/25 01:26:01 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{CA8B584A-DD0C-417F-9394-951BA995FAE7} [2011/01/24 23:03:05 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\WinRAR [2011/01/24 23:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/01/24 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{17919AB4-9A84-4500-A2C9-9D9433FA99AF} [2011/01/24 01:37:42 | 000,000,000 | ---D | C] -- C:\Users\k\Documents\My Received Files [2011/01/24 01:25:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{81BF7F96-C8CC-4242-A042-E2D6164A558F} [2011/01/23 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{60DF154A-B22B-4E45-B4C1-39553FA69344} [2011/01/23 06:18:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\PeerNetworking [2011/01/23 05:33:22 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs [2011/01/23 02:49:24 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Malwarebytes [2011/01/23 02:49:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/01/23 02:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/23 02:49:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/01/23 02:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/23 01:58:56 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\Backgrounds [2011/01/23 01:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/23 01:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2011/01/23 00:44:13 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Media Player Classic [2011/01/23 00:38:21 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\{40A4D48A-F70B-438C-A802-BDB83E587D66} [2011/01/23 00:38:01 | 000,000,000 | ---D | C] -- C:\Users\k\Tracing [2011/01/23 00:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2011/01/23 00:25:57 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\Windows Live [2011/01/23 00:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2011/01/23 00:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011/01/23 00:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011/01/23 00:14:21 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011/01/23 00:14:21 | 010,467,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011/01/23 00:14:21 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011/01/23 00:14:21 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011/01/23 00:14:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011/01/23 00:14:20 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011/01/23 00:14:20 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011/01/23 00:14:20 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011/01/23 00:14:19 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011/01/23 00:14:19 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011/01/23 00:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011/01/23 00:12:30 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011/01/22 22:00:50 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\LolClient [2011/01/22 21:44:48 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/22 21:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011/01/22 21:23:34 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011/01/22 21:21:14 | 000,000,000 | ---D | C] -- C:\Users\k\Desktop\New Folder (2) [2011/01/14 09:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahead Nero [2011/01/14 09:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead [2011/01/14 09:03:53 | 000,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll [2011/01/14 09:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2011/01/07 21:06:44 | 000,580,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll [2011/01/07 21:06:34 | 003,597,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2011/01/07 21:06:14 | 002,620,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2011/01/07 21:06:02 | 000,111,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2011/01/07 21:06:02 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2011/01/04 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter [2011/01/04 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter [2011/01/04 12:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter [2011/01/04 12:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011/01/04 11:16:39 | 000,000,000 | ---D | C] -- C:\Users\k\AppData\Local\CrashDumps ========== Files - Modified Within 30 Days ========== [2011/02/02 08:03:44 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/02/02 08:03:44 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/02/02 08:02:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\OTL.exe [2011/02/02 07:59:43 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/02 07:59:43 | 000,002,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/02 07:59:27 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\WGASetup.job [2011/02/02 07:58:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/02 07:58:43 | 2146,230,272 | -HS- | M] () -- C:\hiberfil.sys [2011/02/02 07:53:54 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\k\Desktop\TFC.exe [2011/02/01 19:36:12 | 004,263,406 | ---- | M] () -- C:\Users\k\Desktop\Combo-Fix.exe [2011/02/01 19:31:42 | 001,723,428 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB [2011/02/01 19:30:16 | 000,000,466 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for k.job [2011/02/01 18:22:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/02/01 16:58:39 | 000,002,131 | ---- | M] () -- C:\Users\k\Desktop\ark.zip [2011/02/01 16:58:33 | 000,001,777 | ---- | M] () -- C:\Users\k\Desktop\Attach.zip [2011/02/01 15:53:44 | 000,296,448 | ---- | M] () -- C:\Users\k\Desktop\gdpjer02.exe [2011/02/01 15:53:26 | 000,624,128 | ---- | M] () -- C:\Users\k\Desktop\dds.scr [2011/02/01 15:53:16 | 000,000,000 | ---- | M] () -- C:\Users\k\defogger_reenable [2011/02/01 15:44:10 | 000,050,477 | ---- | M] () -- C:\Users\k\Desktop\Defogger.exe [2011/02/01 15:26:15 | 000,028,160 | ---- | M] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/01 10:36:10 | 001,360,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\k\Desktop\TDSSKiller.exe [2011/02/01 09:39:32 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job [2011/01/30 22:25:59 | 000,000,515 | ---- | M] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk [2011/01/28 18:19:45 | 000,000,073 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/01/28 18:19:44 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk [2011/01/24 23:59:16 | 000,000,162 | -H-- | M] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/24 23:55:05 | 000,048,128 | ---- | M] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/23 18:48:04 | 000,000,606 | ---- | M] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk [2011/01/23 06:18:24 | 000,018,770 | ---- | M] () -- C:\Users\k\AppData\Roaming\UserTile.png [2011/01/23 03:05:15 | 000,375,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/01/23 02:49:16 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/23 01:01:12 | 000,001,055 | ---- | M] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk [2011/01/23 00:44:31 | 004,411,392 | ---- | M] (Gabest) -- C:\Users\k\Desktop\mplayerc.exe [2011/01/22 22:50:23 | 000,000,290 | ---- | M] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk [2011/01/22 22:35:48 | 000,001,356 | ---- | M] () -- C:\Users\k\AppData\Local\d3d9caps.dat [2011/01/22 21:26:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/01/07 22:27:00 | 015,047,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011/01/07 22:27:00 | 013,011,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011/01/07 22:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011/01/07 22:27:00 | 010,078,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011/01/07 22:27:00 | 004,941,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011/01/07 22:27:00 | 002,895,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011/01/07 22:27:00 | 002,251,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011/01/07 22:27:00 | 001,965,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011/01/07 22:27:00 | 000,941,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011/01/07 22:27:00 | 000,837,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011/01/07 22:27:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011/01/07 22:27:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011/01/07 22:27:00 | 000,004,756 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2011/01/07 21:06:44 | 000,580,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\easyUpdatusAPIU.dll [2011/01/07 21:06:34 | 003,597,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2011/01/07 21:06:14 | 002,620,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2011/01/07 21:06:02 | 000,111,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2011/01/07 21:06:02 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2011/01/04 12:55:01 | 000,001,390 | ---- | M] () -- C:\Users\k\Desktop\DivX Movies.lnk [2011/01/04 12:54:44 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011/01/04 12:53:57 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011/01/04 11:10:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk ========== Files Created - No Company Name ========== [2011/02/01 19:36:22 | 004,263,406 | ---- | C] () -- C:\Users\k\Desktop\Combo-Fix.exe [2011/02/01 16:58:39 | 000,002,131 | ---- | C] () -- C:\Users\k\Desktop\ark.zip [2011/02/01 16:58:33 | 000,001,777 | ---- | C] () -- C:\Users\k\Desktop\Attach.zip [2011/02/01 15:53:42 | 000,296,448 | ---- | C] () -- C:\Users\k\Desktop\gdpjer02.exe [2011/02/01 15:53:23 | 000,624,128 | ---- | C] () -- C:\Users\k\Desktop\dds.scr [2011/02/01 15:53:16 | 000,000,000 | ---- | C] () -- C:\Users\k\defogger_reenable [2011/02/01 15:44:10 | 000,050,477 | ---- | C] () -- C:\Users\k\Desktop\Defogger.exe [2011/01/30 22:26:04 | 000,000,515 | ---- | C] () -- C:\Users\k\Desktop\Gw - Shortcut.lnk [2011/01/28 18:19:44 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\TI-83 Plus Flash Debugger.lnk [2011/01/24 23:59:16 | 000,000,162 | -H-- | C] () -- C:\Users\k\Desktop\~$M_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/24 23:55:05 | 000,048,128 | ---- | C] () -- C:\Users\k\Desktop\CHM_2045L_FRAHN_SPRING_2011_THURSDAY_7.DOC [2011/01/24 22:22:38 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job [2011/01/23 18:48:08 | 000,000,606 | ---- | C] () -- C:\Users\k\Desktop\lol.launcher - Shortcut.lnk [2011/01/23 06:18:24 | 000,018,770 | ---- | C] () -- C:\Users\k\AppData\Roaming\UserTile.png [2011/01/23 02:49:16 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/23 01:01:12 | 000,001,055 | ---- | C] () -- C:\Users\k\Desktop\Spybot - Search & Destroy.lnk [2011/01/23 00:32:25 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/01/23 00:14:21 | 000,004,756 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2011/01/22 22:50:23 | 000,000,290 | ---- | C] () -- C:\Users\k\Desktop\Expansion Drive (E) - Shortcut.lnk [2011/01/22 22:37:13 | 2146,230,272 | -HS- | C] () -- C:\hiberfil.sys [2011/01/04 12:55:01 | 000,001,390 | ---- | C] () -- C:\Users\k\Desktop\DivX Movies.lnk [2011/01/04 12:54:44 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011/01/04 12:53:57 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011/01/04 11:10:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk [2011/01/02 13:05:27 | 000,028,160 | ---- | C] () -- C:\Users\k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/26 11:49:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/11/25 11:23:07 | 000,001,356 | ---- | C] () -- C:\Users\k\AppData\Local\d3d9caps.dat [2010/11/07 14:58:39 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI [2008/01/20 21:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2006/11/02 07:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== LOP Check ========== [2011/01/02 15:56:14 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\Local [2011/01/22 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\LolClient [2010/11/25 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\MSNInstaller [2011/01/23 06:18:24 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\PeerNetworking [2011/01/02 16:54:09 | 000,000,000 | ---D | M] -- C:\Users\k\AppData\Roaming\Uniblue [2008/01/20 21:54:58 | 000,003,456 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/02/02 07:59:22 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\WGASetup.job ========== Purity Check ========== < End of report > Extras.Txt
  11. Snuggles
    I have been having problems with web searches redirecting me to other sites. First it started on my laptop(wireless) and now it's on my desktop(wired). Malwarebytes is below the DDS. These are all reports on my desktop - I don't use my laptop anymore. Thank you for your help! Here is the DDS: DDS (Ver_10-12-12.02) - NTFSx86 Run by k at 15:58:25.05 on Tue 02/01/2011 Internet Explorer: 8.0.6001.18999 Microsoft ark.zip Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.