Jump to content

AV security 2012


Recommended Posts

Hello tabracing! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Once OTL has completed its first scan it will save notepad copies of the scans in the folder that OTL was started from. Unless set to produce an Extras log it will only produce OTL.txt in subsequent scans.

A copy of an OTL fix log is saved in a text file at

  • :\_OTL\MovedFiles
    • in most cases this will be C:\_OTL\MovedFiles

Link to post
Share on other sites

You have two installed and active antivirus programs on your system:

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}

AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

Two antivirus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove one of them. I suggest you to uninstall Spyware Doctor with AntiVirus.

Temporarily disable AVG:

http://www.bleepingcomputer.com/forums/topic114351.html/page__p__649843#entry649843

Try again with OTL.

Link to post
Share on other sites

My post was too long. Here is OTL.txt

OTL logfile created on: 11/19/2011 11:24:45 AM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Office Depot\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.80 Mb Total Physical Memory | 274.57 Mb Available Physical Memory | 53.75% Memory free

1.22 Gb Paging File | 0.93 Gb Available in Paging File | 76.02% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 13.97 Gb Total Space | 1.66 Gb Free Space | 11.87% Space Free | Partition Type: NTFS

Drive D: | 55.55 Gb Total Space | 55.51 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: NOICEPUTER | User Name: Office Depot | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Office Depot\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\WINDOWS\system32\ping.exe (Microsoft Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\ntusbw32.dll ()

MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()

MOD - \\.\globalroot\systemroot\system32\mswsock.dll ()

MOD - C:\WINDOWS\system32\ati2evxx.dll ()

========== Win32 Services (SafeList) ==========

SRV - (intelusb3) -- File not found

SRV - (AppMgmt) -- File not found

SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)

SRV - (SDHookService) -- C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe (Safer-Networking Ltd.)

SRV - (SDUpdateService) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)

SRV - (SDScannerService) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)

SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (ThreatFire) -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe (PC Tools)

SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)

SRV - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)

SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)

SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)

SRV - (VAIO Entertainment File Import Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe (Sony Corporation)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (VAIO Entertainment UPnP Client Adapter) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe ()

SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-VideoServer-AppServer) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe (Sony Corporation)

========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)

DRV - (TFSysMon) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)

DRV - (TfNetMon) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)

DRV - (TfFsMon) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)

DRV - (pctplsg) -- C:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)

DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)

DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)

DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)

DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)

DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)

DRV - (w29n51) Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)

DRV - (SONYTVC) -- C:\WINDOWS\system32\drivers\SONYTVC.sys (Sony Corporation)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (w22n51) Intel® -- C:\WINDOWS\system32\drivers\w22n51.sys (Intel® Corporation)

DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)

DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)

DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)

DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)

DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()

DRV - (gv3) -- C:\WINDOWS\system32\drivers\gv3.sys (Microsoft Corporation)

DRV - (SPI) -- C:\WINDOWS\system32\drivers\SonyPI.sys (Sony Corporation)

DRV - (USBIO) USBIO Driver (usbio.sys) -- C:\WINDOWS\system32\drivers\usbio.sys (Thesycon GmbH, Germany)

DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)

DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pennstate.scout.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm

IE - HKCU\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - SOFTWARE\Classes\CLSID\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}\InprocServer32 File not found

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/18 18:07:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/04/28 18:50:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/11/15 22:00:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

[2011/04/28 19:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Office Depot\Application Data\Mozilla\Extensions

[2011/04/28 19:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Office Depot\Application Data\Mozilla\Extensions\mozswing@mozswing.org

Hosts file not found

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - No CLSID value found.

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" irprops.cpl,,BluetoothAuthenticationAgent File not found

O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)

O4 - HKLM..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe ()

O4 - HKLM..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)

O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [sDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)

O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemydsl.verizon.net/sdcCommon/download/DSL/Verizon%20High%20Speed%20Internet%20Installer.cab (Reg Error: Key error.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1217611028997 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://www.shockwave.com/content/feedingfrenzy/sis/SproutLauncher.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7249C4A6-186E-4697-8680-5589C1C0F09B}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\intelsusb: DllName - (ntusbw32.dll) - C:\WINDOWS\System32\ntusbw32.dll ()

O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O20 - Winlogon\Notify\ntusbw32: DllName - (ntusbw32.dll) - C:\WINDOWS\System32\ntusbw32.dll ()

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Office Depot\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/04/27 20:15:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{5512f770-4e67-11e0-9d8b-080046d9ea95}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe

O33 - MountPoints2\{cc91c836-c032-11d9-9ccc-000e35279ddb}\Shell\AutoRun\command - "" = G:\setup\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/19 11:23:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Office Depot\Desktop\OTL.exe

[2011/11/17 22:48:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Office Depot\My Documents\My Videos

[2011/11/17 22:48:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Office Depot\Desktop\dds.scr

[2011/11/17 20:44:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/11/17 18:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/11/17 18:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy 2

[2011/11/17 18:17:14 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe

[2011/11/17 18:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2

[2011/11/16 17:57:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Office Depot\Recent

[2011/11/15 23:19:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\Registry Mechanic

[2011/11/15 23:11:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Registry Mechanic

[2011/11/15 23:11:13 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx

[2011/11/15 23:11:13 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx

[2011/11/15 23:11:13 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx

[2011/11/15 23:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools

[2011/11/15 23:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\Product_RM

[2011/11/15 21:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security

[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\yEEED7ilEViWCuA

[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\GAAX5yhm4tnLrI2

[2011/11/15 19:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\Malwarebytes

[2011/11/15 18:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/11/15 18:42:08 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/11/15 18:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/11/14 21:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\EIKK2edUJw

[2011/11/14 21:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\KttggOL3rbKevJs

[2011/11/14 19:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Local Settings\Application Data\Threat Expert

[2011/11/14 19:44:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\w8lF8lD7kS6j5Pg

[2011/11/14 19:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\epRBoEViWCAh4Of

[2011/11/14 19:38:51 | 000,069,392 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys

[2011/11/14 19:38:50 | 000,051,984 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys

[2011/11/14 19:38:50 | 000,033,552 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys

[2011/11/14 19:33:27 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2011/11/14 19:33:23 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2011/11/14 19:33:15 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2011/11/14 19:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer

[2011/11/14 18:46:59 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys

[2011/11/14 18:46:59 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys

[2011/11/14 18:46:58 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2011/11/14 18:46:51 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2011/11/14 18:46:51 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2011/11/14 18:46:40 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2011/11/14 18:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security

[2011/11/14 18:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2011/11/14 18:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\PC Tools

[2011/11/14 18:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/11/14 18:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\N2edvJ1sY0aTqT9

[2011/11/14 18:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\NqxqxG9F8lDiSuA

[2011/11/13 22:50:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun

[2011/11/13 21:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia

[2011/11/13 21:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

[2011/11/13 21:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\B7C2A

[2011/11/13 21:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\B4EB7

[2011/11/13 21:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\LP

[2011/11/13 21:06:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Start Menu\Programs\AV Security 2012

[2011/11/13 21:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\kDV7iWS6jA5jXhZ

[2011/11/13 21:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\tOL3rbI2dU1sH

[2011/11/13 21:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\g9pzRB8lViWCjXh

[2011/11/13 21:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\n7ikWC6jA

[2011/10/24 17:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2011/10/24 17:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/10/24 17:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/10/24 17:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/19 11:23:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Office Depot\Desktop\OTL.exe

[2011/11/19 11:20:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/11/19 10:59:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/11/19 10:59:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/11/17 22:48:14 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Office Depot\Desktop\dds.scr

[2011/11/17 22:21:03 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job

[2011/11/17 21:38:54 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Office Depot\Desktop\hosts-perm.bat

[2011/11/17 21:31:08 | 052,183,040 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

[2011/11/17 20:44:18 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/11/17 19:24:43 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job

[2011/11/17 19:24:43 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/11/17 19:05:19 | 000,000,738 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2011/11/17 18:17:29 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk

[2011/11/16 11:14:58 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\ntusbw32.dll

[2011/11/15 23:11:15 | 000,000,978 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Registry Mechanic.lnk

[2011/11/15 21:59:05 | 000,728,996 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/11/15 21:53:47 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk

[2011/11/15 18:43:14 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/14 18:45:54 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Office Depot\Desktop\sdasetup_revwire207[1].exe

[2011/11/07 22:02:09 | 000,778,628 | ---- | M] () -- C:\Documents and Settings\Office Depot\My Documents\jersey2.JPG

[2011/11/07 22:01:00 | 000,898,239 | ---- | M] () -- C:\Documents and Settings\Office Depot\My Documents\jersey1.JPG

[2011/11/07 21:58:51 | 000,860,219 | ---- | M] () -- C:\Documents and Settings\Office Depot\My Documents\jersey.JPG

[2011/11/06 18:17:13 | 000,466,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/11/06 18:17:13 | 000,078,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/10/25 13:44:44 | 000,037,336 | ---- | M] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2011/10/24 17:44:37 | 000,001,101 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2011/10/24 17:41:17 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/17 21:38:47 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Office Depot\Desktop\hosts-perm.bat

[2011/11/17 19:01:47 | 000,000,738 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2011/11/17 18:17:51 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job

[2011/11/17 18:17:51 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/11/17 18:17:51 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job

[2011/11/17 18:17:29 | 000,001,860 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot-S&D Start Center.lnk

[2011/11/17 18:17:29 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk

[2011/11/16 11:14:58 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\ntusbw32.dll

[2011/11/15 23:11:15 | 000,000,978 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Registry Mechanic.lnk

[2011/11/15 23:11:12 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2011/11/15 21:57:47 | 000,728,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/11/15 21:53:46 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk

[2011/11/15 18:43:14 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/14 19:33:28 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2011/11/14 19:33:28 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2011/11/14 19:33:28 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2011/11/14 19:33:27 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2011/11/14 19:33:26 | 000,002,125 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2011/11/14 18:36:55 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Office Depot\Desktop\sdasetup_revwire207[1].exe

[2011/11/13 22:50:13 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/11/07 22:01:51 | 000,778,628 | ---- | C] () -- C:\Documents and Settings\Office Depot\My Documents\jersey2.JPG

[2011/11/07 22:00:54 | 000,898,239 | ---- | C] () -- C:\Documents and Settings\Office Depot\My Documents\jersey1.JPG

[2011/11/07 21:58:38 | 000,860,219 | ---- | C] () -- C:\Documents and Settings\Office Depot\My Documents\jersey.JPG

[2011/10/24 17:41:17 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/04/28 18:53:16 | 000,028,985 | ---- | C] () -- C:\WINDOWS\System32\bushnellyardageprosync_uninst.exe

[2010/03/17 08:01:16 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Office Depot\Application Data\setup_ldm.iss

[2009/07/01 14:51:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI

[2009/03/13 08:02:15 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2009/03/13 08:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat

[2008/05/16 09:11:50 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2007/09/18 15:59:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\arhelper.INI

[2007/04/13 20:20:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI

[2006/11/13 10:36:10 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Office Depot\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/11/01 16:55:46 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll

[2006/11/01 16:55:45 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll

[2006/01/24 16:17:14 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll

[2006/01/24 16:17:14 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll

[2005/09/23 11:29:03 | 000,708,725 | ---- | C] () -- C:\WINDOWS\System32\IPExVB.dll

[2005/03/19 17:49:36 | 000,000,483 | ---- | C] () -- C:\WINDOWS\eReg.dat

[2005/02/10 22:54:00 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe

[2005/02/06 13:49:37 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005/01/19 09:54:36 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\NCSPI8EN.DLL

[2005/01/19 09:54:05 | 000,022,480 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI16.DLL

[2005/01/19 09:54:05 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI32.DLL

[2005/01/16 14:30:15 | 000,001,427 | ---- | C] () -- C:\WINDOWS\ipconfig.dat

[2005/01/16 14:25:28 | 000,001,368 | ---- | C] () -- C:\WINDOWS\checkip.dat

[2005/01/12 15:21:35 | 000,038,479 | ---- | C] () -- C:\Documents and Settings\Office Depot\Application Data\Comma Separated Values (DOS).ADR

[2005/01/10 22:43:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CPC10Q.INI

[2005/01/10 22:41:52 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\CNCMFP13.INI

[2005/01/03 10:08:55 | 000,023,308 | ---- | C] () -- C:\Documents and Settings\Office Depot\Application Data\Tab Separated Values (DOS).ADR

[2005/01/02 16:34:42 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Office Depot\Local Settings\Application Data\fusioncache.dat

[2004/11/20 17:31:52 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini

[2004/05/28 17:16:04 | 000,606,208 | ---- | C] () -- C:\WINDOWS\System32\lpykrp.exe

[2004/05/28 17:06:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\System32\Sony XBRITE.ini

[2004/05/28 17:05:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2004/05/28 16:58:17 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Px.ini

[2004/05/28 16:51:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2004/05/28 16:51:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2004/05/28 16:51:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2004/05/28 16:51:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2004/05/28 16:51:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2004/05/28 16:51:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2004/04/28 16:49:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2004/04/28 16:28:09 | 000,000,903 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI

[2004/04/28 16:25:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll

[2004/04/28 16:21:54 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

[2004/04/28 16:19:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe

[2004/04/28 16:18:45 | 000,090,832 | ---- | C] () -- C:\WINDOWS\NSUninst.exe

[2004/04/28 16:18:39 | 000,009,192 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2004/04/28 14:40:24 | 001,137,512 | ---- | C] () -- C:\WINDOWS\q323183_wxp_sp2_x86_enu.exe

[2004/04/28 14:33:07 | 000,111,552 | ---- | C] () -- C:\WINDOWS\setup.exe

[2004/04/28 14:25:22 | 000,526,184 | ---- | C] () -- C:\WINDOWS\q329692.exe

[2004/04/28 14:21:58 | 000,236,392 | ---- | C] () -- C:\WINDOWS\q329112.exe

[2004/04/28 14:18:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2004/04/28 14:10:28 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\elcric.dat

[2004/04/28 13:43:36 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2004/04/27 20:20:58 | 000,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004/04/27 20:17:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004/04/27 20:13:31 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004/04/27 20:02:59 | 000,372,428 | ---- | C] () -- C:\WINDOWS\System32\drivers\SNYTVC6.DAT

[2004/04/27 20:02:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

[2004/04/27 20:02:46 | 000,005,786 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys

[2004/04/27 20:02:37 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe

[2004/04/27 20:02:37 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

[2004/04/27 20:02:19 | 000,000,730 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2004/04/27 20:02:02 | 000,466,644 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/04/27 20:02:02 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/04/27 20:02:02 | 000,078,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/04/27 20:02:02 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/04/27 20:02:01 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2004/04/27 20:02:01 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2004/04/27 20:02:01 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2004/04/27 20:01:57 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/04/27 20:01:57 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/04/27 20:01:52 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/04/27 20:01:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004/04/27 13:07:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/04/27 13:06:30 | 000,333,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2002/11/14 14:58:04 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll

[2002/11/14 14:58:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll

[2002/11/14 14:58:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll

[2002/11/14 14:58:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll

[2002/11/14 14:58:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll

[2002/06/12 14:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll

[2002/04/02 19:08:34 | 000,311,108 | ---- | C] () -- C:\WINDOWS\ml-cleanup.exe

========== LOP Check ==========

[2011/07/14 17:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2006/04/27 11:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software

[2011/05/22 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES

[2009/03/08 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse

[2009/03/10 17:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games

[2011/07/14 17:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2011/11/17 22:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/04/07 08:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2009/04/06 12:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent

[2009/03/14 07:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

[2011/03/16 21:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011/05/22 14:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\AVG10

[2011/11/17 20:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\B4EB7

[2008/06/19 15:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Canon

[2011/11/14 21:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\EIKK2edUJw

[2011/11/14 19:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\epRBoEViWCAh4Of

[2011/11/13 21:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\g9pzRB8lViWCjXh

[2011/11/15 21:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\GAAX5yhm4tnLrI2

[2005/09/26 13:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\InterVideo

[2011/11/13 21:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\kDV7iWS6jA5jXhZ

[2011/11/14 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\KttggOL3rbKevJs

[2007/07/16 13:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Leadertech

[2011/11/14 18:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\N2edvJ1sY0aTqT9

[2011/11/13 21:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\n7ikWC6jA

[2011/11/14 18:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\NqxqxG9F8lDiSuA

[2011/11/15 23:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Product_RM

[2011/11/16 19:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Registry Mechanic

[2004/12/31 17:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Template

[2011/11/13 21:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\tOL3rbI2dU1sH

[2008/04/07 08:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Viewpoint

[2011/11/14 19:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\w8lF8lD7kS6j5Pg

[2011/11/15 21:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\yEEED7ilEViWCuA

[2011/11/17 22:21:03 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job

[2011/11/17 19:24:43 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/11/17 19:24:43 | 000,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC4C6FB4

< End of report >

Link to post
Share on other sites

and extras.

OTL logfile created on: 11/19/2011 11:24:45 AM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Office Depot\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.80 Mb Total Physical Memory | 274.57 Mb Available Physical Memory | 53.75% Memory free

1.22 Gb Paging File | 0.93 Gb Available in Paging File | 76.02% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 13.97 Gb Total Space | 1.66 Gb Free Space | 11.87% Space Free | Partition Type: NTFS

Drive D: | 55.55 Gb Total Space | 55.51 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: NOICEPUTER | User Name: Office Depot | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Office Depot\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\WINDOWS\system32\ping.exe (Microsoft Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\ntusbw32.dll ()

MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()

MOD - \\.\globalroot\systemroot\system32\mswsock.dll ()

MOD - C:\WINDOWS\system32\ati2evxx.dll ()

========== Win32 Services (SafeList) ==========

SRV - (intelusb3) -- File not found

SRV - (AppMgmt) -- File not found

SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)

SRV - (SDHookService) -- C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe (Safer-Networking Ltd.)

SRV - (SDUpdateService) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)

SRV - (SDScannerService) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)

SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)

SRV - (ThreatFire) -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe (PC Tools)

SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)

SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)

SRV - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)

SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)

SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)

SRV - (VAIO Entertainment File Import Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe (Sony Corporation)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (VAIO Entertainment UPnP Client Adapter) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe ()

SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-VideoServer-AppServer) -- C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe (Sony Corporation)

========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)

DRV - (TFSysMon) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)

DRV - (TfNetMon) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)

DRV - (TfFsMon) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)

DRV - (pctplsg) -- C:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools)

DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)

DRV - (pctEFA) -- C:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)

DRV - (pctDS) -- C:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)

DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)

DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)

DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)

DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)

DRV - (w29n51) Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)

DRV - (SONYTVC) -- C:\WINDOWS\system32\drivers\SONYTVC.sys (Sony Corporation)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (w22n51) Intel® -- C:\WINDOWS\system32\drivers\w22n51.sys (Intel® Corporation)

DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)

DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)

DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)

DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)

DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()

DRV - (gv3) -- C:\WINDOWS\system32\drivers\gv3.sys (Microsoft Corporation)

DRV - (SPI) -- C:\WINDOWS\system32\drivers\SonyPI.sys (Sony Corporation)

DRV - (USBIO) USBIO Driver (usbio.sys) -- C:\WINDOWS\system32\drivers\usbio.sys (Thesycon GmbH, Germany)

DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)

DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pennstate.scout.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm

IE - HKCU\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - SOFTWARE\Classes\CLSID\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}\InprocServer32 File not found

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/18 18:07:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/04/28 18:50:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/11/15 22:00:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/08/23 19:10:30 | 000,000,000 | ---D | M]

[2011/04/28 19:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Office Depot\Application Data\Mozilla\Extensions

[2011/04/28 19:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Office Depot\Application Data\Mozilla\Extensions\mozswing@mozswing.org

Hosts file not found

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - No CLSID value found.

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] "rundll32.exe" irprops.cpl,,BluetoothAuthenticationAgent File not found

O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)

O4 - HKLM..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe ()

O4 - HKLM..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [iSTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)

O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [sDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)

O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemydsl.verizon.net/sdcCommon/download/DSL/Verizon%20High%20Speed%20Internet%20Installer.cab (Reg Error: Key error.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1217611028997 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://www.shockwave.com/content/feedingfrenzy/sis/SproutLauncher.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7249C4A6-186E-4697-8680-5589C1C0F09B}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\intelsusb: DllName - (ntusbw32.dll) - C:\WINDOWS\System32\ntusbw32.dll ()

O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O20 - Winlogon\Notify\ntusbw32: DllName - (ntusbw32.dll) - C:\WINDOWS\System32\ntusbw32.dll ()

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Office Depot\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/04/27 20:15:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{5512f770-4e67-11e0-9d8b-080046d9ea95}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe

O33 - MountPoints2\{cc91c836-c032-11d9-9ccc-000e35279ddb}\Shell\AutoRun\command - "" = G:\setup\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/19 11:23:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Office Depot\Desktop\OTL.exe

[2011/11/17 22:48:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Office Depot\My Documents\My Videos

[2011/11/17 22:48:05 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Office Depot\Desktop\dds.scr

[2011/11/17 20:44:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/11/17 18:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2011/11/17 18:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy 2

[2011/11/17 18:17:14 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe

[2011/11/17 18:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2

[2011/11/16 17:57:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Office Depot\Recent

[2011/11/15 23:19:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\Registry Mechanic

[2011/11/15 23:11:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Registry Mechanic

[2011/11/15 23:11:13 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx

[2011/11/15 23:11:13 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx

[2011/11/15 23:11:13 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx

[2011/11/15 23:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools

[2011/11/15 23:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\Product_RM

[2011/11/15 21:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security

[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\yEEED7ilEViWCuA

[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\GAAX5yhm4tnLrI2

[2011/11/15 19:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\Malwarebytes

[2011/11/15 18:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2011/11/15 18:42:08 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011/11/15 18:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/11/14 21:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\EIKK2edUJw

[2011/11/14 21:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\KttggOL3rbKevJs

[2011/11/14 19:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Local Settings\Application Data\Threat Expert

[2011/11/14 19:44:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\w8lF8lD7kS6j5Pg

[2011/11/14 19:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\epRBoEViWCAh4Of

[2011/11/14 19:38:51 | 000,069,392 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfSysMon.sys

[2011/11/14 19:38:50 | 000,051,984 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfFsMon.sys

[2011/11/14 19:38:50 | 000,033,552 | --S- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\TfNetMon.sys

[2011/11/14 19:33:27 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2011/11/14 19:33:23 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2011/11/14 19:33:15 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2011/11/14 19:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple Computer

[2011/11/14 18:46:59 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys

[2011/11/14 18:46:59 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys

[2011/11/14 18:46:58 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2011/11/14 18:46:51 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys

[2011/11/14 18:46:51 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys

[2011/11/14 18:46:40 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys

[2011/11/14 18:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security

[2011/11/14 18:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2011/11/14 18:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\PC Tools

[2011/11/14 18:36:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools

[2011/11/14 18:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\N2edvJ1sY0aTqT9

[2011/11/14 18:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\NqxqxG9F8lDiSuA

[2011/11/13 22:50:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun

[2011/11/13 21:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia

[2011/11/13 21:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe

[2011/11/13 21:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\B7C2A

[2011/11/13 21:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\B4EB7

[2011/11/13 21:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\LP

[2011/11/13 21:06:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Start Menu\Programs\AV Security 2012

[2011/11/13 21:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\kDV7iWS6jA5jXhZ

[2011/11/13 21:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\tOL3rbI2dU1sH

[2011/11/13 21:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\g9pzRB8lViWCjXh

[2011/11/13 21:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\n7ikWC6jA

[2011/10/24 17:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2011/10/24 17:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/10/24 17:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/10/24 17:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/19 11:23:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Office Depot\Desktop\OTL.exe

[2011/11/19 11:20:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/11/19 10:59:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/11/19 10:59:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/11/17 22:48:14 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Office Depot\Desktop\dds.scr

[2011/11/17 22:21:03 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job

[2011/11/17 21:38:54 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Office Depot\Desktop\hosts-perm.bat

[2011/11/17 21:31:08 | 052,183,040 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

[2011/11/17 20:44:18 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011/11/17 19:24:43 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job

[2011/11/17 19:24:43 | 000,000,324 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/11/17 19:05:19 | 000,000,738 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2011/11/17 18:17:29 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk

[2011/11/16 11:14:58 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\ntusbw32.dll

[2011/11/15 23:11:15 | 000,000,978 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Registry Mechanic.lnk

[2011/11/15 21:59:05 | 000,728,996 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/11/15 21:53:47 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk

[2011/11/15 18:43:14 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/14 18:45:54 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Office Depot\Desktop\sdasetup_revwire207[1].exe

[2011/11/07 22:02:09 | 000,778,628 | ---- | M] () -- C:\Documents and Settings\Office Depot\My Documents\jersey2.JPG

[2011/11/07 22:01:00 | 000,898,239 | ---- | M] () -- C:\Documents and Settings\Office Depot\My Documents\jersey1.JPG

[2011/11/07 21:58:51 | 000,860,219 | ---- | M] () -- C:\Documents and Settings\Office Depot\My Documents\jersey.JPG

[2011/11/06 18:17:13 | 000,466,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/11/06 18:17:13 | 000,078,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/10/25 13:44:44 | 000,037,336 | ---- | M] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2011/10/24 17:44:37 | 000,001,101 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2011/10/24 17:41:17 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/17 21:38:47 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Office Depot\Desktop\hosts-perm.bat

[2011/11/17 19:01:47 | 000,000,738 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2011/11/17 18:17:51 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job

[2011/11/17 18:17:51 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/11/17 18:17:51 | 000,000,324 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job

[2011/11/17 18:17:29 | 000,001,860 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot-S&D Start Center.lnk

[2011/11/17 18:17:29 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk

[2011/11/16 11:14:58 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\ntusbw32.dll

[2011/11/15 23:11:15 | 000,000,978 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PC Tools Registry Mechanic.lnk

[2011/11/15 23:11:12 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2011/11/15 21:57:47 | 000,728,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB

[2011/11/15 21:53:46 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk

[2011/11/15 18:43:14 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/14 19:33:28 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2011/11/14 19:33:28 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2011/11/14 19:33:28 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2011/11/14 19:33:27 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2011/11/14 19:33:26 | 000,002,125 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2011/11/14 18:36:55 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Office Depot\Desktop\sdasetup_revwire207[1].exe

[2011/11/13 22:50:13 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/11/07 22:01:51 | 000,778,628 | ---- | C] () -- C:\Documents and Settings\Office Depot\My Documents\jersey2.JPG

[2011/11/07 22:00:54 | 000,898,239 | ---- | C] () -- C:\Documents and Settings\Office Depot\My Documents\jersey1.JPG

[2011/11/07 21:58:38 | 000,860,219 | ---- | C] () -- C:\Documents and Settings\Office Depot\My Documents\jersey.JPG

[2011/10/24 17:41:17 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/04/28 18:53:16 | 000,028,985 | ---- | C] () -- C:\WINDOWS\System32\bushnellyardageprosync_uninst.exe

[2010/03/17 08:01:16 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Office Depot\Application Data\setup_ldm.iss

[2009/07/01 14:51:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI

[2009/03/13 08:02:15 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat

[2009/03/13 08:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat

[2008/05/16 09:11:50 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI

[2007/09/18 15:59:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\arhelper.INI

[2007/04/13 20:20:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI

[2006/11/13 10:36:10 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Office Depot\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/11/01 16:55:46 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll

[2006/11/01 16:55:45 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll

[2006/01/24 16:17:14 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll

[2006/01/24 16:17:14 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll

[2005/09/23 11:29:03 | 000,708,725 | ---- | C] () -- C:\WINDOWS\System32\IPExVB.dll

[2005/03/19 17:49:36 | 000,000,483 | ---- | C] () -- C:\WINDOWS\eReg.dat

[2005/02/10 22:54:00 | 000,037,027 | ---- | C] () -- C:\WINDOWS\atmoUn.exe

[2005/02/06 13:49:37 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005/01/19 09:54:36 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\NCSPI8EN.DLL

[2005/01/19 09:54:05 | 000,022,480 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI16.DLL

[2005/01/19 09:54:05 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI32.DLL

[2005/01/16 14:30:15 | 000,001,427 | ---- | C] () -- C:\WINDOWS\ipconfig.dat

[2005/01/16 14:25:28 | 000,001,368 | ---- | C] () -- C:\WINDOWS\checkip.dat

[2005/01/12 15:21:35 | 000,038,479 | ---- | C] () -- C:\Documents and Settings\Office Depot\Application Data\Comma Separated Values (DOS).ADR

[2005/01/10 22:43:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CPC10Q.INI

[2005/01/10 22:41:52 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\CNCMFP13.INI

[2005/01/03 10:08:55 | 000,023,308 | ---- | C] () -- C:\Documents and Settings\Office Depot\Application Data\Tab Separated Values (DOS).ADR

[2005/01/02 16:34:42 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Office Depot\Local Settings\Application Data\fusioncache.dat

[2004/11/20 17:31:52 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini

[2004/05/28 17:16:04 | 000,606,208 | ---- | C] () -- C:\WINDOWS\System32\lpykrp.exe

[2004/05/28 17:06:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\System32\Sony XBRITE.ini

[2004/05/28 17:05:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2004/05/28 16:58:17 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Px.ini

[2004/05/28 16:51:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2004/05/28 16:51:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2004/05/28 16:51:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2004/05/28 16:51:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2004/05/28 16:51:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2004/05/28 16:51:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2004/04/28 16:49:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2004/04/28 16:28:09 | 000,000,903 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI

[2004/04/28 16:25:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll

[2004/04/28 16:21:54 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

[2004/04/28 16:19:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe

[2004/04/28 16:18:45 | 000,090,832 | ---- | C] () -- C:\WINDOWS\NSUninst.exe

[2004/04/28 16:18:39 | 000,009,192 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2004/04/28 14:40:24 | 001,137,512 | ---- | C] () -- C:\WINDOWS\q323183_wxp_sp2_x86_enu.exe

[2004/04/28 14:33:07 | 000,111,552 | ---- | C] () -- C:\WINDOWS\setup.exe

[2004/04/28 14:25:22 | 000,526,184 | ---- | C] () -- C:\WINDOWS\q329692.exe

[2004/04/28 14:21:58 | 000,236,392 | ---- | C] () -- C:\WINDOWS\q329112.exe

[2004/04/28 14:18:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2004/04/28 14:10:28 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\elcric.dat

[2004/04/28 13:43:36 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2004/04/27 20:20:58 | 000,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2004/04/27 20:17:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2004/04/27 20:13:31 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2004/04/27 20:02:59 | 000,372,428 | ---- | C] () -- C:\WINDOWS\System32\drivers\SNYTVC6.DAT

[2004/04/27 20:02:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

[2004/04/27 20:02:46 | 000,005,786 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys

[2004/04/27 20:02:37 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe

[2004/04/27 20:02:37 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

[2004/04/27 20:02:19 | 000,000,730 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2004/04/27 20:02:02 | 000,466,644 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/04/27 20:02:02 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/04/27 20:02:02 | 000,078,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/04/27 20:02:02 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/04/27 20:02:01 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2004/04/27 20:02:01 | 000,004,530 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2004/04/27 20:02:01 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2004/04/27 20:01:57 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/04/27 20:01:57 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/04/27 20:01:52 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/04/27 20:01:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004/04/27 13:07:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/04/27 13:06:30 | 000,333,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2002/11/14 14:58:04 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll

[2002/11/14 14:58:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll

[2002/11/14 14:58:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll

[2002/11/14 14:58:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll

[2002/11/14 14:58:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll

[2002/06/12 14:21:12 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll

[2002/04/02 19:08:34 | 000,311,108 | ---- | C] () -- C:\WINDOWS\ml-cleanup.exe

========== LOP Check ==========

[2011/07/14 17:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2006/04/27 11:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software

[2011/05/22 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES

[2009/03/08 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse

[2009/03/10 17:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games

[2011/07/14 17:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2011/11/17 22:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/04/07 08:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2009/04/06 12:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent

[2009/03/14 07:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

[2011/03/16 21:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011/05/22 14:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\AVG10

[2011/11/17 20:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\B4EB7

[2008/06/19 15:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Canon

[2011/11/14 21:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\EIKK2edUJw

[2011/11/14 19:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\epRBoEViWCAh4Of

[2011/11/13 21:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\g9pzRB8lViWCjXh

[2011/11/15 21:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\GAAX5yhm4tnLrI2

[2005/09/26 13:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\InterVideo

[2011/11/13 21:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\kDV7iWS6jA5jXhZ

[2011/11/14 21:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\KttggOL3rbKevJs

[2007/07/16 13:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Leadertech

[2011/11/14 18:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\N2edvJ1sY0aTqT9

[2011/11/13 21:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\n7ikWC6jA

[2011/11/14 18:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\NqxqxG9F8lDiSuA

[2011/11/15 23:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Product_RM

[2011/11/16 19:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Registry Mechanic

[2004/12/31 17:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Template

[2011/11/13 21:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\tOL3rbI2dU1sH

[2008/04/07 08:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\Viewpoint

[2011/11/14 19:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\w8lF8lD7kS6j5Pg

[2011/11/15 21:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Office Depot\Application Data\yEEED7ilEViWCuA

[2011/11/17 22:21:03 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job

[2011/11/17 19:24:43 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job

[2011/11/17 19:24:43 | 000,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC4C6FB4

< End of report >

Link to post
Share on other sites

Sorry.

OTL Extras logfile created on: 11/19/2011 11:24:45 AM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Office Depot\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.80 Mb Total Physical Memory | 274.57 Mb Available Physical Memory | 53.75% Memory free

1.22 Gb Paging File | 0.93 Gb Available in Paging File | 76.02% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 13.97 Gb Total Space | 1.66 Gb Free Space | 11.87% Space Free | Partition Type: NTFS

Drive D: | 55.55 Gb Total Space | 55.51 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: NOICEPUTER | User Name: Office Depot | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 4

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\Program Files\Veetle\Player\VeetleNet.exe" = C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\Program Files\Blubster\Blubster.exe" = C:\Program Files\Blubster\Blubster.exe:*:Enabled:Blubster -- (MP2P Technologies.)

"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer

"C:\Program Files\Veetle\Player\VeetleNet.exe" = C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)

"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01AF4645-78E6-46C4-B528-54863679CC40}" = VAIO SLIT-C Screen Saver

"{01B93B3A-283F-411B-A648-69CABCACC986}" = Canon MF Drivers

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer

"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0

"{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}" = Canon MF Toolbox 4.7.0.0.mf03

"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 3.0

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{266AEE68-5718-4A31-BDD3-D356B1250C70}" = VAIO SLIT Pattern Wallpaper

"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25

"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter

"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes

"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper

"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration

"{48820099-ED7D-424B-890C-9A82EF00656C}" = VAIO Update 2

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater

"{545DB151-1514-4FFC-BF2F-FE8FBBD06987}" = VAIO Power Management

"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service

"{657DD6DA-B07B-40FF-9DBD-2116F7E83CF6}" = OpenMG Secure Module 3.4.00

"{6990A2BF-D1D2-11D3-81BC-00609789C908}" = Sony Video Shared Library

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 3.0

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 2.0.02

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 3.0

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD 5 for VAIO

"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel

"{936FADC9-C609-471A-B6F2-A33E2E660D1A}" = Sony Notebook Setup

"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2

"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support

"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar

"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.0

"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2

"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager

"{BB311F54-39D6-4A03-8E18-053D1B2833D7}" = HotKey Utility

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH

"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform

"{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support

"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial

"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL

"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint

"{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone

"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio

"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player

"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2

"All ATI Software" = ATI - Software Uninstall Utility

"ATI Display Driver" = ATI Display Driver

"Blubster" = Blubster 3.1.1

"Browser Defender_is1" = Browser Defender 3.0

"Bushnell Yardage Pro Sync" = Bushnell Yardage Pro Sync Application v 3.0

"CCleaner" = CCleaner

"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D" = SoftV92 Data Fax Modem

"Corel WordPerfect Suite 8" = Corel WordPerfect Suite 8

"Defraggler" = Defraggler

"Hcontrol" = ATK0100 ACPI UTILITY

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration

"InstallShield_{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support

"InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone

"InterActual Player" = InterActual Player

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MouseSuite98" = Sony USB Mouse

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Netscape (7.02)" = Netscape (7.02)

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"OpenMG HotFix3.4-03-12-16-01" = OpenMG Limited Patch 3.4-03-12-16-01

"Photo Viewer_is1" = Photo Viewer s2.5

"PROSet" = Intel® PRO Network Adapters and Drivers

"SereneScene Marine Aquarium 2" = SereneScene Marine Aquarium 2

"Sony XBRITE Screen Saver" = Sony XBRITE Screen Saver

"Spyware Doctor" = Spyware Doctor with AntiVirus 8.0

"Veetle TV" = Veetle TV

"Viewpoint Manager" = Viewpoint Manager (Remove Only)

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Welcome to VAIO life" = Welcome to VAIO life

"Window Washer" = Window Washer

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\15f8178f.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\15f8178f.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\15d83f7.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\15d83f7.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\13c43a.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\13c43a.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\349c0.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\349c0.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\442750.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

Error - 11/17/2011 9:41:50 PM | Computer Name = NOICEPUTER | Source = MsiInstaller | ID = 1008

Description = The installation of C:\WINDOWS\Installer\442750.msi is not permitted

due to an error in software restriction policy processing. The object cannot be

trusted.

[ Spybot - Search and Destroy Events ]

Error - 11/17/2011 8:05:20 PM | Computer Name = NOICEPUTER | Source = SDCleaner | ID = 100

Description = LoadCleaningInstructions

Error - 11/17/2011 8:12:53 PM | Computer Name = NOICEPUTER | Source = SDCleaner | ID = 100

Description = LoadCleaningInstructions

Error - 11/17/2011 8:13:14 PM | Computer Name = NOICEPUTER | Source = SDCleaner | ID = 100

Description = LoadCleaningInstructions

[ System Events ]

Error - 11/17/2011 11:10:34 PM | Computer Name = NOICEPUTER | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

DMICall Fips intelppm TfFsMon TFSysMon

Error - 11/17/2011 11:19:54 PM | Computer Name = NOICEPUTER | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/17/2011 11:24:14 PM | Computer Name = NOICEPUTER | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/17/2011 11:25:16 PM | Computer Name = NOICEPUTER | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

DMICall Fips intelppm TfFsMon TFSysMon

Error - 11/18/2011 12:17:06 AM | Computer Name = NOICEPUTER | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/18/2011 8:23:46 PM | Computer Name = NOICEPUTER | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/18/2011 8:24:25 PM | Computer Name = NOICEPUTER | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

DMICall Fips intelppm TfFsMon TFSysMon

Error - 11/18/2011 11:46:53 PM | Computer Name = NOICEPUTER | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/19/2011 12:00:10 PM | Computer Name = NOICEPUTER | Source = DCOM | ID = 10005

Description = DCOM got error "%1084" attempting to start the service EventSystem

with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/19/2011 12:01:14 PM | Computer Name = NOICEPUTER | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

DMICall Fips intelppm TfFsMon TFSysMon

< End of report >

Link to post
Share on other sites

Thank you!

Step 1

I also see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: -http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.


  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

Step 2

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:OTL
MOD - C:\WINDOWS\system32\ntusbw32.dll ()
O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - No CLSID value found.
O20 - Winlogon\Notify\intelsusb: DllName - (ntusbw32.dll) - C:\WINDOWS\System32\ntusbw32.dll ()
O20 - Winlogon\Notify\ntusbw32: DllName - (ntusbw32.dll) - C:\WINDOWS\System32\ntusbw32.dll ()
[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\yEEED7ilEViWCuA
[2011/11/15 21:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\GAAX5yhm4tnLrI2
[2011/11/14 21:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\EIKK2edUJw
[2011/11/14 21:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\KttggOL3rbKevJs
[2011/11/14 19:44:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\w8lF8lD7kS6j5Pg
[2011/11/14 19:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\epRBoEViWCAh4Of
[2011/11/14 18:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\N2edvJ1sY0aTqT9
[2011/11/14 18:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\NqxqxG9F8lDiSuA
[2011/11/13 21:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\B7C2A
[2011/11/13 21:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\B4EB7
[2011/11/13 21:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011/11/13 21:06:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Start Menu\Programs\AV Security 2012
[2011/11/13 21:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\kDV7iWS6jA5jXhZ
[2011/11/13 21:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\tOL3rbI2dU1sH
[2011/11/13 21:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\g9pzRB8lViWCjXh
[2011/11/13 21:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Office Depot\Application Data\n7ikWC6jA
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2011/11/16 11:14:58 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\ntusbw32.dll
@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC4C6FB4

:Commands
[resethosts]
[purity]
[emptytemp]
[clearallrestorepoints]
[createrestorepoint]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log".
  • Please post that log in your next reply.

Link to post
Share on other sites

Viewpoint manager has been removed. Here is the OTL log

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\intelsusb\ deleted successfully.

C:\WINDOWS\system32\ntusbw32.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ntusbw32\ deleted successfully.

File C:\WINDOWS\System32\ntusbw32.dll not found.

C:\Documents and Settings\Office Depot\Application Data\yEEED7ilEViWCuA folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\GAAX5yhm4tnLrI2 folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\EIKK2edUJw folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\KttggOL3rbKevJs folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\w8lF8lD7kS6j5Pg folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\epRBoEViWCAh4Of folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\N2edvJ1sY0aTqT9 folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\NqxqxG9F8lDiSuA folder moved successfully.

C:\Program Files\B7C2A folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\B4EB7 folder moved successfully.

C:\Program Files\LP\A95B folder moved successfully.

C:\Program Files\LP folder moved successfully.

C:\Documents and Settings\Office Depot\Start Menu\Programs\AV Security 2012 folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\kDV7iWS6jA5jXhZ folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\tOL3rbI2dU1sH folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\g9pzRB8lViWCjXh folder moved successfully.

C:\Documents and Settings\Office Depot\Application Data\n7ikWC6jA folder moved successfully.

C:\WINDOWS\System32\CONFIG.TMP deleted successfully.

C:\WINDOWS\System32\SET2A7.tmp deleted successfully.

C:\WINDOWS\System32\SET2B3.tmp deleted successfully.

C:\WINDOWS\System32\SET2BC.tmp deleted successfully.

C:\WINDOWS\System32\SET2BD.tmp deleted successfully.

C:\WINDOWS\System32\SET2BE.tmp deleted successfully.

C:\WINDOWS\System32\SET2C1.tmp deleted successfully.

C:\WINDOWS\System32\setb4.tmp deleted successfully.

C:\WINDOWS\002327_.tmp deleted successfully.

C:\WINDOWS\005505_.tmp deleted successfully.

C:\WINDOWS\system.tmp deleted successfully.

C:\WINDOWS\win.tmp deleted successfully.

File C:\WINDOWS\System32\ntusbw32.dll not found.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84 deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:AC4C6FB4 deleted successfully.

========== COMMANDS ==========

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

User: Guest

->Temp folder emptied: 36023615 bytes

->Temporary Internet Files folder emptied: 1327855 bytes

->Flash cache emptied: 300 bytes

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 71219 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 161402988 bytes

->Java cache emptied: 25383 bytes

->Flash cache emptied: 40445 bytes

User: Office Depot

->Temp folder emptied: 138120 bytes

->Temporary Internet Files folder emptied: 8703115 bytes

->Java cache emptied: 0 bytes

->Apple Safari cache emptied: 0 bytes

->Flash cache emptied: 1085 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 16598 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 143936834 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 140713 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 336.00 mb

Restore points cleared and new OTL Restore Point set!

Error starting restore point: System Restore is disabled.

Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.31.0 log created on 11222011_070046

Files\Folders moved on Reboot...

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\airwick_scentedoils_winter_glimmer_nolady_us_560x315_h264[1].mp4 not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajax-loader[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajaxredir[1].aspx not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[1].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[2] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[2].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[3] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[3].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[4] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[4].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[5].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[6].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[7].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ajs[8].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\alice[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\all_V10_spec_300_250[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\amazonShoveler-amazonShoveler-63445.js._V153915748_[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\amf[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\amgdgt[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\andes_c[1].html not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\anna_david6[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\application[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ap_global._V165754476_[1].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\arrhythmia-explained-thumb[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\arrows[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\arrow_icon[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\arrow_pink_left[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\asteroids150x110[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\as[1].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\avatar32[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\click[1].here not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\click[1].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\click[1].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\client_side_analytics_packaged[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\crossdomain[6].xml not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\crossdomain[7].xml not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\crossdomain[8].xml not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\crossdomain[9].xml not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\c[2].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\display[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\dmplayer-prod.swf[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\dot[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\dot[2].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\dppix[2].html not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\DR495LTO_3N3M_0111_300x250[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\draw[1].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\dreamstimefree_2899477[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\drupal[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\easyXDM.min[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ebBanner_2_4_18[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\Education_Training[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ep10_t[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ep7_t[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ErrorPageTemplate[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[10].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[11].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[1].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[2].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[3].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[4].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[5].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\event[6].flow not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\flowplayer.controls-3.2.5[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\footer-bg[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\Footer_Background2[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\Footer_NCchamber1[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\footnav[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\fp[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\galloway[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\getseal[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\get[1].media not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\get[2].media not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\glamadapt_jsrv[1].act not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\glamadapt_jsrv[2].act not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\glanky_com[1].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\globalsearch_bg[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\global[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\greeting-cards_com[1].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\Gwen-Schroeder-2011-New-York-City-Marathon_Featured-195x110[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\GXUKU3aq_cM[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\h2_paper[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\HARdata[1].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\herdailybg[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\high-blood-pressure-thumb[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\highscorevars[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\home[1].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\home_page;dcopt=ist;companion=yes;site=prod;movie=homepage;celeb=homepage;pos=top;sz=728x90,954x250,991x230;tile=1;ord=2403844253[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\hqdefault[2].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\idc-universal[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\imgad[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\imp[5] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\imp[6] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\imp[7] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\imp[8] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\indentbg[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\index[1].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\index[1].html not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\index_09[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\info_48[2] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\init[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\init[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ipadrev618[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ipadrev626[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\jquery-1.4.2.min[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\jquery.autocomplete[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\kd[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\kidney_logo_2_copy[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\kokkola24_163041546-472x340[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\layout[2].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\lb[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\leon-the-professional_large[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\likebox[1].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\listing-btn-bg-slim[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\loader-arrow-orange[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\logCATVDEH2.txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\login_status[1].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\login_status[2].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\logo-footer-spry[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\logo31[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\logocolor[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\logo[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\logo[2].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\log[11].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\log[1].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\log[1].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\log[3].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\nolink[1].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ojpIOo2l0wI;hl=en_US&fs=1[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\olsen-twins-oct-stylemint-t[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\page_not_found[1].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\PANTRY_AD_196x350s[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\partner[6].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\partner[7].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\pass_bgup[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\pause[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\PID_1776927_content[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ping[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\play-free-flash-game-drastic-plastic[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\player.js[1].vfa66baaa855c03b22 not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\PlayerSeed[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\plcr_1776904_0_1318472916603[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\powersellerusa_2180_5781341021[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\rc[1].pli not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\recette_encodesc20r01512K_[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\recette_encodesc25r04512K_[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\reddit[1].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\replay[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\restserver[2].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\results[1].txt not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\s;pos=microsoft_skin_wallpaper;sz=1x1;ord=1461687327[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\safe_image[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\script160[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\script277[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\scripts[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\scripts[2].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\scripts[3].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\script[1].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\sddefault[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\search-bar-bg[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\search-bg[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\searchbt[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\searchsubmit[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\sky-sprite[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\slide3[2].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\small_up[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\srad[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\star-white[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\start_auto_quote_btn[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\stats[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\style[5].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\style[6].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\style[8].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\st[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\telemetry_player_instream_as3[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\text_group[3].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\text_group[6].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\tf_FEV97[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\Thanksgiving_300x250[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\thickbox[1].css not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\thumbnail_3152611054559852294[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\thumbnail_32368[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\thumbnail_3862906311269628524[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\thumbnail_4460743671938899446[1].jpg not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\thumb[2].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\timthumb[1].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\timthumb[2].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\tos_elitetrader_technology_technology_toscc_trainset_marketoffer600_300x250[1].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\travelers_q2_chopper_dogthoughts_300x250[4].swf not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\trf[2].htm not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\TSI[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\ttj[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\twitter[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\twitter[2].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\twitter[3].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\two[1].php not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\t[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\t[3].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\via_1317118141[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\view[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\visit[1].js not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\vj[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\volumeHandle[1].png not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\_traveling_with_diabetes;contentid=a4087053;abr=!webtvs;camp=hc_diabetes;camp=health_center;pos=1;dcopt=ist;tile=3;sz=300x250,300x600;ord=869053392246495[1] not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\__utm[1].gif not found!

File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EYI3JHGK\__utm[2].gif not found!

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\WBELIOPG\index[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\WBELIOPG\LocalStorage[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\WBELIOPG\resourcespreload[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\WBELIOPG\xmlProxy[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\VWOTT0RW\default[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\VWOTT0RW\EditMessageLight[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\VWOTT0RW\Messenger[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\VWOTT0RW\WebIMPop[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\adloader[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\AjaxHistoryFrame[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\click[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\InboxLight[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\RteFrame_16.0.1877.0920[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\tt[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\C6PS10JQ\xmlProxy[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\1ACA77G4\01[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\Content.IE5\1ACA77G4\resourcespreload[1].htm moved successfully.

C:\Documents and Settings\Office Depot\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

Link to post
Share on other sites

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

  1. Please run a free online scan with the ESET Online Scanner
    Note: You will need to use Internet Explorer for this scan
  2. Tick the box next to YES, I accept the Terms of Use
  3. Click Start
  4. When asked, allow the ActiveX control to install
  5. Click Start
  6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  7. Click Scan (This scan can take several hours, so please be patient)
  8. Once the scan is completed, you may close the window
  9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  10. Copy and paste that log as a reply to this topic

In your next reply, please post the following log files:

  • Malwarebytes' Anti-Malware log
  • ESET Online Scanner log

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8221

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/22/2011 6:36:00 PM

mbam-log-2011-11-22 (18-36-00).txt

Scan type: Quick scan

Objects scanned: 189449

Time elapsed: 10 minute(s), 39 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=c62a002ab349e044ab1bb786f894a4f8

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-23 01:09:38

# local_time=2011-11-22 08:09:38 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=1024 16777175 100 0 14993264 14993264 0 0

# compatibility_mode=2560 16777215 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=73100

# found=5

# cleaned=3

# scan_time=4643

C:\WINDOWS\system32\drivers\ipsec.sys a variant of Win32/Rootkit.Kryptik.FE trojan (unable to clean) 00000000000000000000000000000000 I

C:\_OTL\MovedFiles\11222011_070046\C_Documents and Settings\Office Depot\Application Data\B4EB7\D9EA9.exe a variant of Win32/Kryptik.VQC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\_OTL\MovedFiles\11222011_070046\C_Program Files\B7C2A\lvvm.exe a variant of Win32/Kryptik.VQC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\_OTL\MovedFiles\11222011_070046\C_Program Files\LP\A95B\6.exe a variant of Win32/Kryptik.VQC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

${Memory} multiple threats 00000000000000000000000000000000 I

Link to post
Share on other sites

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

17:49:57.0177 3784 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55

17:49:59.0000 3784 ============================================================

17:49:59.0000 3784 Current date / time: 2011/11/23 17:49:59.0000

17:49:59.0000 3784 SystemInfo:

17:49:59.0000 3784

17:49:59.0000 3784 OS Version: 5.1.2600 ServicePack: 3.0

17:49:59.0000 3784 Product type: Workstation

17:49:59.0010 3784 ComputerName: NOICEPUTER

17:49:59.0010 3784 UserName: Office Depot

17:49:59.0010 3784 Windows directory: C:\WINDOWS

17:49:59.0010 3784 System windows directory: C:\WINDOWS

17:49:59.0010 3784 Processor architecture: Intel x86

17:49:59.0010 3784 Number of processors: 1

17:49:59.0010 3784 Page size: 0x1000

17:49:59.0010 3784 Boot type: Normal boot

17:49:59.0010 3784 ============================================================

17:50:03.0076 3784 Initialize success

17:50:35.0483 4060 ============================================================

17:50:35.0483 4060 Scan started

17:50:35.0483 4060 Mode: Manual; SigCheck; TDLFS;

17:50:35.0483 4060 ============================================================

17:50:40.0910 4060 Abiosdsk - ok

17:50:40.0930 4060 abp480n5 - ok

17:50:40.0990 4060 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:50:43.0764 4060 ACPI - ok

17:50:43.0885 4060 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

17:50:44.0085 4060 ACPIEC - ok

17:50:44.0105 4060 adpu160m - ok

17:50:44.0185 4060 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

17:50:44.0355 4060 aec - ok

17:50:44.0405 4060 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

17:50:44.0485 4060 AFD - ok

17:50:44.0616 4060 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

17:50:44.0776 4060 agp440 - ok

17:50:44.0796 4060 Aha154x - ok

17:50:44.0816 4060 aic78u2 - ok

17:50:44.0836 4060 aic78xx - ok

17:50:44.0916 4060 ALCXSENS (8e716f8ebef9631d995067174204c716) C:\WINDOWS\system32\drivers\ALCXSENS.SYS

17:50:45.0006 4060 ALCXSENS - ok

17:50:45.0066 4060 ALCXWDM (ec050353aa96dbedf3100128b903398a) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

17:50:45.0156 4060 ALCXWDM - ok

17:50:45.0457 4060 AliIde - ok

17:50:45.0477 4060 amsint - ok

17:50:45.0537 4060 ApfiltrService (d3da11b88ab29076b78ff79f35f0586b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys

17:50:45.0577 4060 ApfiltrService - ok

17:50:45.0657 4060 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

17:50:45.0817 4060 Arp1394 - ok

17:50:45.0938 4060 asc - ok

17:50:45.0988 4060 asc3350p - ok

17:50:46.0008 4060 asc3550 - ok

17:50:46.0058 4060 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:50:46.0198 4060 AsyncMac - ok

17:50:46.0268 4060 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

17:50:46.0428 4060 atapi - ok

17:50:46.0448 4060 Atdisk - ok

17:50:46.0538 4060 ati2mtag (604cbaf6f8aa2fd1f928dceb8acf7111) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

17:50:46.0629 4060 ati2mtag - ok

17:50:46.0689 4060 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:50:46.0839 4060 Atmarpc - ok

17:50:46.0939 4060 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

17:50:47.0099 4060 audstub - ok

17:50:47.0219 4060 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

17:50:47.0370 4060 Beep - ok

17:50:47.0460 4060 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

17:50:47.0630 4060 cbidf2k - ok

17:50:47.0700 4060 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

17:50:47.0830 4060 CCDECODE - ok

17:50:47.0880 4060 cd20xrnt - ok

17:50:47.0920 4060 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

17:50:48.0061 4060 Cdaudio - ok

17:50:48.0121 4060 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

17:50:48.0291 4060 Cdfs - ok

17:50:48.0351 4060 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:50:48.0511 4060 Cdrom - ok

17:50:48.0531 4060 Changer - ok

17:50:48.0621 4060 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

17:50:48.0762 4060 CmBatt - ok

17:50:48.0892 4060 CmdIde - ok

17:50:48.0912 4060 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

17:50:49.0052 4060 Compbatt - ok

17:50:49.0092 4060 Cpqarray - ok

17:50:49.0122 4060 dac2w2k - ok

17:50:49.0142 4060 dac960nt - ok

17:50:49.0212 4060 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

17:50:49.0342 4060 Disk - ok

17:50:49.0433 4060 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

17:50:49.0643 4060 dmboot - ok

17:50:49.0703 4060 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys

17:50:49.0853 4060 DMICall - ok

17:50:49.0903 4060 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

17:50:50.0043 4060 dmio - ok

17:50:50.0104 4060 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

17:50:50.0254 4060 dmload - ok

17:50:50.0314 4060 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

17:50:50.0464 4060 DMusic - ok

17:50:50.0484 4060 dpti2o - ok

17:50:50.0554 4060 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

17:50:50.0684 4060 drmkaud - ok

17:50:50.0744 4060 E100B (afee15c5b16317ebf17f79cc1843465a) C:\WINDOWS\system32\DRIVERS\e100b325.sys

17:50:50.0785 4060 E100B - ok

17:50:50.0865 4060 enql - ok

17:50:50.0925 4060 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

17:50:51.0075 4060 Fastfat - ok

17:50:51.0145 4060 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

17:50:51.0325 4060 Fdc - ok

17:50:51.0365 4060 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

17:50:51.0496 4060 Fips - ok

17:50:51.0536 4060 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

17:50:51.0666 4060 Flpydisk - ok

17:50:51.0706 4060 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

17:50:51.0856 4060 FltMgr - ok

17:50:51.0926 4060 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:50:52.0066 4060 Fs_Rec - ok

17:50:52.0116 4060 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:50:52.0247 4060 Ftdisk - ok

17:50:52.0317 4060 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

17:50:52.0337 4060 GEARAspiWDM - ok

17:50:52.0387 4060 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:50:52.0537 4060 Gpc - ok

17:50:52.0577 4060 gv3 (01cdb5b4649fae249e787a83be22916a) C:\WINDOWS\system32\DRIVERS\gv3.sys

17:50:52.0607 4060 gv3 - ok

17:50:52.0727 4060 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:50:52.0878 4060 HidUsb - ok

17:50:52.0948 4060 hpn - ok

17:50:53.0018 4060 HSFHWICH (68329f53ebfd34abf268c42d98c830f3) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

17:50:53.0048 4060 HSFHWICH - ok

17:50:53.0198 4060 HSF_DP (7bbc0d5900a1fc9f69fa0950a149a1c6) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

17:50:53.0288 4060 HSF_DP - ok

17:50:53.0378 4060 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

17:50:53.0468 4060 HTTP - ok

17:50:53.0498 4060 i2omgmt - ok

17:50:53.0518 4060 i2omp - ok

17:50:53.0569 4060 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:50:53.0699 4060 i8042prt - ok

17:50:53.0799 4060 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

17:50:53.0949 4060 Imapi - ok

17:50:53.0969 4060 ini910u - ok

17:50:54.0019 4060 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

17:50:54.0159 4060 IntelIde - ok

17:50:54.0249 4060 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

17:50:54.0380 4060 intelppm - ok

17:50:54.0450 4060 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

17:50:54.0600 4060 ip6fw - ok

17:50:54.0640 4060 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:50:54.0800 4060 IpFilterDriver - ok

17:50:54.0890 4060 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:50:55.0011 4060 IpInIp - ok

17:50:55.0061 4060 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:50:55.0191 4060 IpNat - ok

17:50:55.0291 4060 IPSec (a987265d69bd51ef49e5b1c45c237f74) C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:50:55.0291 4060 IPSec ( Rootkit.Win32.ZAccess.k ) - infected

17:50:55.0291 4060 IPSec - detected Rootkit.Win32.ZAccess.k (0)

17:50:55.0331 4060 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

17:50:55.0491 4060 IRENUM - ok

17:50:55.0601 4060 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:50:55.0722 4060 isapnp - ok

17:50:55.0752 4060 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:50:55.0892 4060 Kbdclass - ok

17:50:55.0972 4060 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

17:50:56.0102 4060 kbdhid - ok

17:50:56.0132 4060 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

17:50:56.0262 4060 kmixer - ok

17:50:56.0322 4060 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

17:50:56.0423 4060 KSecDD - ok

17:50:56.0453 4060 lbrtfdc - ok

17:50:56.0543 4060 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys

17:51:06.0767 4060 LHidFilt - ok

17:51:06.0908 4060 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys

17:51:06.0908 4060 LMouFilt - ok

17:51:06.0978 4060 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

17:51:06.0998 4060 mdmxsdk - ok

17:51:07.0068 4060 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

17:51:07.0218 4060 mnmdd - ok

17:51:07.0268 4060 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

17:51:07.0398 4060 Modem - ok

17:51:07.0458 4060 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:51:07.0599 4060 Mouclass - ok

17:51:07.0639 4060 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

17:51:07.0779 4060 mouhid - ok

17:51:07.0899 4060 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

17:51:08.0019 4060 MountMgr - ok

17:51:08.0039 4060 mraid35x - ok

17:51:08.0079 4060 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:51:08.0220 4060 MRxDAV - ok

17:51:08.0300 4060 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:51:08.0390 4060 MRxSmb - ok

17:51:08.0450 4060 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

17:51:08.0620 4060 Msfs - ok

17:51:08.0640 4060 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:51:08.0780 4060 MSKSSRV - ok

17:51:08.0861 4060 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:51:09.0001 4060 MSPCLOCK - ok

17:51:09.0101 4060 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

17:51:09.0241 4060 MSPQM - ok

17:51:09.0281 4060 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:51:09.0421 4060 mssmbios - ok

17:51:09.0461 4060 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

17:51:09.0582 4060 MSTEE - ok

17:51:09.0642 4060 MTsensor (f4271a6c98692794010068602fa1d5e6) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys

17:51:09.0682 4060 MTsensor - ok

17:51:09.0742 4060 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

17:51:09.0792 4060 Mup - ok

17:51:09.0872 4060 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

17:51:10.0032 4060 NABTSFEC - ok

17:51:10.0082 4060 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

17:51:10.0232 4060 NDIS - ok

17:51:10.0323 4060 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

17:51:10.0443 4060 NdisIP - ok

17:51:10.0493 4060 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:51:10.0563 4060 NdisTapi - ok

17:51:10.0593 4060 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:51:10.0733 4060 Ndisuio - ok

17:51:10.0823 4060 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:51:10.0954 4060 NdisWan - ok

17:51:11.0034 4060 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

17:51:11.0094 4060 NDProxy - ok

17:51:11.0134 4060 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

17:51:11.0274 4060 NetBIOS - ok

17:51:11.0314 4060 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

17:51:11.0444 4060 NetBT - ok

17:51:11.0634 4060 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

17:51:11.0765 4060 NIC1394 - ok

17:51:11.0835 4060 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

17:51:11.0955 4060 Npfs - ok

17:51:12.0055 4060 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

17:51:12.0215 4060 Ntfs - ok

17:51:12.0275 4060 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

17:51:12.0426 4060 Null - ok

17:51:12.0476 4060 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:51:12.0636 4060 NwlnkFlt - ok

17:51:12.0796 4060 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:51:12.0936 4060 NwlnkFwd - ok

17:51:13.0026 4060 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

17:51:13.0167 4060 ohci1394 - ok

17:51:13.0247 4060 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

17:51:13.0437 4060 Parport - ok

17:51:13.0477 4060 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

17:51:13.0627 4060 PartMgr - ok

17:51:13.0697 4060 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

17:51:13.0828 4060 ParVdm - ok

17:51:13.0868 4060 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

17:51:14.0008 4060 PCI - ok

17:51:14.0068 4060 PCIDump - ok

17:51:14.0138 4060 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

17:51:14.0268 4060 PCIIde - ok

17:51:14.0318 4060 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

17:51:14.0449 4060 Pcmcia - ok

17:51:14.0479 4060 PDCOMP - ok

17:51:14.0499 4060 PDFRAME - ok

17:51:14.0519 4060 PDRELI - ok

17:51:14.0539 4060 PDRFRAME - ok

17:51:14.0559 4060 perc2 - ok

17:51:14.0579 4060 perc2hib - ok

17:51:14.0639 4060 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:51:14.0779 4060 PptpMiniport - ok

17:51:14.0809 4060 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

17:51:14.0959 4060 PSched - ok

17:51:15.0029 4060 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:51:15.0160 4060 Ptilink - ok

17:51:15.0410 4060 PxHelp20 (25639ba81c01a3e0508901829479954f) C:\WINDOWS\system32\Drivers\PxHelp20.sys

17:51:15.0460 4060 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

17:51:15.0460 4060 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

17:51:15.0490 4060 ql1080 - ok

17:51:15.0510 4060 Ql10wnt - ok

17:51:15.0530 4060 ql12160 - ok

17:51:15.0550 4060 ql1240 - ok

17:51:15.0570 4060 ql1280 - ok

17:51:15.0590 4060 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:51:15.0740 4060 RasAcd - ok

17:51:15.0810 4060 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:51:15.0931 4060 Rasl2tp - ok

17:51:15.0981 4060 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:51:16.0131 4060 RasPppoe - ok

17:51:16.0241 4060 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

17:51:16.0401 4060 Raspti - ok

17:51:16.0461 4060 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:51:16.0632 4060 Rdbss - ok

17:51:16.0692 4060 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:51:16.0832 4060 RDPCDD - ok

17:51:16.0902 4060 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

17:51:16.0962 4060 RDPWD - ok

17:51:17.0042 4060 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

17:51:17.0172 4060 redbook - ok

17:51:17.0463 4060 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:51:17.0603 4060 Secdrv - ok

17:51:17.0683 4060 Ser2pl (2ec41a96d0dc98bd119bf325e0b9f392) C:\WINDOWS\system32\DRIVERS\ser2pl.sys

17:51:17.0703 4060 Ser2pl - ok

17:51:17.0743 4060 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

17:51:17.0873 4060 Serenum - ok

17:51:17.0944 4060 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

17:51:18.0094 4060 Serial - ok

17:51:18.0154 4060 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

17:51:18.0284 4060 Sfloppy - ok

17:51:18.0354 4060 Simbad - ok

17:51:18.0394 4060 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

17:51:18.0544 4060 SLIP - ok

17:51:18.0605 4060 SNC (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys

17:51:18.0635 4060 SNC - ok

17:51:18.0685 4060 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

17:51:18.0835 4060 SONYPVU1 - ok

17:51:18.0945 4060 SONYTVC (8b6c5c12e71691b454b9b561b18675eb) C:\WINDOWS\system32\DRIVERS\SONYTVC.sys

17:51:18.0985 4060 SONYTVC - ok

17:51:19.0035 4060 Sparrow - ok

17:51:19.0075 4060 SPI (bfd0e6f53957af8156084c436b825f70) C:\WINDOWS\system32\DRIVERS\SonyPI.sys

17:51:19.0205 4060 SPI - ok

17:51:19.0265 4060 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

17:51:19.0406 4060 splitter - ok

17:51:19.0526 4060 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

17:51:19.0656 4060 sr - ok

17:51:19.0736 4060 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

17:51:19.0816 4060 Srv - ok

17:51:19.0926 4060 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

17:51:20.0067 4060 streamip - ok

17:51:20.0097 4060 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

17:51:20.0237 4060 swenum - ok

17:51:20.0587 4060 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

17:51:20.0738 4060 swmidi - ok

17:51:20.0768 4060 symc810 - ok

17:51:20.0788 4060 symc8xx - ok

17:51:20.0908 4060 SymEvent (c9b8f325b2a22cda1bda7b25181b1389) C:\Program Files\Symantec\SYMEVENT.SYS

17:51:20.0918 4060 SymEvent - ok

17:51:20.0938 4060 sym_hi - ok

17:51:21.0048 4060 sym_u3 - ok

17:51:21.0078 4060 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

17:51:21.0208 4060 sysaudio - ok

17:51:21.0348 4060 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:51:21.0469 4060 Tcpip - ok

17:51:21.0529 4060 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

17:51:21.0669 4060 TDPIPE - ok

17:51:21.0709 4060 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

17:51:21.0849 4060 TDTCP - ok

17:51:21.0949 4060 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

17:51:22.0100 4060 TermDD - ok

17:51:22.0120 4060 TfFsMon - ok

17:51:22.0140 4060 TfNetMon - ok

17:51:22.0160 4060 TFSysMon - ok

17:51:22.0230 4060 tifmsony (968fa2a57462fad77655388cd6c7f9b9) C:\WINDOWS\system32\drivers\tifmsony.sys

17:51:22.0270 4060 tifmsony - ok

17:51:22.0290 4060 TosIde - ok

17:51:22.0340 4060 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

17:51:22.0470 4060 Udfs - ok

17:51:22.0490 4060 ultra - ok

17:51:22.0530 4060 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

17:51:22.0720 4060 Update - ok

17:51:22.0791 4060 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys

17:51:22.0841 4060 USBAAPL - ok

17:51:22.0961 4060 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:51:23.0101 4060 usbccgp - ok

17:51:23.0141 4060 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:51:23.0281 4060 usbehci - ok

17:51:23.0301 4060 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:51:23.0421 4060 usbhub - ok

17:51:23.0472 4060 USBIO (f90d8f845095fcd6924e3d751c04e442) C:\WINDOWS\system32\Drivers\usbio.sys

17:51:23.0502 4060 USBIO ( UnsignedFile.Multi.Generic ) - warning

17:51:23.0502 4060 USBIO - detected UnsignedFile.Multi.Generic (1)

17:51:23.0552 4060 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

17:51:23.0692 4060 usbohci - ok

17:51:23.0722 4060 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

17:51:23.0872 4060 usbprint - ok

17:51:23.0912 4060 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:51:24.0042 4060 usbscan - ok

17:51:24.0142 4060 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:51:24.0283 4060 usbstor - ok

17:51:24.0323 4060 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

17:51:24.0443 4060 usbuhci - ok

17:51:24.0573 4060 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

17:51:24.0713 4060 VgaSave - ok

17:51:24.0733 4060 ViaIde - ok

17:51:24.0783 4060 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

17:51:24.0914 4060 VolSnap - ok

17:51:25.0064 4060 w22n51 (b6cb2cce557ce57c72c3d31e701e6e39) C:\WINDOWS\system32\DRIVERS\w22n51.sys

17:51:25.0334 4060 w22n51 - ok

17:51:25.0725 4060 w29n51 (960ce9b896750cc02fe5f1103cc23460) C:\WINDOWS\system32\DRIVERS\w29n51.sys

17:51:25.0945 4060 w29n51 - ok

17:51:26.0075 4060 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:51:26.0215 4060 Wanarp - ok

17:51:26.0326 4060 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

17:51:26.0366 4060 Wdf01000 - ok

17:51:26.0406 4060 WDICA - ok

17:51:26.0456 4060 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

17:51:26.0596 4060 wdmaud - ok

17:51:26.0666 4060 winachsf (e010c2588ed1c0ad0e8188ec0f46ced6) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

17:51:26.0726 4060 winachsf - ok

17:51:26.0926 4060 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

17:51:27.0007 4060 WpdUsb - ok

17:51:27.0047 4060 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

17:51:27.0197 4060 WS2IFSL - ok

17:51:27.0287 4060 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

17:51:27.0407 4060 WSTCODEC - ok

17:51:27.0487 4060 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

17:51:27.0557 4060 WudfPf - ok

17:51:27.0698 4060 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

17:51:27.0728 4060 WudfRd - ok

17:51:27.0798 4060 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

17:51:28.0168 4060 \Device\Harddisk0\DR0 - ok

17:51:28.0168 4060 Boot (0x1200) (5092283bcc3fd99b7252837a12442987) \Device\Harddisk0\DR0\Partition0

17:51:28.0168 4060 \Device\Harddisk0\DR0\Partition0 - ok

17:51:28.0208 4060 Boot (0x1200) (86872cb5d1288bee835bd2e952039882) \Device\Harddisk0\DR0\Partition1

17:51:28.0218 4060 \Device\Harddisk0\DR0\Partition1 - ok

17:51:28.0228 4060 ============================================================

17:51:28.0228 4060 Scan finished

17:51:28.0228 4060 ============================================================

17:51:28.0339 3664 Detected object count: 3

17:51:28.0339 3664 Actual detected object count: 3

17:53:38.0696 3664 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\ipsec.sys) error 1813

17:53:51.0845 3664 Backup copy found, using it..

17:53:52.0085 3664 C:\WINDOWS\system32\DRIVERS\ipsec.sys - will be cured on reboot

17:54:22.0599 3664 IPSec ( Rootkit.Win32.ZAccess.k ) - User select action: Cure

17:54:22.0609 3664 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

17:54:22.0609 3664 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:54:22.0609 3664 USBIO ( UnsignedFile.Multi.Generic ) - skipped by user

17:54:22.0609 3664 USBIO ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:54:34.0757 1292 Deinitialize success

Link to post
Share on other sites

I have good news for you => You're system is clean! :)

Here are some tips to prevent future malware problems:

You need to ensure that you have the latest versions of: Adobe Reader and Java. Before you download and install the latest versions is important to uninstall them, so for this purpose: Click Start => Control Panel => Add or Remove Programs highlight them and click on Remove button. Next, click on each of the programs to download it:

Slowly and carefully install applications and then restart your computer.

Let the cleaning tools we use. First get rid of OTL:

  1. Double-click OTL.exe to start the program.
  2. Close all other programs apart from OTL as this step will require a reboot
  3. On the OTL main screen, press the CLEANUP button
  4. Say Yes to the prompt and then allow the program to reboot your computer.

At this stage, you don't need the online scanner, so:

To remove the ESET Online Scanner components from your computer, start the Add or Remove Programs applet from Control Panel, select the ESET Online Scanner entry and click Remove. A restart may be required to complete uninstallation.

Please manually delete TDSSKiller.

Some quick tips:

  1. Alternative browser - Due to the large market share of Internet Explorer, it is a top target of the writers of malware, so we recommend using an alternative browser. There are many better alternatives to Internet Explorer regarding security, features and speed such as:

[*]Program updates - Updating the software is really important for the productivity, but also for their security. Here is an application that will help in checking the new versions and updates for your programs. It is called FileHippo Update Checker and you can download it from here.

[*]Clear old system restore points - Once your system is infected as a result there will be infected restore points that need to be cleaned.

  1. Open Start => All Programs => Accessories => System tools => Disk Cleanup.
  2. In the Drop down box that appears select your main drive e.g. C:\
  3. Click OK.
  4. The System will do some calculation and display a dialogue box with TABS.
  5. Select the More Options tab.
  6. At the bottom will be a system restore box with a CLEANUP button. Click on it.
  7. Accept the Warning and select OK again, the program will close and you are done.

[*]Create a new system restore point - Now that everything is fine, it is necessary to create a new restore point to restore your system to an earlier stage in case you get a problem. Do the following:

  1. Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.
  2. In the System Restore dialog box, click Create a restore point, and then click Next.
  3. Type a description for your restore point, such as "After Cleanup", then click Create.

Safe surfing! ;)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.